Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise
March 25, 2025 | Nikita Kazymirskyi and Karl Sigler
On March 20, a relatively unknown user on Breach Forums posted the allegation ...
Why Principle of Least Privilege Matters More Than Ever in a World of Backdoored Large Language Models (LLMs)
March 24, 2025 | Tom Neaves
The concept of “principle of least privilege” has been around for a long time. ...
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
March 20, 2025 | Karl Biron
In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your ...
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1
March 19, 2025 | Karl Biron
Picture this: an always-awake, never-tired, high-speed librarian that instantly ...
DNSForge – Relaying with Force
March 12, 2025 | Apurva Goenka
Introducing a new attack mode for greater flexibility and customization.
Resurgence of a Fake Captcha Malware Campaign
March 12, 2025 | Reegun Jayapaul
During an Advanced Continual Threat Hunt (ACTH) investigation in early February ...
The Russia-Ukraine Cyber War Part 4: Development in Group Attributions for Russian State Actors
March 07, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
This is the final installment of Trustwave SpiderLabs Russia-Ukraine digital ...
A Deep Dive into Strela Stealer and how it Targets European Countries
March 06, 2025 | Dawid Nesterowicz
Infostealers have dominated the malware landscape due to the ease of threat ...
The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure
March 05, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
This post is the third part of our blog series that tackles the Russia-Ukraine ...
Threat Intelligence News from LevelBlue SpiderLabs March 2025
March 01, 2025
March 2025
2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector
February 26, 2025
2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: ...
The Russia-Ukraine Cyber War Part 2: Attacks Against Government Entities, Defense Sector, and Human Targets
February 25, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we ...
We’re All in This Together: The Case for Purple Teaming
February 21, 2025 | Aidan Barrington
Why should you consider a purple team? What can you gain from it, and how do ...
The Russia-Ukraine Cyber War Part 1: Three Years of Cyber Warfare
February 20, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
As the third anniversary of the start of the Russia-Ukraine war approaches, ...
The Rise of Email Marketing Platforms for Business Email Compromise Attacks
February 18, 2025 | Maria Katrina Udquin
In a statistical report published in September 2024 by the Federal Bureau of ...
Parsing ESXi Logs for Incident Response with QELP
February 10, 2025 | Phalgun Kulkarni
Threat actors frequently target ESXi servers to disrupt business environments ...
Beyond the Chatbot: Meta Phishing with Fake Live Support
February 04, 2025 | Mike Casayuran and John Kevin Adriano
In a previous Trustwave SpiderLabs’ blog, we explored how cybercriminals ...
Threat Intelligence News from LevelBlue SpiderLabs February 2025
February 01, 2025
February 2025
Cracking the Giant: How ODAT Challenges Oracle, the King of Databases
January 27, 2025 | Karl Biron
In the past decade, Oracle Database (Oracle DB) has reigned supreme in the ...
Trustwave SpiderLabs 2025 Trustwave Risk Radar Report: Energy and Utilities Sector
January 22, 2025
The energy sector plays a crucial role in national security by ensuring the ...
The New Face of Ransomware: Key Players and Emerging Tactics of 2024
January 21, 2025 | Serhii Melnyk
As we step into 2025, the high-impact, financially motivated ransomware ...
CVE-2024-55591: Fortinet FortiOS/FortiProxy Zero Day
January 14, 2025
In late November and December 2024, Arctic Wolf observed evidence of a mass ...
The Database Slayer: Deep Dive and Simulation of the Xbash Malware
January 14, 2025 | Karl Biron
In the world of malware, common ransomware schemes aim to take the data within ...
The State of Magecart: A Persistent Threat to E-Commerce Security
January 09, 2025 | Rodel Mendrez
Trustwave SpiderLabs first blogged about Magecart back in 2019; fast forward ...
Threat Intelligence News from LevelBlue SpiderLabs January 2025
January 01, 2025
January 2025
Email Bombing: Why You Need to be Concerned
December 18, 2024 | Phil Hay
Over the last few months, the topic of email bombing has been brought to our ...
Parsing Jenkins Configuration Files for Forensics and Fun
December 12, 2024 | Julia Paluch
A new parsing tool for Jenkins® configuration files from Stroz Friedberg ...
When User Input Lines Are Blurred: Indirect Prompt Injection Attack Vulnerabilities in AI LLMs
December 10, 2024 | Tom Neaves
It was a cold and wet Thursday morning, sometime in early 2006. There I was ...