Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trustwave

Healthcare Threat Landscape 2022-2023: Common TTPs Used by Top Ransomware Groups Targeting the Healthcare Sector

The healthcare sector has been under constant threat from cybercriminals due to the sensitive nature of patient data and the valuable information held by healthcare providers. This blog analyzes the ransomware landscape for the healthcare sector for the years 2022-2023. This report uses data compiled for the recently released Trustwave SpiderLabs research: Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape report.

Attack Surface Management: Challenges, Myths, and Solutions

In the modern era of interconnectedness and digitalization, the risk of cyber threats has increased in complexity and persistence. Organizations must adopt a proactive and strategic approach to security to safeguard their assets and minimize the likelihood of cyberattacks. One essential strategy in this regard is attack surface management. It enables businesses to identify and address potential vulnerabilities and exposures comprehensively.

SEC: Public Companies Must Disclose Material Cybersecurity Incidents Within 4 Days

The US Securities and Exchange Commission (SEC) adopted new rules for cybersecurity risk management, strategy, governance, and incident disclosure by public companies on July 26, requiring public companies to disclose material cybersecurity incidents within four days of an attack. Additionally, registrants must annually report their process, if any, for assessing, identifying, and managing material risks from cybersecurity threats.

Trustwave Partners With Tech Advisory Firm Bridgepointe

Trustwave has achieved supplier status with Bridgepointe, a tech advisory firm that helps mid-market and enterprise companies transform tech investments into unrivaled business results. The Bridgepointe deals connects Trustwave to Bridgepointe’s expansive network to provide Trustwave security consulting, managed detection and response, threat hunting, co-managed SOC, database security, and email security services to their set of clients.

ModSecurity v3: DoS Vulnerability in Four Transformations (CVE-2023-38285)

ModSecurity is an open-source Web Application Firewall (WAF) engine maintained by Trustwave. This blog post discusses an issue with four transformation actions that could enable a Denial of Service (DoS) attack by a malicious actor. The issue has been addressed with fixes in v3.0.10. ModSecurity v2 is not affected.

Stopping Threat Actors from Gaining Initial Access

The recent Trustwave SpiderLabs report, Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape, offers a detailed look at the typical attack flow used in a variety of cyberattacks. The attack flow discussed in the report focused on what a healthcare organization might face, but for the most part, attack flows stay the same regardless of the vertical being attacked.

Trustwave Named a Leader in ISG Provider Lens for Cybersecurity Solutions and Services

For the second consecutive year, Information Security Group (ISG) named Trustwave a Rising Star in Managed Security Services (MSS) for U.S. Large Accounts and for the first time as a Leader in MSS for U.S. Midmarket in its 2023 Provider Lens™ Quadrant Report. ISG recognized Trustwave for its holistic offering with enhanced visibility, continuous threat monitoring and hunting, and its elite partnerships.

Offensive Security and the Misconceptions Surrounding Enterprise Penetration Testing

The concept of Offensive Security is often misunderstood by clients who often confuse it with penetration testing, but these two solutions, while both vital, are in fact quite different. Offensive Security is a popular industry umbrella term for all things pertaining to an organization's strategy surrounding cybersecurity, whereas penetration testing is more singular involving security teams attempting to break into a client’s systems.

Trustwave SpiderLabs Research: Cybersecurity in the Healthcare Industry

The Trustwave SpiderLabs team conducted a months-long investigation into the cyber threats facing the healthcare industry and has provided a roadmap displaying how threat actors conduct an attack, methodologies used, and what organizations can do to protect themselves from specific types of attacks.

Cybersecurity in the Healthcare Industry: Trustwave SpiderLabs Report

In their latest report titled "Cybersecurity in the Healthcare Industry: Actionable Intelligence for an Active Threat Landscape," the Trustwave SpiderLabs team reveals the data from a months-long investigation focusing on the cyber threats the healthcare industry is currently grappling with.