-
CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. Go to Source
-
Lessons from a Honeypot with US Citizens’ Data
Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team was hard at work investigating potential risks and threats to the election system, from disinformation campaigns to nation-state actors looking to exploit vulnerabilities. Go to Source
-
Hooked by the Call: A Deep Dive into The Tricks Used in Callback Phishing Emails
Introduction Previously, Trustwave SpiderLabs covered a massive fake order spam scheme that impersonated a tech support company and propagated via Google Groups. Since then, we have observed more spam campaigns using this hybrid form of cyberattack with varying tactics, techniques, and procedures (TTP). Between July and September, we witnessed a 140% increase in these spam campaigns. In…
-
2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector
As the holiday shopping season approaches, the 2024 Trustwave Risk Radar Report: Retail Sector reveals that cybercriminals have sharpened their tactics, utilizing ransomware and phishing attacks that exploit well-known online brands to target retailers and consumers directly. Go to Source
-
How Threat Actors Conduct Election Interference Operations: An Overview
The major headlines that arose from the three most recent US presidential election cycles illuminated the various fragilities of American election infrastructures and systems. Go to Source
-
Feline Hackers Among Us? (A Deep Dive and Simulation of the Meow Attack)
Introduction In the perpetually evolving field of cybersecurity, new threats materialize daily. Attackers are on the prowl for weaknesses in infrastructure and software like a cat eyeing its helpless prey. Go to Source
-
Weekly Update 432
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite There’s a certain irony to the Bluesky situation where people are pushing back when I include links to X. Now, where have we seen this sort of behaviour before? 🤔 When I’m relying on content…
-
Weekly Update 431
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite I fell waaay behind the normal video cadence this week, and I couldn’t care less 😊 I mean c’mon, would you rather be working or sitting here looking at this view after snowboarding through Christmas?!…
-
Weekly Update 430
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite I’m back in Oslo! Writing this the day after recording, it feels like I couldn’t be further from Dubai; the temperature starts with a minus, it’s snowing and there’s not a supercar in sight. Back…
-
“Pwned”, The Book, Is Now Available for Free
Presently sponsored by: Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite Nearly four years ago now, I set out to write a book with Charlotte and RobIt was the stories behind the stories, the things that drove me to write my most important blog posts, and…