One doesn’t have to be a magician to understand how to track the hundreds, if not thousands, of applications that are running on your network. To lighten the load and eliminate the need for having supernatural abilities, let’s go over some simple tasks a security defender can take to track, detect, and even block application threats.

The Trustwave SpiderLabs team regularly collects a trove of data while protecting clients from email-based attacks. HTML attachments, malicious QR codes, and business email compromise (BEC) are the favored attack methods. A recent snapshot of data from June 2024 from Trustwave MailMarshal shows that email-based threat actors still favor HTML attachments to deliver a variety of malware types.

The business mantra "employees are our number one asset" is true for many reasons. Including helping protect an organization from cyber threats. An organization can have the finest security technology stack available, employ offensive security measures such as penetration tests, and have a cybersecurity vendor on speed dial in case an incident occurs. However, if its workers are not cybersecurity conscious, all that effort and financial outlay will be wasted.

Trustwave was awarded a pair of honors from the industry analyst firm ISG, being named a Leader in the US for Managed Security Services – SOC (Midmarket) and as a Rising Star in the UK for Managed Security Services – SOC (Midmarket) in ISG’s 2024 Provider Lens Quadrant Reports for these regions. This is the second consecutive year Trustwave was named a Leader in MSS for the US (Midmarket).

Trustwave Government Solutions (TGS) has attained authorized status by the State Risk and Authorization Management Program (StateRAMP) for its Government Fusion platform. "State and local agencies rely heavily on their technology partners to strengthen their cybersecurity postures, and we're proud to be able to deliver a solution that meets or exceeds their elevated security requirements," said TGS President Bill Rucker.

Offensive security and active defense may appear at first glance as contradictory cybersecurity solutions, but when paired, they create complementary and robust protective solutions. Let's take a quick look at what each solution offers before we go into the details. Offensive security involves attempting to identify flaws in an organization before a threat actor has a chance to exploit them.

Developers and cybersecurity have an interesting relationship. Developers have no problem with security operations just as long as they’re not involved or adding security doesn’t slow down their development cycle. Thankfully, well-documented security operations — known as DevSecOps — assist with the software development lifecycle (SDLC) and perform mostly invisibly from the developer’s perspective.

In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It affects multiple versions of the open-source relational database management systems (RDMBS) MariaDB and Percona Server, and the wsrep (write set replication) plugin for MySQL. Fortunately, security professionals swiftly released a patch to ensure that affected systems could be updated to mitigate risks.

Patches are a way of life for any network administrator and are the most efficient method in place to ensure systems are running the most up-to-date and secure versions of their various software applications. For the most part, updates take place behind the scenes, with the average person only noticing a patch being installed when they are asked to reboot their machine to install the new version.

Hospitals face a challenging dilemma: delivering the highest quality of medical care while shielding patient and family data from ever-evolving cyber threats, all while ensuring that critical operations continue uninterrupted. At Trustwave, we understand the immense pressure hospitals are under and are dedicated to creating a safer digital environment where healthcare providers can thrive, and patients receive the uncompromised care they deserve.