Vulnerability scanning is a critical component of any robust Offensive Security strategy. When combined with penetration testing and Red Team exercises, they can serve as an early warning system to identify potential security weaknesses and provide an organization with the breathing room needed to implement changes before they are discovered and exploited.

ChatGPT impresses everyone with its writing capabilities; however, its proficiency in understanding and generating human-like text has inadvertently empowered threat actors to produce realistic and error-free phishing emails, which can be challenging to detect. The use of ChatGPT in cyberattacks poses a significant threat, particularly for attackers whose first language isn’t English. This tool helps them overcome language barriers, enabling the creation of more convincing phishing content.

One reason organizations have difficulty defending against cyber threats is their attack surfaces are constantly growing, creating more entry points for bad actors to target. And target they will, creating an onslaught of alerts that drive the need for managed detection and response (MDR) services and other measures to help thwart them. Numerous trends are driving the increase in attack surface, including the proliferation of Internet of Things (IoT) devices.

Organizations of all sizes need to be proactive in identifying and mitigating vulnerabilities in their networks. To help organizations better understand the value and process of a vulnerability scan, Trustwave’s Philip Pieterse, Managing Consultant for the Americas division of SpiderLabs and Dhervesh Singh, senior Security Consultant with SpiderLabs conducted a webinar exploring key offensive security testing methodologies: vulnerability scanning, penetration testing, and purple teaming.

Two positive steps were taken last month to limit the damage caused by phishing and Business Email Compromise (BEC) attacks when a joint action by UK and EU law enforcement agencies compromised the infrastructure of the phishing-as-a-service operation LabHost and a major BEC operator was convicted in US Federal Court. While law enforcement operations are integral to defeating cybercrime, disrupting one or two adversary groups does not minimize the threat.

Critical infrastructure facilities operated by the private and public sectors face a complex and continuously growing web of security threats that are compounded by the increasing convergence of information and operational technology (OT) in this area.

Searching for a quality-managed detection and response (MDR) service provider can be daunting, with dozens of vendors to choose from. However, in its 2023 Gartner Market Guide for Managed Detection and Response Services, Gartner confronts the challenge head-on.

This is Part 13 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. If you search recent cybersecurity news it's easy to find the threats that keep your CISO awake at night. While there are many, a short list is: However, it's quite a bit harder to find articles discussing defenses against these attacks, so let me help out by offering a select set of security best practices that, if properly deployed, should help your CISO sleep at night.

The US Director of National Intelligence (DNI) earlier this month gave a stark warning to the Senate Armed Services Committee detailing the cyberthreats arrayed against the US and the world from China, Russia, North Korea, and Iran.

It has always been clear, even before the Colonial Pipeline attack, that the energy sector is a prime target for not only criminal threat groups, but also nation-state actors. After all, halting fuel and energy supplies can quickly bring a region to a halt and thus require the highest level of cyber and physical security possible.

Trustwave SpiderLabs’ latest report, the 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies details the security issues facing public sector security teams as they try to strike a balance between supplying needed services and deploying the cybersecurity necessary to protect data placed in their charge. The need for the highest level of security has never been greater.

Trustwave SpiderLabs’ 2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies report details the security issues facing public sector security teams as they try to strike a balance between supplying needed services and deploying the cybersecurity necessary to protect data placed in their charge. The need for the highest level of security has never been greater.

This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts.

The Canadian, US, and UK governments issued a series of recommendations in their just-released security alert Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity, which mirror my own insights on the important topic. The alert notes that all three governments are aware of pro-Russia hacktivists targeting and compromising small-scale OT systems in North American and European Water and Wastewater Systems (WWS), Dams, Energy, and Food and Agriculture sectors.

Using open-source code exposes organizations to a tremendous amount of risk, yet this point is treated like a dirty little secret that nobody talks about. So, let’s live on the edge and take a minute to talk about the problem. Open-source code is an oddity. Generally, open-source code is often placed in small packets tucked inside massive programs that corporations use to run their most important processes or it is adopted as a whole program and tasked with running some part of a business.

Trustwave has been positioned in the Leaders Category in the IDC MarketScape for Worldwide Emerging Managed Detection and Response (MDR) Services 2024 Vendor Assessment (doc #US50101523 April 2024).

For the second consecutive year, Cyber Defense Magazine honored Trustwave with a 2024 Global InfoSec Award for Best Solution Managed Detection and Response (MDR) Service Provider.

This is Part 10 in my ongoing project to cover 30 cybersecurity topics in 30 weekly blog posts. The full series can be found here. Identity protection is one of the most important topics in cybersecurity. It is often complex in its configuration and operation. Over 80 percent of all security incidents result from poor identity access controls. Consider the following recommendations when developing a comprehensive Identity Management strategy.

An offensive security strategy is a sophisticated and dynamic approach that extends beyond mere testing. It's a comprehensive plan that aligns with an organization's core mission, transforming security from a passive shield to an active spearhead. After all, in any fight, a combatant can only block punches for so long before striking back.