CVE-2024-3400: PAN-OS Command Injection Vulnerability in GlobalProtect Gateway
April 12, 2024
UPDATE: Palo Alto Networks confirmed on Tuesday (4/16) that disabling device ...
CNAPP, CSPM, CIEM, CWPP – Oh My!
April 08, 2024 | David Broggy
We all know the cybersecurity industry loves its acronyms, but just because ...
Phishing Deception - Suspended Domains Reveal Malicious Payload for Latin American Region
April 05, 2024 | Karla Agregado
Recently, we observed a phishing campaign targeting the Latin American region. ...
Zero Trust Essentials
April 01, 2024 | David Broggy
This is Part 5 in my ongoing project to cover 30 cybersecurity topics in 30 ...
Why We Should Probably Stop Visually Verifying Checksums
March 27, 2024 | Tom Neaves
Hello there! Thanks for stopping by. Let me get straight into it and start ...
Agent Tesla's New Ride: The Rise of a Novel Loader
March 25, 2024 | Bernard Bautista
Malware loaders, critical for deploying malware, enable threat actors to ...
Evaluating Your Security Posture: Security Assessment Basics
March 25, 2024 | David Broggy
This is Part 4 in my ongoing project to cover 30 cybersecurity topics in 30 ...
Trustwave SpiderLabs: Artificial Intelligence Playing a Prime Role in BEC and Phishing Attacks
March 20, 2024
Criminals have historically been quick to embrace cutting-edge technology for ...
The Inevitable Threat: AI-Generated Email Attacks Delivered to Mailboxes
March 19, 2024 | Katrina Udquin
Generative AI exploded in popularity not too long ago but its influence on text ...
Cybersecurity Documentation Essentials
March 18, 2024 | David Broggy
This is Part 3 in my ongoing project to cover 30 cybersecurity topics in 30 ...
Ukrainian Intelligence Claims Successful Compromise of the Russian Ministry of Defense
March 12, 2024 | Arthur Erzberger
On March 4, 2024, the Telegram channel of the Main Directorate of Intelligence ...
Cost Management Tips for Cyber Admins
March 11, 2024 | David Broggy
As anyone who has filled out an expense report can tell you, cost management is ...
Resurgence of BlackCat Ransomware
March 06, 2024 | Reegun Jayapaul
Updated March 8: Based on our experience, we believe that BlackCat's claim of ...
Cloud Architecture, Frameworks and Benchmarks
March 04, 2024 | David Broggy
At any point in your cloud security journey, you should consider practical ...
Hunting For Integer Overflows In Web Servers
March 01, 2024 | Tom Neaves
Allow me to set the scene and start proceedings off with a definition of an ...
Welcome to Adventures in Cybersecurity: The Defender Series
February 26, 2024 | David Broggy
I’m happy to say I’m done chasing Microsoft certifications (AZ104/AZ500/SC100), ...
Trustwave SpiderLabs: Insights and Solutions to Defend Educational Institutions Against Cyber Threats
February 22, 2024
Security teams responsible for defending educational institutions at higher ...
Breakdown of Tycoon Phishing-as-a-Service System
February 20, 2024 | Rodel Mendrez
Just weeks after Trustwave SpiderLabs reported on the Greatness ...
DUALITY: Advanced Red Team Persistence Through Self-Reinfecting DLL Backdoors for Unyielding Control
February 12, 2024 | Faisal Tameesh
This blog post introduces the concept of DUALITY, which is a methodology and ...
Trustwave SpiderLabs Uncovers Ov3r_Stealer Malware Spread via Phishing and Facebook Advertising
February 06, 2024
During an Advanced Continual Threat Hunt (ACTH) investigation that took place ...
Dissection Of Makop Ransomware Group
February 05, 2024 | Aishwarya Desai
This blog post outlines attack patterns identified across Makop ransomware ...
Trustwave SpiderLabs Guide: Jailbreaking Apple iOS 17 and Above
February 01, 2024 | Therese Mendoza
PLEASE NOTE: Jailbreaking any phone has the potential to permanently damage ...
Trusted Domain, Hidden Danger: Deceptive URL Redirections in Email Phishing Attacks
January 29, 2024 | Kevin Adriano
In this ever-evolving landscape of cyberthreats, email has become a prime ...
Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients
January 26, 2024 | Tom Neaves
This is another one of those blog posts from me about how I independently ...
Trustwave SpiderLabs Detects Spike in Greatness Phishing Kit Attacks on Microsoft 365 Users
January 25, 2024 | Bernard Bautista
Trustwave SpiderLabs is tracking a spike in usage of the Greatness phishing kit ...
The dark side of 2023 Cybersecurity: Malware evolution and Cyber threats
January 25, 2024 | Fernando Martinez
In the ever-evolving cybersecurity landscape, 2023 witnessed a dramatic surge ...
Remote Desktop Event Log Analysis: Variations In Logging For Event ID 1029
January 22, 2024 | Sergey Gorbov
This blog covers Stroz Friedberg’s novel research and analysis of Remote ...
Apache ActiveMQ Vulnerability Leads to Stealthy Godzilla Webshell
January 18, 2024 | Rodel Mendrez
Trustwave has observed a surge in attacks exploiting vulnerabilities in Apache ...