Latest news with #TrustwaveSpiderLabs
Techday NZ
15-07-2025
- Business
- Techday NZ
Trustwave unveils phishing protection service for Microsoft users
Trustwave has announced the launch of Managed Phishing for Microsoft, a service designed to enhance phishing defences for organisations using Microsoft Office 365 and Defender for Office. Phishing continues to be the most reported type of cybercrime globally. Attackers are leveraging increasingly advanced, AI-powered tactics to bypass the default email security measures provided by major platforms. In response, Trustwave has developed a managed cybersecurity solution aimed at delivering continuous protection and user awareness for businesses. The new service works alongside Microsoft's built-in defences, providing additional layers of risk reduction and email security management. Features and integration The Managed Phishing for Microsoft service includes several features intended to reduce exposure to sophisticated phishing campaigns. Among these are end-to-end technology management, multi-layered detection systems, regular simulated phishing exercises, and around-the-clock threat response. Trustwave describes its technology management capabilities as providing complete setup and administration of phishing-related policies and rules. This minimises the management burden for internal IT teams, allowing them to focus on other priorities. The detection aspect utilises AI-driven engines, supported by Trustwave SpiderLabs threat research. According to Trustwave, these capabilities reduce exposure to threats by over 99 per cent. The company also offers regular phishing simulations to strengthen employee vigilance, tailored to each organisation's unique environment. Additionally, the service provides 24/7 analysis, investigation, and response to suspected phishing emails, including those that advance beyond Microsoft's inbuilt protections. Continuous reporting is also supplied, with intelligence on user behaviour and attack trends. Trustwave's cybersecurity specialists offer actionable recommendations to help clients adapt to evolving threats. The service is designed for seamless integration with existing Microsoft environments, with a focus on unlocking further value from Microsoft E5 investments by providing proactive protection and threat intelligence. Industry perspective Phishing attacks are growing both in volume and sophistication, putting tremendous pressure on organisations to protect their users. Our Managed Phishing for Microsoft service empowers organisations to maximise their Microsoft security investments while closing critical gaps with advanced detection, rapid response, and ongoing user education. This comment was made by Jesse Emerson, Senior Vice President of Product Management & Solutions Engineering at Trustwave, on the launch of the new service. Data from law enforcement and cybersecurity firms suggest that phishing remains a persistent challenge for enterprises and public sector entities globally. Attackers are increasingly using automation and personalisation, aiming to deceive end-users and overcome conventional security controls. Threat landscape Trustwave's SpiderLabs threat research team continues to track rapid changes in the tactics employed by phishing operators. Many phishing campaigns now employ AI tools to increase success rates and evade legacy email filters or basic security rules. The company states that its Managed Phishing for Microsoft service is intended to address gaps that exist in native email security product deployments. It seeks to offer a more comprehensive solution through a combination of technology, security expertise, and employee awareness. Regular phishing simulations delivered as part of the service are tailored to an organisation's specific business environment, aiming to create ongoing awareness and a stronger culture of vigilance among employees. Ongoing analysis Organisations that subscribe to the service receive ongoing analysis of user behaviour and the latest attack trends. This, Trustwave says, enables clients to adapt to the changing threat landscape and further reduce their cyber risk exposure. By expanding on the native functionality of Microsoft Office 365 and Defender for Office, the Managed Phishing for Microsoft service is intended to help organisations improve their incident response capabilities and lower the likelihood of successful phishing incidents.
Techday NZ
27-06-2025
- Business
- Techday NZ
Tech sector faces sharp rise in AI & ransomware threats
New research from Trustwave highlights an increase in cyber threats facing technology organisations globally, with ransomware and AI-driven attacks on the rise. The series of reports released by the Trustwave SpiderLabs team outlines a rapidly evolving risk landscape for technology firms. According to the findings, companies in the technology sector account for 85% of all targeted ransomware incidents worldwide, with a 10% weekly increase in ransomware activity. Industry under pressure The reports detail how the technology industry's extensive integration with other sectors and fast-paced innovation have made it an appealing target for cybercriminals. Trustwave SpiderLabs analysts note that a sophisticated network of attackers is exploiting vulnerabilities ranging from supply chains to legacy systems. Ransomware operators noted in the reports, such as Ransomhub, CLOP, Akira, and Fog, have intensified their campaigns against technology firms, deploying tactics that include double extortion schemes and mass data exfiltration. The research identifies publicly exposed services, minimal year-over-year improvement in system exposure, new vulnerable ports, and outdated operating systems as ongoing points of access for attackers. AI-driven and supply chain threats One of the key trends highlighted is the use of artificial intelligence by attackers. Offensive AI is being used to craft increasingly advanced phishing emails, facilitate social engineering, and automate elements of supply chain attacks. This has led to larger and more successful campaigns by cybercriminals against technology sector targets. Supply chain attacks are another major concern noted in the reports. Cybercriminals are increasingly targeting third-party vendors, compromising continuous integration and delivery (CI/CD) pipelines, and exploiting open-source libraries. These breaches often stem from a single compromised supplier but can result in widespread and persistent security incidents for numerous technology firms. The dark web is also described as enabling a professionalised and collaborative ecosystem for attackers. Cybercriminals are monetising access and information stolen from technology companies, contributing to higher rates and values of supply chain attacks. Expert viewpoint "The technology sector's relentless pace of innovation is matched only by the creativity and determination of today's cyber adversaries. Our latest research shows that cybercriminals are not just keeping up—they're industrialising their operations, exploiting supply chains, and weaponising artificial intelligence (AI). Trustwave is committed to helping technology organisations build resilience through world-class threat intelligence, MDR, and security solutions that address the realities of a hyper-connected digital world." This statement was provided by Kory Daniels, Chief Information Security Officer at Trustwave, who emphasised the increasing professionalism and sophistication of attackers targeting the technology sector. Recommendations for technology firms The Trustwave SpiderLabs reports include several recommendations aimed at helping technology organisations bolster their defences. These suggestions centre on adopting a proactive, intelligence-led approach to cybersecurity: They encourage firms to implement robust identity and access management strategies, including multi-factor authentication and strict least-privilege policies. The reports also call for regular system inventory, risk assessment, and prompt patching of all networked devices—particularly those exposed to the public internet. Monitoring for dark web leaks and third-party supply chain risks using advanced threat intelligence tools is recommended, along with investment in AI-powered security systems capable of detecting and responding to sophisticated threats. Additionally, the reports highlight the need for ongoing employee security awareness training and the regular simulation of incident response protocols to prepare staff for potential breaches. The Trustwave research series includes the following titles: 2025 Trustwave Risk Radar Report: Technology sector, Technology sector deep dive: AI: The double-edged sword of the technology industry, and Technology industry deep dive: Dark web-powered supply chain attacks. Findings from the reports suggest that cybercriminals are not only broadening their reach, but also refining their tactics through the adoption of new technologies and collaborative practices. This, according to Trustwave, requires an equally sophisticated and comprehensive response from technology organisations seeking to reduce their exposure to risk and disruption.
