Vulnerabilities

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches

Emerging Threats, Reports, Security Research, Threat Intelligence, Vulnerabilities /

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches 2024-10-22 at 17:18 By Trustwave SpiderLabs on October 29 will launch its second deeply researched look into the threats facing the retail sector. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Threat Actors Zero in on Retailers as the Holiday Shopping Season Approaches Read More »

Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy

penetration testing, Tips & Tricks, Vulnerabilities /

Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy 2024-10-21 at 21:48 By It’s Cybersecurity Awareness Month and you know what that means. We spend every spare hour waiting for The Great Pumpkin. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy Read More »

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails

email security, Emerging Threats, Vulnerabilities /

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails 2024-10-21 at 17:33 By Katrina Udquin Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack

React to this headline:

Loading spinner

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails Read More »

How Threat Actors Conduct Election Interference Operations: An Overview

Artificial Intelligence, Emerging Threats, Government, Security Research, Vulnerabilities /

How Threat Actors Conduct Election Interference Operations: An Overview 2024-10-18 at 21:46 By Pauline Bolaños The major headlines that arose from the three most recent US presidential election cycles illuminated the various fragilities of American election infrastructures and systems. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

How Threat Actors Conduct Election Interference Operations: An Overview Read More »

Ransomware Readiness: 10 Steps Every Organization Must Take

Database Protection, DFIR, penetration testing, Threat Intelligence, Tips & Tricks, Vulnerabilities /

Ransomware Readiness: 10 Steps Every Organization Must Take 2024-10-18 at 18:31 By At the end of every year, the Trustwave content team asks its in-house experts what cybersecurity topics they predict will be top of mind in the coming 12 months, and inevitably the top answer is more ransomware. This article is an excerpt from

React to this headline:

Loading spinner

Ransomware Readiness: 10 Steps Every Organization Must Take Read More »

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)

data breach, Database Protection, Emerging Threats, Security Research, Vulnerabilities /

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack) 2024-10-17 at 22:04 By Karl Biron Introduction In the perpetually evolving field of cybersecurity, new threats materialize daily. Attackers are on the prowl for weaknesses in infrastructure and software like a cat eyeing its helpless prey. This article is an excerpt from

React to this headline:

Loading spinner

Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack) Read More »

Combating Misinformation and Cyber Threats to Secure the 2024 US Election

Artificial Intelligence, email security, Emerging Threats, Government, Vulnerabilities /

Combating Misinformation and Cyber Threats to Secure the 2024 US Election 2024-10-15 at 16:01 By Karl Sigler As we near the 2024 election, safeguarding the integrity of our democratic process is of paramount importance. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Combating Misinformation and Cyber Threats to Secure the 2024 US Election Read More »

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign

email security, Emerging Threats, Government, Microsoft Security, Vulnerabilities /

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign 2024-10-09 at 16:02 By The need for an iron-clad email security solution is once again making headlines. This article is an excerpt from Trustwave Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Strengthening Email Security: DOJ Disrupts Russian Spear-Phishing Campaign Read More »

Analyzing Latrodectus: The New Face of Malware Loaders

Emerging Threats, Threat Intelligence, Vulnerabilities /

Analyzing Latrodectus: The New Face of Malware Loaders 2024-10-08 at 16:01 By This report is the latest in a series that will delve into the deep research theTrustwave SpiderLabs Threat Intelligence team conducts daily on the major threat actor groups currently operating globally.  This article is an excerpt from Trustwave Blog View Original Source React

React to this headline:

Loading spinner

Analyzing Latrodectus: The New Face of Malware Loaders Read More »

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader

Emerging Threats, Managed Security Services, Security Research, Threat Intelligence, Vulnerabilities /

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader 2024-10-08 at 16:01 By Cris Tomboc and King Orande Trustwave’s Threat Intelligence team has discovered a new malware dubbed Pronsis Loader, with its earliest known variant dating back to November 2023. This article is an excerpt from SpiderLabs Blog View Original Source React to this headline:

React to this headline:

Loading spinner

Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader Read More »

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks

Vulnerabilities /

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks 2024-10-02 at 15:46 By Eduard Kovacs Over 58,000 internet-exposed CUPS hosts can be abused for significant DDoS attacks, according to Akamai.  The post After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks appeared first on SecurityWeek. This article

React to this headline:

