-
Computer Users Once Again Insist ‘123456’ and ‘password’ are the Pinnacle of Cybersecurity
… At least according to a recent report posted by the password manager firm NordPass. Go to Source
-
Trustwave’s 2025 Cybersecurity Predictions: Digital Fatigue and Deepfakes
As we look ahead to 2025, the cybersecurity landscape is poised for significant shifts and challenges. Go to Source
-
Analyzing Salt Typhoon: Telecom Attacker
Unveiling Salt Typhoon: A New Wave in Cyber EspionageDiscover how this advanced Chinese-speaking threat actor targets telecom giants, using sophisticated tools like SparrowDoor and Demodex to breach and exfiltrate sensitive data. The Who, What, and Why of Salt Typhoon’s AttacksGain insights into Salt Typhoon’s history, tactics, and objectives, from their focus on tracking persons of…
-
Email Bombing: Why You Need to be Concerned
Over the last few months, the topic of email bombing has been brought to our attention multiple times, mostly queries from customers that go something like this: Go to Source
-
When User Input Lines Are Blurred: Indirect Prompt Injection Attack Vulnerabilities in AI LLMs
It was a cold and wet Thursday morning, sometime in early 2006. There I was sitting at the very top back row of an awe-inspiring lecture theatre inside Royal Holloway’s Founder’s Building in Egham, Surrey (UK) while studying for my MSc in Information Security. Back then, the lecture in progress was from the software security module. Go…
-
CVE-2024-11477: 7-Zip Flaw Allows Remote Code Execution
On November 20th, 2024, Zero Day Initiative (ZDI) researchers disclosed a critical flaw in 7-Zip. Go to Source
-
Rockstar 2FA Phishing-as-a-Service (PaaS): Noteworthy Email Campaigns
Welcome to the second part of our investigation into the Rockstar kit, please check out part one here. Go to Source
-
Rockstar 2FA: A Driving Force in Phishing-as-a-Service (PaaS)
Trustwave SpiderLabs has been actively monitoring the rise of Phishing-as-a-Service (PaaS) platforms, which are increasingly popular among threat actors. Go to Source
-
Lessons from a Honeypot with US Citizens’ Data
Prior to last week’s US Presidential Election, the Trustwave SpiderLabs team was hard at work investigating potential risks and threats to the election system, from disinformation campaigns to nation-state actors looking to exploit vulnerabilities. Go to Source
-
2024 Trustwave Risk Radar Report: Cyber Threats to the Retail Sector
As the holiday shopping season approaches, the 2024 Trustwave Risk Radar Report: Retail Sector reveals that cybercriminals have sharpened their tactics, utilizing ransomware and phishing attacks that exploit well-known online brands to target retailers and consumers directly. Go to Source