Articles about Trustwave

Zen Cart admins: Don't skip version 1.5.5

If you missed the March 17-issued patch for shopping cart application Zen Cart, get busy, because among other things it fixed serious cross-site scripting (XSS) vulnerabilities. Trustwave, which turned up the bug last September, made it public last Friday. Zen Cart reckons the vulnerability was closed before it was exploited …

Trustwave: Here's how to earn $84,000 A MONTH as a blackhat

Exploit kit traders and ransomware slingers are in one of the most profitable industries in the world, landing a whopping 1,425 percent profit margin for raiding legitimate trade. Figures from infosec firm Trustwave show the blackhats who are enjoying what appears to be a current boom can score outrageous amounts of money by …
Darren Pauli, 10 Jun 2015
Two upended shopping trolleys in an alleyway. Photo by Cyron, licensecd under CC 2.0

Bank-card-sniffing shop menace Punkey pinned down in US Secret Service investigation

Security researchers have identified a new strain of point-of-sale (POS) malware during an investigation led by the US Secret Service. Stolen payment card information and the IP addresses of more than 75 infected sales tills were found by security researchers at Trustwave during the probe. It's unclear how many victims the so- …
John Leyden, 16 Apr 2015

Trustwave's off to Singapore as Singtel slurps security company

Singapore's dominant telco and aspiring services player, Singtel, has acquired Trustwave for about US$810m. Trustwave offers managed security services and the SpiderLabs ethical hacking research outfit, plus a range of network, content and endpoint security products. The company operates in 26 nations and has 1,200 people on …
HMRC

Security vendor's blog post pinched to make HMRC phish look legit

Netcraft has found that security firm TrustWave inadvertently gave phishers a helping hand. The situation starts in this December 2010 blog post by Gavin Neale of M86 Security Labs, a company since acquired by TrustWave. Until Wednesday, that post included an image of a faked email from UK taxation agency HM Revenue and …
Simon Sharwood, 13 Mar 2015
management strategy2

Insight Enterprises grabs Trustwave EMEA marketing director

Insight Enterprises has raided Trustwave's reservation and made off with EMEA marketing director Jill Murray, El Chan can reveal. She is not a direct replacement for Ashley Gatehouse, who ran Insight's marketing activities across mainland Europe and the UK until last year, as her remit will cover only Blighty. Sources told us …
Paul Kunert, 14 May 2014

Banks lob sueball at Trustwave, Target over breach

A group of banks has filed a class action lawsuit against Target over its recent data breach, and has named security company Trustwave as a co-defendant. The late-2013 security breach resulted in at least 40 million customers' credit cards being compromised, after a Maryland contractor's systems provided a bridge into the …
Bitcoin bloodbath

Pony up: Botnet succesfully targets Bitcoin

Another $US200,000-plus worth of Bitcoins has been lifted, according to Trustwave, which has identified a new Pony botnet targeting crypto-currencies. News of the heist comes hard on the heels of Mt Gox withdrawing from the Bitcoin foundation and killing off its social media accounts. Pony isn't a horse of a completely …
Iphone_hard_case

Put down that iPad! Snoopware RECORDS your EVERY gesture, TAP on iOS, Android

A security researcher has developed a proof-of-concept malware capable of capturing the actions of users on touchscreen devices. Senior security consultant Neal Hindocha and his colleagues at Trustwave were able to brew up similar strains of prototype malicious code for both rooted Android and jailbroken iOS devices. The line …
John Leyden, 5 Feb 2014

Trustwave gobbles up Application Security, gorges itself on tech

Data security biz Trustwave has acquired fellow data security provider Application Security, a startup that specialises in automated database security scanning technologies. Financial terms of the deal, announced on Monday, were undisclosed. Privately-held Application Security develops security software for relational …
John Leyden, 12 Nov 2013
toilet

Posh potty owners flushed by dodgy Bluetooth password

A high-tech toilet that takes care of everything except wiping its owner has been left wide open to attackers thanks to a basic security flaw. toilet Bluetooth blunder leaves bollocks prone to blasting The Satis toilet, a $5,686 (£3,821) appliance built by Japanese (of course) manufacturer Lixil, is designed to open itself …
Iain Thomson, 5 Aug 2013
The Register breaking news

Bank Trojan crooks trouser £800k from 30,000 Brits

Analysis Trustwave SpiderLabs has revealed how criminals stole more than £800,000 (€1m) from UK bank accounts using the Zeus Windows PC malware. The scam - which ran from June to November last year - targeted customers of six banks in Britain. It began with a flurry of emails that tricked marks into clicking on a link to a fake …
John Leyden, 5 Jul 2012
The Register breaking news

Users still slack about passwords: Trustwave

Trustwave's SpiderLabs has completed an analysis of the passwords dumped on the Internet in this month’s eHarmony breach, and reached the depressing conclusion that too few people really seem to care about password strength. Having recovered 80 percent of the 1.5 million passwords in the dump file, the company says only 0.5 …
The Register breaking news

Secure cloud biz Trustwave equips M86 anti-malware guns

Cloud-security firm Trustwave has bought web security and anti-malware firm M86 Security. Financial terms of the acquisition, announced Tuesday, were undisclosed. Trustwave said the deal allowed it to add web security to its portfolio of compliance, application, network and data security products and services. It promised that …
John Leyden, 7 Mar 2012
The Register breaking news

Trustwave to escape 'death penalty' for SSL skeleton key

Analysis Trustwave's admission that it issued a digital "skeleton key" that allowed an unnamed private biz to spy on SSL-encrypted connections within its corporate network has sparked a fiery debate about trust on the internet. Trustwave, an SSL certificate authority, confessed to supplying a subordinate root certificate as part of an …
John Leyden, 14 Feb 2012
The Register breaking news

Trustwave admits crafting SSL snooping certificate

Certificate Authority Trustwave has revoked a digital certificate that allowed one of its clients to issue valid certificates for any server, thereby allowing one of its customers to intercept their employees' private email communication. The skeleton-key CA certificate was supplied in a tamper-proof hardware security module ( …
John Leyden, 9 Feb 2012

Create a news alert about Trustwave, or find more stories about Trustwave.

Biting the hand that feeds IT © 1998–2017