Exposed and Encrypted: Inside a Mallox Ransomware Attack
August 27, 2024 | Bernard Bautista
Recently, a client enlisted the support of Trustwave to investigate an ...
The Willy Wonka World of Application Security Defenses
August 26, 2024 | David Broggy
One doesn’t have to be a magician to understand how to track the hundreds, if ...
The Bug Stops Here: Using DevSecOps Workflows for Pest-Free Applications
August 19, 2024 | David Broggy
Developers and cybersecurity have an interesting relationship. Developers have ...
Unveiling "sedexp": A Stealthy Linux Malware Exploiting udev Rules
August 19, 2024 | Zachary Reichert
Stroz Friedberg identified a stealthy malware, dubbed “sedexp,” utilizing Linux ...
Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928
August 16, 2024 | Karl Biron
In early 2021, a new vulnerability, identified as CVE-2021-27928, was ...
Command Injection and Path Traversal in StoneFly Storage Concentrator
August 16, 2024 | David Glenn Baylon
CVE-2024-30213, CVE-2024-31947: Blind Operating System Command Injection and ...
Trustwave Rapid Response: Mitigate Windows TCP/IP RCE Vulnerability (CVE-2024-38063)
August 15, 2024 | Admin
Microsoft has disclosed a critical (CVSS 9.8) TCP/IP remote code execution ...
The Art of Deception: Turning the Tables on Attackers with Active Defenses
August 12, 2024 | David Broggy
Once an attacker enters your network, one of their first actions will be to try ...
Hijacked: How Cybercriminals Are Turning Anti-Virus Software Against You
August 06, 2024 | Fernando Dominguez
Executive Summary LevelBlue Labs has identified a new evolution in the toolset ...
Sentinels of Ex Machina: Defending AI Architectures
August 05, 2024 | David Broggy
The introduction, adoption, and quick evolution of generative AI has raised ...
SYS01 Infostealer and Rilide Malware Likely Developed by the Same Threat Actor
July 31, 2024 | Admin
Drawing on extensive proprietary research, Trustwave SpiderLabs believes the ...
Multiple Cross-Site Scripting (XSS) Vulnerabilities in REDCap (CVE-2024-37394, CVE-2024-37395, and CVE-2024-37396)
July 30, 2024 | Hamza Hussain
Trustwave SpiderLabs uncovered multiple stored cross-site scripting (XSS) ...
Knowing your Enemy: Situational Awareness in Cyber Defenses
July 29, 2024 | David Broggy
Most homeowners know that a lock is a good idea as a basic defense against ...
Adopt an AI Approach with Confidence, for CISOs and CIOs
July 29, 2024 | Scott Swanson
This article provides an AI adoption approach for technology leaders chartered ...
Cloudy with a Chance of Hackers: Protecting Critical Cloud Workloads
July 22, 2024 | David Broggy
If you've been following along with David's posts, you'll have noticed a ...
Trustwave Rapid Response: CrowdStrike Falcon Outage Update
July 19, 2024 | Admin
Trustwave is proactively assessing and monitoring our clients who may have been ...
Using AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys
July 16, 2024 | Sally Gebreananeya
When working with Amazon Web Services (AWS), we often find that various AWS ...
Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01
July 15, 2024 | Admin
The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how ...
Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01
July 15, 2024 | Admin
The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how ...
Tips for Optimizing Your Security Operations Framework
July 15, 2024 | David Broggy
Building an effective Security Operations framework that provides the right ...
Network Isolation for DynamoDB with VPC Endpoint
July 09, 2024 | Selam Gebreananeya
DynamoDB is a fully managed NoSQL database service offered by Amazon Web ...
The Underdog of Cybersecurity: Uncovering Hidden Value in Threat Intelligence
July 08, 2024 | David Broggy
Threat Intelligence, or just TI, is sometimes criticized for possibly being ...
Clockwork Blue: Automating Security Defenses with SOAR and AI
July 01, 2024 | David Broggy
It’s impractical to operate security operations alone, using manual human ...
Professional Services Sector Under Attack - Trustwave SpiderLabs Report 2024
June 26, 2024 | Admin
Recent research by Trustwave SpiderLabs, detailed in their newly published ...
Atlas Oil: The Consequences of a Ransomware Attack
June 25, 2024 | Arthur Erzberger
Overview Atlas Oil, a major player in the oil and fuel distribution industry, ...
Scanning the Matrix: SIEM Best Practices
June 24, 2024 | David Broggy
(A thought from The Matrix: Neo likely used a SIEM before he took the red pill ...
Fare Thee Well ModSecurity: End-of-Life and Last Commercial Rules Update for June 2024
June 20, 2024 | Admin
A Fourteen-Year Journey Comes to an End In June 2010, Trustwave acquired Breach ...
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations
June 19, 2024 | Fernando Dominguez
Executive Summary LevelBlue Labs recently discovered a new highly evasive ...