In late August, the FBI took down and dismantled Quakbot, a banking Trojan that primarily spread through spam and phishing emails and has been active and continuously updated since 2008. Trustwave SpiderLabs has tracked Qakbot for years and has worked hard to counter the malware’s efforts, including publicly releasing the encryption algorithm Qakbot used to encrypt registry keys, enabling victims to recover from an attack.
The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying how threat actors conduct attacks, methodologies used, and what organizations can do to protect themselves from specific types of attacks.
The Trustwave SpiderLabs team conducted a multi-month investigation into the cyber threats facing the hospitality industry worldwide and has released a detailed report displaying not only how threat actors conduct attacks, methodologies used, but what organizations can do to protect themselves from specific types of attacks.
The human resources firm Brandon Hall Group honored Trustwave for "Best Advance in Corporate Culture Transformation" in its coveted 2023 HCM Excellence Awards™. The Brandon Hall Group Excellence Awards recognize best practices for initiatives in Learning and Development, Talent Management, Leadership Development, Talent Acquisition, Human Resources, Sales Performance, Diversity, Equity & Inclusion, and the Future of Work.
In our previous blog, we found a lot of phishing and scam URLs abusing Cloudflare services using pages.dev and workers.dev domains, respectively. We’re now seeing a lot of phishing emails with URLs abusing another Cloudflare service which is r2.dev.
Arguably, the most used device by an organization’s employees is their smartphone. Ensuring that anyone, from the CEO to a newcomer being onboarded, knows how to keep this device safe should be paramount. Why? Globally, more than 2 million attacks on mobile devices are reported each month, according to Statista. While the number of attacks has dropped precipitously from its peak of 6.5 million in October 2020, it is still dangerously high and a favorite threat actor attack vector.
In the realm of cybersecurity, danger hides where we least expect it and threats never, ever, go out of style! Over the past few months, Trustwave SpiderLabs has seen a rising trend in threat actors employing PDF documents to gain initial access through email-borne attacks. Though the use of PDF files as a malicious vector is not a novel approach, it has become more popular as threat actors continue to experiment with techniques to bypass conventional security controls.
The Cybersecurity & Infrastructure Security Agency (CISA) has released its 2024-2026 Cybersecurity Strategic Plan, which the agency says will change the trajectory of our national cybersecurity risk by focusing not just on how to defend but developing metrics to measure progress.
There are few security tasks more important, yet more difficult, to conduct than a vulnerability scanning program. A properly conducted scanning program requires a team of human-led experts with the technology to search for issues that might give a threat actor access to a network. Only the largest organizations with equally large wallets can afford to take on this task, but there is an option.
In this blog post, we will explore how the computer security landscape has expanded to reach below the operating system levels, aiming to address areas that are often overlooked or completely neglected in cybersecurity. Attackers have discovered techniques to establish long-term persistence in compromised hosts by injecting malicious code to run before the operating system loads in areas commonly referred to as Basic Input Output System (BIOS).
