The typical life of a consultant working in the field of governance, risk and compliance is often not deeply technical, but we have to be aware of new technology and the risks it poses; this is very true when it comes to Cloud, and with the massive adoption of Cloud as the vast majority of organizations now use cloud services on some level.

Everyone loves buzz words, no? Red team is the newest (well... not that new) coolest thing on the streets of information security city and many cybersecurity pros want to jump right in and become involved in Red team activities at their company. However, there is more to being a Red team member than just signing up.

One of the lesser-known but extremely important roles the Trustwave Fusion portal, known as the Fusion Security Testing Suite (STS) plays is as a conduit for our clients when running a penetration testing program.

Leadership and teamwork personally and professionally have long been a passion of mine, while we all interpret and digest the concepts differently, I usually find the strongest parallels in team sports. Over the last couple of months there has been no shortage of sport available to watch – tennis, cricket tests, state of origin, rugby (mostly look forward to the seeing the Springboks play) and I guess AFL requires an obligatory mention.

From the outside, it might appear as if Trustwave MailMarshal is a stand-alone solution that on its own is able to effectively defend email systems from a wide variety of phishing, malware, and business email compromise (BEC) attacks. The truth is MailMarshal is backed not only by one of the best trained, most experienced cybersecurity research teams in the industry but also by a technology stack that has been decades in the making.

The Spanish philosopher George Santayana is credited with the aphorism “Those who cannot learn from history are doomed to repeat it.” This statement is particularly true when it comes to cybersecurity. Threat actors reuse well-known and previously patched vulnerabilities and attempt to take advantage of organizations making the same error over and over. So, if one does not know what has recently taken place it leaves you vulnerable to another attack.

There is an underlying constant when it comes to creating a strong defense—the more layers of defense in place, the better. Sure, having a single stout wall in place might be strong enough to deter some attackers, but it is simply not enough to counter a foe determined to gain entry. This holds true whether the defender is a castle, sports team, or an organization.

In the OT space it is increasingly common to see devices that are used to bridge the gap between the world of PLCs and IP based networks. These types of devices are commonly referred to as ‘smart-devices’. While smart-devices offer the convenience of remote management, this functionality also may create potential weaknesses exploitable by threat actors as well, and practical exploitation of such flaws is being witnessed in the wild.

If you're reading this blog, there's a good chance you're familiar with the topic of data breaches; they regularly make the headlines and cause a lot of extra work for IT, security and other staff in affected companies who battle to identify, contain and eradicate the attack. But while the news stories carry the attack's immediate impact, we're rarely aware of the long-term cost to the organization and its staff, both personal and financial.

Facebook Messenger is one of the most popular messaging platforms in the world, amassing 988 million monthly active users as of January 2022, according to Statista. One important feature of this platform is Messenger’s bot. Within the current digital landscape, chatbots are widely used by companies and individuals to connect with their customers online, and almost immediately pops up when chatting with brands or businesses.