Loading spinner

After Code Execution, Researchers Show How CUPS Can Be Abused for DDoS Attacks Read More »

Critical Zimbra Vulnerability Exploited One Day After PoC Release

Email, email security, exploited, Vulnerabilities, Zimbra /

Critical Zimbra Vulnerability Exploited One Day After PoC Release 2024-10-02 at 13:31 By Ionut Arghire A critical-severity vulnerability in Zimbra has been exploited in the wild to deploy a web shell on vulnerable servers. The post Critical Zimbra Vulnerability Exploited One Day After PoC Release appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Critical Zimbra Vulnerability Exploited One Day After PoC Release Read More »

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities

CISA KEV, exploited, Vulnerabilities /

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities 2024-10-01 at 16:01 By Ionut Arghire CISA warns that years-old vulnerabilities in SAP Commerce, Gpac framework, and D-Link DIR-820 routers are exploited in the wild. The post Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities appeared first on SecurityWeek. This article is an excerpt from

React to this headline:

Loading spinner

Organizations Warned of Exploited SAP, Gpac and D-Link Vulnerabilities Read More »

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177

DFIR, Emerging Threats, Security Research, Threat Intelligence, Trustwave Rapid Response, Vulnerabilities /

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 2024-09-30 at 22:01 By On September 26, 2024, security researcher Simone Margaritelli disclosed the details of four OpenPrinting Common UNIX Printing System (CUPS) vulnerabilities, that, when chained together, can allow malicious actors to launch remote code execution (RCE) attacks on vulnerable systems. This article is

React to this headline:

Loading spinner

What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177 Read More »

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected

CUPS, Featured, Linux, Linux vulnerability, printer, Vulnerabilities /

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected 2024-09-27 at 13:31 By Eduard Kovacs A researcher has disclosed the details of an unpatched vulnerability that was expected to pose a serious threat to many Linux systems. The post Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than

React to this headline:

Loading spinner

Highly Anticipated Linux Flaw Allows Remote Code Execution, but Less Serious Than Expected Read More »

Cisco Patches High-Severity Vulnerabilities in IOS Software

Cisco, Vulnerabilities, vulnerability /

Cisco Patches High-Severity Vulnerabilities in IOS Software 2024-09-26 at 16:16 By Ionut Arghire Cisco has released patches for seven high-severity vulnerabilities affecting products running IOS and IOS XE software. The post Cisco Patches High-Severity Vulnerabilities in IOS Software appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed View Original Source React

React to this headline:

Loading spinner

Cisco Patches High-Severity Vulnerabilities in IOS Software Read More »

Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes

Pwn2Own, Vulnerabilities /

Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes 2024-09-25 at 14:17 By Ionut Arghire ZDI offers over $1 million in cash and prizes at the next Pwn2Own Automotive hacking contest, set for January 2025 in Tokyo. The post Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes appeared first on SecurityWeek. This

React to this headline:

Loading spinner

Second Pwn2Own Automotive Contest Offers Over $1 Million in Prizes Read More »

Third Recent Ivanti Vulnerability Exploited in the Wild

exploited, Ivanti, Vulnerabilities /

Third Recent Ivanti Vulnerability Exploited in the Wild 2024-09-25 at 14:17 By Eduard Kovacs CVE-2024-7593 is the third Ivanti product vulnerability patched in recent months that has been exploited in the wild. The post Third Recent Ivanti Vulnerability Exploited in the Wild appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Third Recent Ivanti Vulnerability Exploited in the Wild Read More »

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content

data breach, email security, Emerging Threats, Security Research, Threat Intelligence, Vulnerabilities /

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content 2024-09-24 at 16:01 By Mike Casayuran HTML smuggling techniques have been around for quite some time. A previous Trustwave SpiderLabs’ blog discussed its use in distributing malware by storing binaries in immutable blob data within JavaScript code that gets decoded on the client-side browser, eventually delivering

React to this headline:

Loading spinner

HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content Read More »

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products

ESET, security product vulnerability, Vulnerabilities /

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products 2024-09-23 at 17:02 By Ionut Arghire ESET has released patches for two local privilege escalation vulnerabilities in security products for Windows and macOS. The post ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS

React to this headline:

Loading spinner

ESET Patches Privilege Escalation Vulnerabilities in Windows, macOS Products Read More »

Scroll to Top