Emerging Risks in Third-Party AI Solutions and How to Help Address Them
December 04, 2024 | Scott Swanson and Kris Kimmerle
As the cyber threat landscape changes due the introduction of new threat ...
Unveiling the Dark Side: Common Attacks and Vulnerabilities in Industrial Control Systems
December 04, 2024 | Zsolt Olah
Introduction to Industrial Cybersecurity. Industrial control systems are ...
Threat Intelligence News from LevelBlue SpiderLabs December 2024
December 01, 2024
December 2024
Rockstar 2FA Phishing-as-a-Service (PaaS): Noteworthy Email Campaigns
November 27, 2024 | Diana Solomon and John Kevin Adriano
Welcome to the second part of our investigation into the Rockstar kit, please ...
CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution
November 27, 2024 | Pauline Bolaños
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a ...
Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
November 26, 2024 | Diana Solomon and John Kevin Adriano
Trustwave SpiderLabs has been actively monitoring the rise of ...
Lessons from a Honeypot with US Citizens’ Data
November 13, 2024 | Radoslaw Zdonczyk and Nikita Kazymirskyi
Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team ...
The Mounted Guest EDR Bypass
November 11, 2024 | Colin Meek
The Mounted Guest EDR Bypass is a tactic used in cyber attacks to evade ...
Optimizing Your Cyber Resilience Strategy Through CISO and CRO Connectivity
November 11, 2024 | Jenifer White Visek
Combining forces between the Chief Information Security Officer and the Chief ...
Threat Intelligence News from LevelBlue SpiderLabs November 2024
November 01, 2024
November 2024
Ngioweb Remains Active 7 Years Later
November 01, 2024 | Fernando Martinez
Executive Summary Seven years after its first appearance, the proxy server ...
2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector
October 29, 2024
As the holiday shopping season approaches, the 2024 Trustwave Risk Radar ...
Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails
October 21, 2024 | Katrina Udquin
Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam ...
How Threat Actors Conduct Election Interference Operations: An Overview
October 18, 2024 | Pauline Bolaños
The major headlines that arose from the three most recent US presidential ...
Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)
October 17, 2024 | Karl Biron
Introduction In the perpetually evolving field of cybersecurity, new threats ...
Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader
October 08, 2024 | Cris Tomboc and King Orande
Trustwave's Threat Intelligence team has discovered a new malware dubbed ...
Threat Intelligence News from LevelBlue SpiderLabs October 2024
October 01, 2024
October 2024
What We Know So Far About Zero-Day CUPS Vulnerabilities: CVE-2024-47176, CVE-2024-47076, CVE-2024-47175, and CVE-2024-47177
September 30, 2024
On September 26, 2024, security researcher Simone Margaritellidisclosed the ...
Shedding Light on Election Deepfakes
September 25, 2024 | Pauline Bolaños
Contrary to popular belief, deepfakes — AI-crafted audio files, images, or ...
HTML Smuggling: How Blob URLs are Abused to Deliver Phishing Content
September 24, 2024 | Mike Casayuran
HTML smuggling techniques have been around for quite some time. A previous ...
Why Do Criminals Love Phishing-as-a-Service Platforms?
September 23, 2024 | Rodel Mendrez
Phishing-as-a-Service (PaaS) platforms have become the go-to tool for ...
Spam With A Political Twist: Fraudsters Are Exploiting The Election Season
September 17, 2024 | Katrina Udquin
The US election is less than 70 days away and threat actors are busy crafting ...
Bypassing EDR through Retrosigned Drivers and System Time Manipulation
September 13, 2024 | Zachary Reichert
The Retrosigned Driver EDR Bypass is a novel modification of a technique ...
Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media
September 13, 2024 | Jose Tozo
With the US election on the horizon, it’s a good time to explore the concept of ...
Trustwave SpiderLabs Research: 20% of Ransomware Attacks in Financial Services Target Banking Institutions
September 10, 2024
The 2024 Trustwave Risk Radar Report: Financial Services Sector underscores the ...
Exploring an Experimental Windows Kernel Rootkit in Rust
September 09, 2024
Around two years ago, memN0ps took the initiative to create one of the first ...
DNSForge – Responding with Force
September 09, 2024 | Apurva Goenka
Introducing DNSForge, a novel attacker tactic for responding to name resolution ...
Hypervisor Development in Rust for Security Researchers (Part 1)
September 06, 2024
In the ever-evolving field of information security, curiosity and continuous ...