Using AWS Secrets Manager and Lambda Function to Store, Rotate and Secure Keys
July 16, 2024 | Sally Gebreananeya
When working with Amazon Web Services (AWS), we often find that various AWS ...
Facebook Malvertising Epidemic – Unraveling a Persistent Threat: SYS01
July 15, 2024
The Trustwave SpiderLabs Threat Intelligence team's ongoing study into how ...
Tips for Optimizing Your Security Operations Framework
July 15, 2024 | David Broggy
Building an effective Security Operations framework that provides the right ...
Network Isolation for DynamoDB with VPC Endpoint
July 09, 2024 | Selam Gebreananeya
DynamoDB is a fully managed NoSQL database service offered by Amazon Web ...
The Underdog of Cybersecurity: Uncovering Hidden Value in Threat Intelligence
July 08, 2024 | David Broggy
Threat Intelligence, or just TI, is sometimes criticized for possibly being ...
Clockwork Blue: Automating Security Defenses with SOAR and AI
July 01, 2024 | David Broggy
It’s impractical to operate security operations alone, using manual human ...
Professional Services Sector Under Attack - Trustwave SpiderLabs Report 2024
June 26, 2024
Recent research by Trustwave SpiderLabs, detailed in their newly published ...
Atlas Oil: The Consequences of a Ransomware Attack
June 25, 2024 | Arthur Erzberger
Overview Atlas Oil, a major player in the oil and fuel distribution industry, ...
Scanning the Matrix: SIEM Best Practices
June 24, 2024 | David Broggy
(A thought from The Matrix: Neo likely used a SIEM before he took the red pill ...
Fare Thee Well ModSecurity: End-of-Life and Last Commercial Rules Update for June 2024
June 20, 2024
A Fourteen-Year Journey Comes to an End In June 2010, Trustwave acquired Breach ...
LevelBlue Labs Discovers Highly Evasive, New Loader Targeting Chinese Organizations
June 19, 2024 | Fernando Dominguez
Executive Summary LevelBlue Labs recently discovered a new highly evasive ...
Secure Access Service Edge: Another Multi-Tool for the SOC
June 17, 2024 | David Broggy
Over the years, several security defense architectures have merged into a ...
DUALITY Part II - Initial Access and Tradecraft Improvements
June 14, 2024 | Faisal Tameesh
This blog post discusses tradecraft improvements and how the same pipeline can ...
Search & Spoof: Abuse of Windows Search to Redirect to Malware
June 11, 2024 | Bernard Bautista
LevelBlue SpiderLabs has detected a sophisticated malware campaign that ...
The Sentinel’s Watch: Building a Security Reporting Framework
June 10, 2024 | David Broggy
Imagine being on shift as the guard of a fortress. Your job is to identify ...
Fake Advanced IP Scanner Installer Delivers Dangerous CobaltStrike Backdoor
June 05, 2024 | Rodel Mendrez
During a recent client investigation, Trustwave SpiderLabs found a malicious ...
Threat Advisory: Snowflake Data Breach Impacts Its Clients
June 04, 2024
Executive Summary On May 20, 2024, Live Nation discovered and disclosed an ...
Cyber Exterminators: Monitoring the Shop Floor with OT Security
June 03, 2024 | David Broggy
Pressure is increasing on manufacturers to monitor their shop floors for ...
Important Security Defenses to Help Your CISO Sleep at Night
May 20, 2024 | David Broggy
This is Part 13 in my ongoing project to cover 30 cybersecurity topics in 30 ...
2024 Public Sector Threat Landscape: Trustwave Threat Intelligence Briefing and Mitigation Strategies
May 14, 2024
Trustwave SpiderLabs’ 2024 Public Sector Threat Landscape: Trustwave Threat ...
How to Create the Asset Inventory You Probably Don't Have
May 13, 2024 | David Broggy
This is Part 12 in my ongoing project to cover 30 cybersecurity topics in 30 ...
Guardians of the Gateway: Identity and Access Management Best Practices
May 06, 2024 | David Broggy
This is Part 10 in my ongoing project to cover 30 cybersecurity topics in 30 ...
Protecting Zion: InfoSec Encryption Concepts and Tips
April 29, 2024 | David Broggy
This is Part 9 in my ongoing project to cover 30 cybersecurity topics in 30 ...
The Invisible Battleground: Essentials of EASM
April 22, 2024 | David Broggy
Know your enemy – inside and out. External Attack Surface Management tools are ...
EDR – The Multi-Tool of Security Defenses
April 22, 2024 | David Broggy
This is Part 8 in my ongoing project to cover 30 cybersecurity topics in 30 ...
Fake Dialog Boxes to Make Malware More Convincing
April 17, 2024 | Ram Prakash
Let’s explore how SpiderLabs created and incorporated user prompts, ...
Cracking Into Password Requirements
April 16, 2024 | Ethan Wilkins
This blog post discusses new hashcat rule sets designed to crack passwords with ...
The Secret Cipher: Modern Data Loss Prevention Solutions
April 15, 2024 | David Broggy
This is Part 7 in my ongoing project to cover 30 cybersecurity topics in 30 ...