Chicago, IL, USA
May 19, 2022   |  By Trustwave
Phishing website links are commonly delivered via email to their respective targets. Once clicked, these websites often show a single webpage that outright asks for sensitive information like account login credentials, credit card details, and other personally identifiable information (PII). Recently, we have encountered an interesting phishing website containing an interactive component in it: a chatbot.
May 18, 2022   |  By Trustwave
Most organizations employ mobile computing, which utilizes wireless communications for staff members to perform day-to-day tasks with more ease. While some organizations have deployed enterprise security standards on their wireless networks, Trustwave SpiderLabs has observed some organizations deviating from security best practices when it comes to managing a wireless environment leaving these wireless networks as low-hanging fruit for attackers to abuse.
May 17, 2022   |  By Trustwave
The Russian invasion of Ukraine has heightened government and business awareness around the reality that nation-state cyber threats pose. To cover all the implications of the threat posed by nation-state actors and the groups they sponsor, we sat down with Gary De Mercurio, VP, Global Practice Lead, Trustwave SpiderLabs.
May 13, 2022   |  By Trustwave
Maybe I’m a bit late to the game on this one, but I recently discovered PwnFox and it has quickly one of my favorite tools yet. So, what is PwnFox? To put it simply, it’s a BurpPro extension that works with Firefox. It accomplishes two things. First, it helps containerize up to eight (yes, that’s right… eight!) different sessions within one browser and secondly, it organizes all your proxied traffic in Burp BY COLOR! I’ll dive a bit more into #2 in a second.
May 11, 2022   |  By Trustwave
Trustwave SpiderLabs is tracking a new critical-rated vulnerability (CVE-2022-1388) affecting F5 BIG-IP network devices. Threat actors are reported to be actively exploiting this vulnerability in the wild. F5 disclosed and issued a patch for CVE-2022-1388 on May 4. We are diligently watching over our clients for exposure and associated attacks and working closely with our clients to ensure that mitigations are in place.
May 10, 2022   |  By Trustwave
The threats facing databases today are numerous and constantly evolving as the perimeter continues to fall away in favor of multi-cloud environments. This change means organizations must adopt an in-depth, data-centric security approach that includes a program designed from the ground up to protect databases.
May 10, 2022   |  By Gary Ulaner
Email security is not a simple check-box item. The need to have a strong email security solution in place has never been greater. Email is ubiquitous, and the average employee receives so many emails on a daily basis that they often open and click on messages without giving a second thought to any potential problem they might pose. This means an organization must have an email security solution in place to find and block suspicious emails before someone mistakenly clicks on a link.
May 6, 2022   |  By Trustwave
As we approach the one-year anniversary of the Colonial Pipeline ransomware attack, it is an excellent time to reflect upon what took place and how that incident can serve as a teaching point for any organization interested in preventing a ransomware attack. First, here is a quick refresher on what transpired.
May 5, 2022   |  By Gary De Mercurio
There is a bit of serendipity associated with World Password Day 2022. This year the day falls on May 5, the day before the first anniversary of the devastating Colonial Pipeline ransomware attack, which was initiated through a compromised password. The combination of National Password Day and the Colonial Pipeline anniversary should help remind everyone that password security is incredibly important and ever evolving.
May 3, 2022   |  By Trustwave
Ladies and gentlemen of all ages and security roles, let us dive head-first into this newish thing called XDR. There is no shortage of vendors, and researchers, providing you their definition on what XDR actually represents so it becomes is there one you agree with or not. Taking a slightly different tact to explore what does XDR mean to you, and your security team.
Jan 15, 2021   |  By Trustwave
As organizations turn away from legacy branch routers in favor of secure SD-WAN solutions, Trustwave has the security solutions to help.
Oct 30, 2020   |  By Trustwave
In today’s threat environment, the reality is that most organizations will inevitably experience a breach. At Trustwave, our job is detecting, containing and eradicating those threats with Managed Threat Detection and Response (MTDR) services. Find out how we provide you with the security outcomes you need, so that you can stay focused on doing what you do best… keeping your organization running.
Jul 29, 2020   |  By Trustwave
For organizations that might be new to the world of managed security services (MSS), what is the process of getting started like? What are the main benefits that a client should expect to realize? And how does managed threat detection and response (MTDR) fit into the mix? To find out, we interviewed Rachelle Felix-Blackmon, Director of Global MSS Business Operations at Trustwave.
Jul 24, 2020   |  By Trustwave
How concerned should organizations be about the danger from nation state actors? To find out, we interviewed Brian Hussey, VP of Cyber Threat Detection & Response at Trustwave. Topics we covered included what he sees in the field when it comes to nation-state capabilities, whether or not they truly are better organized than cyber gangs, and how organizations can help protect themselves.
Jul 15, 2020   |  By Trustwave
We interviewed Liz Limjuco, SVP of U.S. Cyber Brokerage at Marsh, to talk about what risk trends she is seeing in cybersecurity, what organizations are doing to adapt to those trends, how organizations can better understand their risks, and what they can do to help mitigate those risks.
