At the beginning of the Russia-Ukraine conflict, KillNet - a Russian cybergang - began actively collecting open-source intelligence (OSINT), which drew interest from various threat actor groups. Heightened interest in the OSINT data led to additional actors joining , growing its membership to include not only Russian cyber criminals, but uniting other cyber gangs sympathetic to Russia.

Cybersecurity and Infrastructure Security Agency’s (CISA) has released their 2023-2025 Strategic Plan, its first comprehensive strategic plan since the agency was created four years ago. “This is an important step in planning and preparing to combat the evolving cyber threats,” said Bill Rucker, president of Trustwave Government Solutions (TGS). “I appreciate the emphasis on working with the private sector in the plan.

Trustwave MailMarshal has received a major upgrade to version 10.0.5 adding proprietary technologies to greatly increase the security tool’s ability to detect phishing emails, spam and malicious URLs. MailMarshal is already highly effective against phishing, but the new version’s phishing detection ability is boosted by being able to detect 40% of previously ‘hard to detect' samples the addition of these new capabilities.

ISG recognized Trustwave as a Rising Star in Managed Security Services for Large Accounts in its recently released Provider Lens™ Quadrant Report on Cybersecurity Solutions & Services report. The ISG research evaluates strengths, challenges, and competitive differentiators across cybersecurity providers and solutions, and serves as a resource for IT decision makers tasked with improving the cyber resilience of their organizations.

During a recent engagement, Trustwave SpiderLabs discovered an Indirect Object Reference (IDOR) vulnerability within Squiz Matrix CMS which would allow any low privileged user to change the contact details of any other user on a Squiz Matrix instance (including administrators). An attacker exploiting the vulnerability could change an administrator’s email address to an attacker-controlled email address after which the attacker could reset the administrator’s password.

As organizations go about their regular routine of finding and adding new technologies to help increase their overall success, each organization must keep in mind the security implications of each move, along with the fact that much of their current technology stack has to be maintained with a well-thought out and quickly implemented patching program.

Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy. Reports from Trustwave and other security researchers show that Russian cyberattackers have maintained pressure on Ukraine throughout the conflict. This article covers malware that has been used against organizations in Ukraine to destroy systems and data or gain control over targeted systems for surveillance and data staling.

Oracle Communications Session Border Controller (SBC) is one of the most popular products worldwide that helps service providers deliver trusted, carrier-grade, real-time communications such as VoLTE, VoIP, video conferencing and calling, presence, IM, and IPTV. Harold Zang, Senior Technical Security Specialist and Jeremy Nunn, Security Specialist at Trustwave SpiderLabs, identified three vulnerabilities in the Oracle SBC.

Cybersecurity is just a word, but that word is the entry way into an incredibly complex world filled with an alphabet soup-level of acronyms, connected to thousands of terms that help define the category. To help make it easier to understand the latest terminology to better your knowledge of what is happening in the cyber world, Trustwave Government Solutions has created a handy online glossary.

Observing the ongoing conflict between Russia and Ukraine, we can clearly see that cyberattacks leveraging malware are an important part of modern hybrid war strategy. While conventional warfare is conducted on the battlefield and limited by several factors, cyber warfare continues in cyber space, offering the chance to infiltrate and damage targets far behind the frontlines. Russia utilized cyberattacks during the initial phase of the invasion in February.