Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In an era where data breaches make headlines almost weekly and cybercrime costs businesses billions annually, states across the U.S. are taking decisive action to protect their residents’ sensitive information. From California’s groundbreaking privacy laws to New York’s rigorous cybersecurity requirements for financial institutions, state-level regulations are rapidly evolving to address the complex challenges of digital data protection.

The WAN landscape is evolving at a rapid pace, driven by demands of cloud, mobility, and globalization. MPLS (Multiprotocol Label Switching), a legacy transport technology, once the gold standard, now struggles to meet modern business requirements.

A newly discovered critical vulnerability, CVE-2024-53677, in Apache Struts enables remote code execution (RCE) and is actively exploited in the wild using a publicly available Proof-of-Concept (PoC). Apache Struts is an open-source framework for building Java-based web applications. It helps developers create scalable software solutions, that powers everything from e-commerce websites to financial systems and government platforms.

In this digital age, where cyber threats are always evolving, keeping private data safe has become important for both people and businesses. Encrypting passwords is an important part of data security because it keeps user information hidden from attackers who shouldn't have access to them. Advanced algorithms are used to encrypt passwords into unreadable form. This makes encryption a strong defense against breaches and identity theft.

Digital forensics, which is sometimes called the "science of the digital age," is very important for finding digital proof and solving cybercrimes. Because of how connected everything is these days and how almost everything leaves a digital trail, digital forensics gives us the methods and tools to find, collect, study, and keep data for future investigations.

We’re excited to share new updates and enhancements for December, including: For more information on these updates and others, please read the complete list below and follow the links for more detailed articles.

As always in cybersecurity, hardly a dull day went by in 2024. So much happened we thought it might be helpful to remind everyone what went down over the last 12 months. At least from a Trustwave SpiderLabs perspective. Here are the top SpiderLabs’ blogs, as voted by viewer readership analytics: Trustwave SpiderLabs would like to thank all its readers and we hope we informed, inspired and maybe made you laugh a few times in 2024. See you all next week in 2025.

From external collaboration and compliance to key financial info and intellectual property, here are five areas that need Zero Trust as a priority. In mid 2024, Gartner research found that 63% of global organizations had fully or partially-implemented a Zero Trust strategy, but these strategies only covered a small portion of the organization’s environment and that many enterprises were still “not sure what the top practices are for Zero Trust implementations.”

Keep your business data safe even when your employees misplace or lose their company-owned Android devices. Learn how to remotely wipe Android phones with miniOrange MDM solutions and stay one step ahead of data breaches and malicious users.

Microsoft 365 is now an important tool for businesses and organizations around the world. It has a full set of productivity and collaboration apps. However, with the increasing reliance on this platform, the need for robust security practices has also become more critical. Cyberthreats are constantly evolving, and it is imperative for organizations to stay updated with the latest security measures to protect their data and systems.