Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Trustwave

CRN Recognizes Trustwave as 2024 Top 100 Security MSP

For the fifth consecutive year, the leading channel publication CRN named Trustwave to its 2024 Managed Service Provider (MSP) 500 list in its Security 100 category. The Trustwave Global Channel Partner Program earned recognition for providing one of the industry's most extensive collections of security products and services. These offerings cater to enterprise requirements in threat detection and response, as well as vulnerability and risk management.

10 Key Steps to Enhance Mobile Application Security in 2024

In today's digital landscape, ensuring robust security for your mobile applications is paramount. With attackers constantly evolving their techniques and targeting vulnerabilities, adopting DevSecOps is more important than ever, and it is part of any solid program of adding proactive measures to safeguard your mobile apps.

How a Managed Detection and Response Provider's Global Footprint Helps Defend Against Cyber Threats

Cyber threats can originate from anywhere around the globe. For services such as managed detection and response (MDR) to effectively defend against them requires a managed security service provider (MSSP) that likewise has a global footprint. The top 10 countries from which distributed denial-of-service attacks (DDoS) originate include China, Brazil, India, Indonesia, Russia, and Germany, according to data collected by the cloud services company Cloudflare. At the same time, the U.S.

Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising

During an Advanced Continual Threat Hunt (ACTH) investigation that took place in early December 2023, Trustwave SpiderLabs discovered Ov3r_Stealer, an infostealer distributed using Facebook advertising and phishing emails. SpiderLabs’ “Facebook Advertising Spreads Novel Malware Variant,” is an in-depth dive into Ov3r_Stealer, exposing what the Threat Hunt team learned about the threat actors, their techniques, tactics, and procedures and how the malware functions.

Trustwave MailMarshal Now Available on the Microsoft Azure Marketplace

Trustwave MailMarshal is now listed on the Microsoft Azure Marketplace, an online store for solutions that are built on or built for Azure and intended for IT professionals and developers. Trustwave MailMarshal joins an illustrious list of IT software applications and services built by industry-leading technology companies.

Federal Water and Wastewater Security Incident Response Guide Falls Short

This week, federal guidelines were published to assist owners and operators in the water and wastewater systems (WWS) sector on best practices for cyber incident response. Guideline are great, but they are just suggestions unless there are the resources for the WWS operators to enable them and some form industry monitoring to ensure they are met.

Trusted Domain, Hidden Danger: Deceptive URL Redirections in Email Phishing Attacks

In this ever-evolving landscape of cyberthreats, email has become a prime target for phishing attacks. Cybercriminals continue to adapt and employ more sophisticated methods to effectively deceive users and bypass detection measures. One of the most prevalent tactics nowadays involves exploiting legitimate platforms for redirection through deceptive links.

Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients

This is another one of those blog posts from me about how I independently carried out some security research into a thing and found something, but I was just too late to the party once again . However, I want to share the journey because I still think there is some value in doing so.

Trustwave SpiderLabs Detects Spike in Greatness Phishing Kit Attacks on Microsoft 365 Users

Trustwave SpiderLabs is tracking a spike in usage of the Greatness phishing kit to attack Microsoft 365 users to distribute malicious HTML attachments that steal login credentials. Greatness is a phishing-as-a-service platform developed by a threat actor known as "fisherstell," and has been available since mid-2022 that provides a ready-made infrastructure and tools for anyone to launch phishing campaigns charging $120 per month in Bitcoin.