Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Since September 2023, Trustwave’s Threat Intelligence Team has been tracking a large-scale phishing campaign distributed via email, attributed to "Storm-1575". Storm-1575 is known for developing and distributing a PhaaS platform with adversary-in-the-middle (AiTM) capabilities, known as "Dadsec". The team’s recent investigations have revealed that the infrastructure used by Dadsec is also connected to a new campaign leveraging the "Tycoon2FA" Phishing-as-a-Service (PhaaS) platform.

AI as a force multiplier for cyber resilience in defence Military leaders are well-acquainted with the expansion of conventional warfare into digital battlefields. The recent attack and breach of a UK Ministry of Defence (MoD) supplier exposed data of 270,000 service personnel,1 representing not an isolated incident but a pattern in an escalating cyber conflict.

As organizations increasingly rely on connected devices to drive efficiency and innovation, the Extended Internet of Things (XIoT) — covering industrial control systems (ICS), operational technology (OT), Internet of Things (IoT), and Internet of Medical Things (IoMT) — has rapidly expanded. This greater connectivity often drives increased vulnerability as critical assets are exposed to sophisticated threats.

If your organization handles United States federal government data in cloud environments, it’s often a requirement to use FedRAMP-authorized solutions. The Federal Risk and Authorization Management Program (FedRAMP) provides consistent standards for protecting unclassified data that passes between the federal government and privately owned third parties.

Cyber threats are becoming more advanced, with attackers creating ways to bypass traditional security. That’s why organizations need a stronger, multi-layered approach to protect their systems. To handle cyber threats effectively, security teams need clear, consistent information. That’s where CVEs help—by making it easier to manage hidden risks. And how can organizations enhance their cybersecurity capabilities with CVE data along with deception technology?

Mike Wilkes has had a career many cybersecurity professionals could only dream of. An adjunct professor, former CISO of Marvel and MLS, member of the World Economic Forum, drummer, and board member at the National Jazz Museum in Harlem, his interests and achievements are as eclectic as they are impressive.