In a constantly connected world, protecting sensitive data in what are often complex database structures requires staying up to date with cyber criminals’ malicious attack techniques, and infection methods. This research is an extension of another project which involves monitoring attacks carried out on database servers worldwide. Understanding how these bots work can keep your digital world safe and secure.
There is no downside for an organization to have a security awareness program in place. It may not be 100% effective in stopping workers from making an error and causing a cyber incident, but like any preventative endeavor such a program can reduce the possibility of a disastrous cyber incident from occurring. An organization’s staff is on the front line when it comes to defending their place of work. Kind of a human firewall, if you will.
Trustwave recently completed an almost three-year-long project that took the team to several of the most exotic Pacific paradises on the map. The trip was not a vacation as we spent long days helping install a wide variety of defensive platforms designed to protect national governments from cyberattacks, but one really couldn’t complain about the location.
In a recent development, Russian hackers have declared their intention to launch cyberattacks on the European financial system within the next 48 hours. The announcement was made late on Wednesday, June 14 and came through a video threat posted on the Mash Telegram channel, a very popular channel for Russian news. This operation appears to be a collaborative effort between the hacking groups KillNet, REvil, and Anonymous Sudan.
Recently, I discovered two vulnerabilities in the ButterflyMX system which were responsibly disclosed to the vendor. The vendor has mitigated the highest-risk vulnerability, which enabled unauthorized attackers to gain access to buildings equipped with the ButterflyMX Access Control System by employing a brute-force technique, typically requiring only a few hundred attempts to successfully guess virtual keys.
In today's digital era, the importance of securing databases cannot be overstated. As more and more global businesses and organizations rely on DBMS systems to store tons of sensitive information, the risk of targeted attacks and data breaches continues to increase. Therefore, the importance of monitoring and uncovering new actors along with their - often unique - attack techniques and methods is crucial.
In today's digital world, login credentials are the keys to the kingdom. Whether it's your online banking, your social media accounts, or your work accounts, your login credentials are essential for accessing your personal information. Unfortunately, cybercriminals are always looking for ways to obtain these credentials, and their techniques are becoming increasingly sophisticated.
On May 19, 2023, Barracuda Networks identified a remote command injection vulnerability (CVE-2023-2868) present in the Barracuda Email Security Gateway (appliance form factor only) versions 5.1.3.001-9.2.0.006. In its security advisory, Barracuda said the vulnerability existed in the Barracuda software component responsible for screening attachments for malware. In subsequent days, Barracuda deployed a series of patches.
The recent discovery of a zero-day vulnerability in a well-known email security product further underscores the importance of robust email security that can effectively counter advanced email threats, offer a defense-in-depth approach, and operate in the cloud or on-premises. To start, if you believe you have suffered a breach, Trustwave’s Digital Forensics and Incident Response (DFIR) is ready and online to take your call and start helping your organization recover. Click here.
Trustwave is one of the finest pure-play cybersecurity companies in the business, capable of helping clients from almost any industry remain safe from cyberattack, but one little-known, non-cybersecurity service we offer is helping our channel partners decipher and answer request for proposals (RFPs).
