Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

‍ ‍No organization, no matter the industry, is exempt from suffering from a cyber attack. The European Union formally recognized this modern-day reality in late 2022 when it published Directive (EU) 2016/1148, more commonly known as the NIS 2 Directive. As an updated version of the original directive enacted in 2016, this newer, sweeping cybersecurity regulation expanded its original scope to encompass even more business sectors.

Researchers at IBM X-Force are monitoring several ongoing phishing campaigns by the Russian state-sponsored threat actor ITG05 (also known as “APT28” or “Fancy Bear”). APT28 has been tied to Russia’s military intelligence agency, the GRU.

New analysis shows that the combination of phishing, email, remote access, and compromised accounts are the focus for most threat actors. Data across the industry corroborates new findings in cyber risk advisory and response firm Kroll’s just-released Q4 2023 Cyber Threat Landscape Report. But what’s interesting in this report is how the data tells a story of where organizations are falling short in their preventative efforts.

Today, artificial intelligence (AI) is no longer a futuristic concept but a tool that is driving operational efficiency, customer experience, and decision-making processes. Organizations are observing its transformative power firsthand across various industries and organizational aspects.

In an era where cloud attacks and threats are happening very fast and constantly evolving, the European Union (EU) has stepped up its cybersecurity game with two new regulations: the Digital Operational Resilience Act (DORA) and the revised Directive on Security of Network and Information Systems (NIS2). With more strict requirements on compliance controls and breach disclosures, these regulations are set to transform how businesses manage their cyber risks in Europe.

With springtime just around the corner, there’s a lot to be excited about — warmer weather, longer days, and, most importantly, basketball! In honor of the upcoming March Madness tournament, we’ve put together our own dream team for AppSec. Read on to discover the all-star features in application security this year and how they can help your team get a slam dunk in protecting applications from code to cloud.

Authorization plays an important role in Identity Access Management (IAM). IAM is a security framework of business policies and processes designed to ensure that authorized users have the necessary access to perform their jobs. Choosing the correct authorization model for your organization is important to protect sensitive resources from unauthorized access.

An addition to the A10 Defend suite has arrived. A10 Defend Threat Control, a necessary and proactive DDoS intelligence SaaS platform, is here to establish and amplify your holistic DDoS defense system. Backed by A10’s proprietary “zero-atrophy” data gathering and validation method, Threat Control provides actionable insights and proactively establishes a first layer of defense for your DDoS protection needs.

Everyone has received a spam text or email at some point. Their hallmarks are widely known; they often include poor or strange grammar, suspicious links, suggested connections with companies or people, or random individuals asking for help in some capacity. Sometimes, these communications allow scammers and malicious actors to learn about their targets. These targets may be individuals, companies, vendors, software hosts, or any other entity with data worth a cent.

Trustwave Government Solutions (TGS) was named as a Major Player in the inaugural IDC MarketScape: U.S. National Government Professional Security Services 2024 Vendor Assessment (doc #US51875423, February 2024), citing our numerous solutions created with federal agencies in mind. We’re honored that the IDC MarektScape has named TGS a Major Player.