Jul 1, 2020   |  By Trustwave
Questions about the GoldenSpy malware? Find answers in this video interview with Brian Hussey, VP of Cyber Threat Detection and Response for Trustwave SpiderLabs. Includes recommendations for how organizations can best protect themselves.
Jul 1, 2020   |  By Trustwave
Trustwave SpiderLabs has discovered a new malware family, dubbed GoldenSpy, embedded in tax payment software that a Chinese bank requires corporations to install to conduct business operations in China. Learn more in this video.
Jun 4, 2020   |  By Trustwave
Trustwave DbProtect is a highly scalable database security platform that enables organizations to secure their relational databases and big data stores, both on premises and in the cloud, with a distributed architecture and enterprise-level analytics.
Jun 3, 2020   |  By Trustwave
As organizations come to rely on the cloud for everything from database storage to application delivery to network infrastructure and beyond, cloud security is becoming a mission-critical concern. With breaches becoming more costly, there’s never been a better time to discuss best practices and approaches to cloud security.
May 27, 2020   |  By Trustwave
Ziv Mador, VP of Security Research at Trustwave SpiderLabs, discusses why understanding the dark web is beneficial to enterprises and how cybercriminals on the dark web operate.
Jan 16, 2022   |  By Trustwave
In today's hyper-connected world, cyberattack risks have never been more pronounced. Threat actors continue to develop malicious, ingenious tricks and techniques to stay one step ahead of security systems and response specialists. As a result, a more focused and proactive approach to detecting, investigating, and responding to threats is required. In this guide, we break down the comparison between Managed Detection and Response (MDR) and Managed Security Services (MSS) and how to determine what to look for in providers.
Jan 16, 2022   |  By Trustwave
It is no secret that many organizations can do better with their security programs. Zero Trust allows for an evolution of an organization's strategy. It also forces organizations to rethink their approach to securing data to meet the requirements of data privacy regulations and expectations from their customers and business partners. Risk-minded organizations take the Zero Trust mindset and adopt it as best they can to fit their current and future state infrastructure.
Dec 1, 2021   |  By Trustwave
Cybercrime continues to rise, and Financial Services organizations are often a prime target due to their valuable data. While no strangers to maintaining strong security strategies, it can be exhausting staying one step ahead of the threats.
Dec 1, 2021   |  By Trustwave
Relational databases and big data stores are a prime target for attackers due to the amount of sensitive information residing within, such as customer information, intellectual property and proprietary secrets. For more than 20 years, the database security experts at Trustwave have helped organizations design, implement and maintain database security programs to meet their specific business, security and compliance objectives.
Nov 1, 2021   |  By Trustwave
Wondering what the underground world of cybercrime looks like following after a year of unprecedented events? Bad actors capitalize on these events - from political unrest and economic instability to changing workforce dynamics and ongoing public health concerns - putting organizations of all sizes and across all industries at increased risk. Learning more about these new and innovative exploits, which take advantage of unprecedented global circumstances, allows you to make more informed decisions regarding your security posture.
Nov 1, 2021   |  By Trustwave
Government agencies are faced with the complexity of what needs to be done to meet the Executive Order 14028 requirements. This whitepaper provides guidance on how to comply with the Executive Order and how it applies to securing critical databases.
Oct 1, 2021   |  By Trustwave
The ever-shifting threat landscape coupled with the increased risk and loss of confidential information through previous breaches, defending protected controlled unclassified information within the DIB supply chain is increasingly difficult. The Department of Defense (DoD) determined that its supply chain faced an unacceptable amount of risk, resulting in the transition from self-certification to the creation of the CMMC (Cybersecurity Maturity Model Certification), which requires third-party assessments and certification of compliance.
Oct 1, 2021   |  By Trustwave
If your organization is using or plans to move to Microsoft 365, learn what to expect from an email security, data protection and management perspective. Read our latest whitepaper In, Out and Around: 360° Security for Microsoft 365 for insights into protecting Microsoft 365 email in these key areas.

Trustwave is recognized as a global security leader in managed security services (MSS) and managed detection and response (MDR).  With more than 2,000 world-class security professionals operating on behalf of clients across 96 countries, Trustwave helps organizations across the globe detect and respond to threats 24x7 in the hybrid multi-cloud world. 

The elite Trustwave SpiderLabs team provides award-winning threat research and intelligence, which is infused into Trustwave services and products to fortify cyber resilience in the age of advanced threats.

Recognized as a Leader in Stopping Threats:

  • Detection and Response: Helping clients design and advance their cyberthreat operations , adding 24x7 monitoring capacity, threat hunting and rapid response.
  • Threat Protection: Services and solutions to help organizations protect data, assets and users.
  • Continuous Testing: Helping clients reduce risks in their ever-evolving attack surface to better discover, manage and remediate vulnerabilities.

Cyber resilience for the hybrid, multi-cloud world.