I've been pentesting applications for nearly two decades now and throughout that time you get to see trends. One of these is the gradual adoption of Single Sign-On (SSO) in the corporate environment for lots of previously isolated applications. These applications would usually have their own user database and the users (the employees) would need to authenticate directly to them with specific 'local' credentials. With this setup comes varying password expiry times, complexity requirements, etc.

Former Texas Congressman William "Mac" Thornberry and Trustwave Government Solutions President Bill Rucker recently sat down to discuss several pressing issues impacting the federal government’s cybersecurity preparedness, the impact the Russia-Ukraine War has had on cyber, and what remains to be done to shore up the nation's cyber defenses. This is the second half of their conversation.

Former Texas Congressman William "Mac" Thornberry and Trustwave Government Services President Bill Rucker recently sat down to discuss several pressing issues impacting the federal government’s cybersecurity preparedness, the impact the Russia-Ukraine War has had on cyber, and what remains to be done to shore up the nation's cyber defenses. This is the first of a two-part conversation.

On May 31, threat actors were discovered targeting a critical zero day in MOVEit Transfer software resulting in escalated privileges and unauthorized data access. The vulnerability being exploited is an SQL injection and has since been patched. Resources links, including one for the patch, are at the bottom of this post. MOVEit Transfer is a managed file transfer (MFT) solution developed by Ipswitch (a subsidiary of Progress Software).

Trite old sayings aside, practice works. Sports teams and the armed forces understand that ensuring everyone knows their role and has practiced it until they can do the job in the dark with their eyes closed is the only way to guarantee the proper reaction when it’s time to go to work. The same should hold true for an organization preparing for any type of emergency, ranging from a power outage, natural disaster, or cyberattack.

Attack surface management is certainly a concern for most organizations, but being top of mind does not mean it's easy for organizations to understand or implement. Unfortunately, there are many misconceptions about how hard managing one's attack surface is, so let's deal with five of the most common fallacies. The fact is attack surface management is a lot easier said than done and to be effective, attack surface management demands a strong base of 'cyber hygiene'.

Managed vulnerability scanning is a cybersecurity service that uses software, vulnerability scanners, human-led and automated penetration testing, and other tools to help an organization identify, track, evaluate, and mitigate security risks both inside their network and connected external sources. Even organizations with the most sophisticated information technology security professionals are challenged when dealing with the hundreds of new threats released into the wild each month.

As is tradition with my blog posts, let’s start off a definition of what HTTP pipelining is all about. “HTTP pipelining is a feature of HTTP/1.1 which allows multiple HTTP requests to be sent over a single TCP connection without waiting for the corresponding responses. HTTP/1.1 requires servers to respond to pipelined requests correctly, with non-pipelined but valid responses even if server does not support HTTP pipelining.

SC Media and SC Media Europe have named two of Trustwave’s premiere products, DbProtect and MailMarshal, as a finalist in several award categories the cybersecurity media outlet plans to announce this summer. For 26 years, the SC Awards program has been cybersecurity’s most prestigious and competitive program, recognizing the solutions, organizations, and people driving innovation and success in information security.

Information disclosed in the leaked NTC Vulkan papers allows us to investigate the high probability of cooperation between the Russian private software development company and the Russian Ministry of Defense, namely, the GRU (Sandworm), and possibly others.