Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Blog

Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails

Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack with varying tactics, techniques, and procedures (TTP). Between July and September, we witnessed a 140% increase in these spam campaigns. In this blog, we will showcase the different spam techniques used in these phishing emails.

LLM Guardrails: Secure and Accurate AI Deployment

Deploying large language models (LLMs) securely and accurately is crucial in today’s AI deployment landscape. As generative AI technologies evolve, ensuring their safe use is more important than ever. LLM guardrails are essential mechanisms designed to maintain the safety, accuracy, and ethical integrity of these models. They prevent issues like misinformation, bias, and unintended outputs.

Cybersecurity Awareness Month: The Great Offensive Security/Active Defense Strategy

It’s Cybersecurity Awareness Month and you know what that means. We spend every spare hour waiting for The Great Pumpkin. As many of us know, (and we’re going to stretch this analogy to the limit) Linus actively created an environment that would attract The Great Pumpkin by establishing the sincerest pumpkin patch in the neighborhood. Furthermore, he went on the offensive to attract others to his belief that The Great Pumpkin would appear on Halloween night.

What a 3-Year Plan to Cut Software Risks by 75% Looks Like

Organizations face an increasing number of software security threats that can compromise their sensitive data and disrupt business operations. To effectively manage these risks and enhance their security posture, it’s crucial for organizations to adopt modern application risk reduction strategies that not only mitigate potential vulnerabilities but also provide clear, actionable next steps and insights for reporting purposes.

Decoding Agent Tesla: The Spyware Stealing Data Silently!

Agent Tesla is an advanced piece of malware that functions as a keylogger and RAT (remote access trojan). The malware was first identified in 2014. They are crafted to infiltrate systems and seize sensitive information like usernames, passwords, and other private data mainly by logging keystrokes. This kind of spyware works secretly in the background, which is difficult to detect for the users.

Mastering PowerShell's Move-Item Cmdlet for File Management

As a routine task, users move items, such as files and folders from one place to another on our computer, so that data is sorted and makes sense. While this can be accomplished with simple copy and paste options from within the File Explorer, advanced users may prefer PowerShell for efficiency and precision. The Move-Item cmdlet in PowerShell moves an item from one location to another in the File Explorer, with its properties, contents, and child items intact.

Top 5 Logistics and Postal Scams of 2024

From groceries to gadgets, everything can be delivered to your doorstep these days with just a few clicks. In this e-commerce world, logistics and postal companies have become critical players in the retail sector, with brand names that everyone recognizes. But this has also made them goldmines of PII that attackers would do anything to get their hands on.

DLP 101: How to Prevent Data Exfiltration in the Cloud

These days, your organization's data is its most valuable asset. But what happens when that data slips through your fingers? Picture this: It's Friday afternoon, and your security team receives an alert about an unusual number of downloads from your cloud storage app, Google Drive. As you investigate, you realize it's corporate IP that's being downloaded en masse by a departing employee. This type of exfiltration incident isn't just hypothetical; it's a reality that organizations face on the daily.

Policy as code in Kubernetes: security with seccomp and network policies

The dynamic world of Kubernetes and cloud security is constantly evolving. As we explore this complicated ecosystem, it’s crucial to understand the role of policy as code (PaC) and its impact on operations and security teams. Emerging from the broader paradigm of infrastructure as code (IaC), PaC represents a significant shift in how we manage and secure cloud-native environments.

Top FAQs about CrowdStrike Falcon Next-Gen SIEM

CrowdStrike Falcon Next-Gen SIEM enhances security operations by integrating data, AI, workflow automation and threat intelligence into a single platform with a unified console and a lightweight endpoint agent. We continue to innovate in next-gen SIEM to power SOC operations, most recently with a series of product updates announced at Fal.Con 2024. But we’re not stopping there.