Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Vendor risk scoring is a critical component within vendor risk management (VRM) or third-party risk management (TPRM) programs and an organization’s overall risk management strategy. Risk scoring is an integral tool in the risk assessment process, helping organizations identify, evaluate, and mitigate potential risks associated with third-party vendors or service providers.

Trustwave's just-released Microsoft Security-focused solutions are designed to bring clients greater security, resilience, and a higher return on their investment by helping optimize their Microsoft 365 enterprise plan. Let's drill down and see exactly how organizations will gain the most from the Microsoft 365 enterprise plan, (including E5 and G5) by partnering with Trustwave.

Firewall technology has mirrored the complexities in network security, evolving significantly over time. Originally serving as basic traffic regulators based on IP addresses, firewalls advanced to stateful inspection models, offering a more nuanced approach to network security. This evolution continued with the emergence of Next-Generation Firewalls (NGFWs), which brought even greater depth through data analysis and application-level inspection.

During a recent client investigation, Trustwave SpiderLabs found a malicious version of the Advanced IP Scanner installer, which contained a backdoored DLL module. Our client had been searching for the Advanced IP Scanner tool online and inadvertently downloaded the compromised installer from a typo-squatted domain that appeared in their search results. Figure 1. Search results for Advanced IP Scanner may direct users to a malicious domain.

Ever wonder how Nucleus got started? Curious to know what our CEO and co-founder Steve Carter is working on? You’re in luck. Steve joined host Chris Hughes on the Cyber Resilience podcast to talk about those topics and more. Additionally, Steve and Chris explored the process for earning FedRAMP authorization, some of the particular vulnerability management challenges government agencies are dealing with, and why risk-based vulnerability management resonates with the government community.

Continuous Threat Exposure Management (CTEM) serves as a strategic framework for evaluating an organization’s security posture. CTEM is specifically designed to identify and address vulnerabilities and other security gaps within an organization’s digital infrastructure. In essence, CTEM is a systematic approach to fortify cyber defenses and mitigate potential security risks effectively. Gartner, which created CTEM, sees it as a sort of Vulnerability Management 2.0.

Machine learning (ML) and AI tools raise concerns over mis- and disinformation. These technologies can ‘hallucinate’ or create text and images that seem convincing but may be completely detached from reality. This may cause people to unknowingly share misinformation about events that never occurred, fundamentally altering the landscape of online trust. Worse – these systems can be weaponised by cyber criminals and other bad actors to share disinformation, using deepfakes to deceive.