Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

According to our most recent cloud security report, most cloud security incidents are the result of compromised credentials for either human or non-human identities. Once an attacker successfully controls an identity, such as a highly privileged user account, they can quickly move to other areas of an environment, including prevalent targets like sensitive data stores. This pattern of behavior is similar across all cloud platforms and services.

In today’s cyber attack scene, data often takes a detour – straight through hackers’ systems. Unlike phishing or ransomware, which aim to trick users into handing over credentials or stealing data directly from systems, a Man-in-the-Middle (MitM) attack involves an unseen intermediary trying to fool each of two parties into thinking he’s the other one, capturing and/or altering information communicated between the parties, etc.

Storm-0940 is a Chinese advanced persistent threat (APT) group that has operated since at least 2021, although some evidence suggests involvement in earlier incidents. Known for its complex cyber espionage tactics, this group primarily targets government agencies, military organizations, and critical infrastructure to gain intelligence for political and military advantage. Leveraging an arsenal of techniques ranging from spear-phishing to exploiting software vulnerabilities.

The newly released single largest analysis of cyber attacks across all of 2023 show a strong tie between the use of phishing and techniques designed to gain credentialed access. I’ve stood on the “phishing is a problem” soapbox for many years, attempting to focus the attention of cybersecurity teams on the single largest problem within the organization: the employees that fall for social engineering tactics time and time again.

The holiday season is here, and with it comes the thrill of Black Friday deals and holiday shopping sprees. But it's not just shoppers who are gearing up – cybercriminals are ready to take advantage of the holiday rush, hoping to catch unsuspecting consumers off guard. While Trustwave generally focuses on protecting enterprises from cyberattacks and scams, we feel it’s important to help consumers, as well. After all, many people use work devices for online shopping and accessing social media.

Imagine leaving your car key at a public place, only to drop your keys when exiting the vehicle. Someone picks them up and drives away. They speed through a school zone and are caught on camera. Later, the car is used in a robbery. Now, you’re not only missing your car but also wrongly implicated in criminal activities.

Blind Cross-Site Scripting is a type of Cross-Site Scripting attack in which the injected script is executed in the context of another page and different circumstances compared to the page in which it was inserted. Blind XSS differs from regular XSS attacks as the attacker cannot see the effect of the injected script in his or her browser since the script is executed in a place that the attacker can not access.

In today’s digital environment, encrypted traffic has become the norm, with over 90% of web communications now utilizing encryption. While this secures data in transit, it has become a blind spot for enterprises, enabling attackers to hide malware within encrypted channels. According to the Q3 2024 Cato CTRL SASE Threat Report, organizations that enable TLS inspection block 52% more malicious traffic than organizations than don’t.