Techday NZ
26-06-2025
- Business
- Techday NZ
Cybercrime surge hits technology sector as AI & supply chain attacks rise
New research has detailed how cybercriminals are increasingly targeting technology companies, leveraging advanced technologies and dark web marketplaces to intensify the impact of their attacks across global industries. The latest threat intelligence series from Trustwave details how both the pace and sophistication of cyber threats facing the technology sector have increased, with attackers now utilising supply chain vulnerabilities, artificial intelligence (AI), and stolen credentials to gain access to broader digital ecosystems. Supply chain attacks Trustwave's analysis reveals that access to sensitive components—such as GitLab API keys—can be sold on the dark web for up to USD $1,400, with such credentials marketed specifically for use in supply chain attacks. The report also highlights that credentials harvested through infostealers are actively traded and weaponised by attackers, providing a route to infiltrate technology providers with the aim of moving laterally across entire supply chains and partner networks. Instead of simply targeting individuals with stolen logins, cybercriminals are utilising these credentials to access wider digital infrastructures. Once inside, they are able to traverse interconnected services and platforms, opening potential backdoors into multiple organisations. Rise in ransomware targeting tech companies Trustwave SpiderLabs found that ransomware activity is increasingly focusing on technology vendors, with 85 percent of ransomware incidents in early 2025 impacting this sector, as opposed to end-user companies. Prominent ransomware groups such as Ransomhub, CLOP, Akira, and Fog have intensified their campaigns, driving a 10 percent weekly increase in attacks against technology organisations worldwide. The report notes that these attacks often feature double extortion tactics and mass data exfiltration, primarily affecting software, cloud, and infrastructure providers. Attacks exploiting third-party dependencies, CI/CD (continuous integration and continuous deployment) pipelines, and open-source libraries have also led to widespread breaches, sometimes originating from just a single compromised vendor. Legacy systems and public exposure Publicly exposed services remain a persistent risk, with minimal changes in overall exposure year-on-year. However, the continued use of legacy operating systems and new, vulnerable network ports are providing ongoing opportunities for threat actors to gain footing in technology environments. Weaponisation of AI The research indicates that offensive AI is enabling cybercriminals to craft more effective phishing campaigns, social engineering threats, and supply chain attacks. This increase in sophistication is reflected in both the scale and success rate of cyber intrusions targeting technology firms. Professionalisation of cybercrime The dark web is underpinning a professional and collaborative cybercriminal ecosystem, with attackers monetising data and access obtained from successful breaches. The increasing value and frequency of supply chain attacks are being driven by this underground marketplace, as criminal groups work together to amplify their reach. "The technology sector's relentless pace of innovation is matched only by the creativity and determination of today's cyber adversaries. Our latest research shows that cybercriminals are not just keeping up—they're industrializing their operations, exploiting supply chains, and weaponizing AI," said Kory Daniels, CISO at Trustwave. "Trustwave is committed to helping technology organizations build resilience through world-class threat intelligence, MDR, and security solutions that address the realities of a hyper-connected digital world." Trustwave's reports, including the 2025 Risk Radar Report: Technology Sector and research supplements on AI threats and dark web supply chain attacks, offer a comprehensive look at these evolving risks. Recommendations for technology organisations Trustwave SpiderLabs has issued several recommendations for technology firms to better protect themselves in this hostile environment. Organisations are urged to implement robust identity and access controls—such as multi-factor authentication and least-privilege policies—and to maintain regular inventories, assessments, and patches for all systems, particularly those exposed to the public internet. The guidance also includes ongoing monitoring for dark web leaks and third-party risk via advanced threat intelligence, investing in AI-powered security solutions to detect and counter emerging attacks, and bolstering employee readiness through ongoing security training and incident response practice. These recommendations reflect the growing recognition that technology organisations serve as a digital backbone for industries globally, making their protection critical to wider economic and operational stability in the face of sustained cyber threats.
