Storm-0558 and the Dangers of Cross-Tenant Token Forgery
May 21, 2025 | Damian Archer
Modern cloud ecosystems often place a single identity provider in charge of ...
Guarding Against Dependency Attacks: Essential Strategies for Modern Application Development
May 16, 2025 | Damian Archer
Dependency management is one of the biggest challenges in modern software ...
Lights Out and Stalled Factories: Using M.A.T.R.I.X to Learn About Modbus Vulnerabilities
May 06, 2025 | Karl Biron
Let’s explore the critical role of Modbus in energy and manufacturing systems, ...
Bring Your Own Installer: Bypassing EDR Through Agent Version Change Interruption
May 05, 2025 | John Ailes and Tim Mashni
Bring Your Own Installer is a technique which can be used by threat actors to ...
A Deep-Rooted Infestation: How the ILOVEYOU Bug Continues its Legacy in Modern Worms
May 02, 2025 | Pauline Bolaños
A quarter century ago, a former computer science student from the Philippines ...
Yet Another NodeJS Backdoor (YaNB): A Modern Challenge
April 29, 2025 | Reegun Jayapaul
During an Advanced Continual Threat Hunt (ACTH) investigation conducted in ...
Windows Search Index: The Forensic Artifact You’ve Been Searching For
April 26, 2025 | Phalgun Kulkarni and Julia Paluch
The Windows Search index is a useful artifact for Incident Response ...
Agent In the Middle – Abusing Agent Cards in the Agent-2-Agent (A2A) Protocol To ‘Win’ All the Tasks
April 21, 2025 | Tom Neaves
I think you’ll agree with me that growth in the AI landscape is pretty full-on ...
Proton66 Part 2: Compromised WordPress Pages and Malware Campaigns
April 17, 2025 | Pawel Knapczyk, Dawid Nesterowicz
Earlier this year SpiderLabs observed an increase in mass scanning, credential ...
Maximizing Value: How Companies and Pentesters Can Achieve More Together
April 15, 2025 | Elijah Seymour, Rohit Kapur, Stephen Komal, Mark Stanislav (Fullstory)
A closer look at the collaborative efforts between Stroz Friedberg and ...
Proton66 Part 1: Mass Scanning and Exploit Campaigns
April 14, 2025 | Pawel Knapczyk, Dawid Nesterowicz
Trustwave SpiderLabs continuously tracks a range of malicious activities ...
Pixel-Perfect Trap: The Surge of SVG-Borne Phishing Attacks
April 10, 2025 | Bernard Bautista and Kevin Adriano
Ever thought an image file could be part of a cyber threat? The Trustwave ...
Tycoon2FA New Evasion Technique for 2025
April 10, 2025 | Rodel Mendrez
The Tycoon 2FA phishing kit has adopted several new evasion techniques aimed at ...
Inside Black Basta: Uncovering the Secrets of a Ransomware Powerhouse
April 08, 2025 | Serhii Melnyk and Nikita Kazymirskyi
In February 2025, the cybersecurity community witnessed an unprecedented leak ...
Babuk2 Bjorka: The Evolution of Ransomware for ‘Data Commoditization’
April 01, 2025 | John Basmayor
An investigation that started with a tip from one of our threat intel sources ...
2025 Trustwave Risk Radar Report: Healthcare Sector: Key Risks and Defensive Measures
March 26, 2025
Rising Cyber Threats in Healthcare – Discover the latest cybersecurity risks ...
Trustwave SpiderLabs Threat Review: Alleged Oracle Compromise
March 25, 2025 | Nikita Kazymirskyi and Karl Sigler
On March 20, a relatively unknown user on Breach Forums posted the allegation ...
Why Principle of Least Privilege Matters More Than Ever in a World of Backdoored Large Language Models (LLMs)
March 24, 2025 | Tom Neaves
The concept of “principle of least privilege” has been around for a long time. ...
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 2
March 20, 2025 | Karl Biron
In Part 1 of Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your ...
Fort Knox for Your Data: How Elasticsearch X-Pack Locks Down Your Cluster – Part 1
March 19, 2025 | Karl Biron
Picture this: an always-awake, never-tired, high-speed librarian that instantly ...
DNSForge – Relaying with Force
March 12, 2025 | Apurva Goenka
Introducing a new attack mode for greater flexibility and customization.
Resurgence of a Fake Captcha Malware Campaign
March 12, 2025 | Reegun Jayapaul
During an Advanced Continual Threat Hunt (ACTH) investigation in early February ...
The Russia-Ukraine Cyber War Part 4: Development in Group Attributions for Russian State Actors
March 07, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
This is the final installment of Trustwave SpiderLabs Russia-Ukraine digital ...
A Deep Dive into Strela Stealer and how it Targets European Countries
March 06, 2025 | Dawid Nesterowicz
Infostealers have dominated the malware landscape due to the ease of threat ...
The Russia-Ukraine Cyber War Part 3: Attacks on Telecom and Critical Infrastructure
March 05, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
This post is the third part of our blog series that tackles the Russia-Ukraine ...
2025 Trustwave Risk Radar Report: Top Cyber Threats Targeting the Manufacturing Sector
February 26, 2025
2025 Trustwave Risk Radar Report Unveils Top Cyber Threats to Manufacturing: ...
The Russia-Ukraine Cyber War Part 2: Attacks Against Government Entities, Defense Sector, and Human Targets
February 25, 2025 | Pawel Knapczyk and Nikita Kazymirskyi
In the first part of Trustwave SpiderLabs’ Russia-Ukraine war blog series, we ...
We’re All in This Together: The Case for Purple Teaming
February 21, 2025 | Aidan Barrington
Why should you consider a purple team? What can you gain from it, and how do ...