logo
#

Latest news with #Trustwave

LevelBlue to Acquire Trustwave, Becoming Largest Pure-Play Managed Security Services Provider
LevelBlue to Acquire Trustwave, Becoming Largest Pure-Play Managed Security Services Provider

Business Wire

timea day ago

  • Business
  • Business Wire

LevelBlue to Acquire Trustwave, Becoming Largest Pure-Play Managed Security Services Provider

DALLAS--(BUSINESS WIRE)-- LevelBlue, a global leader in cloud-based, AI-driven managed security services (MSS), has signed a definitive agreement to acquire Trustwave, a global provider of cybersecurity and managed detection and response (MDR) services from the MC 2 Security Fund (MC 2), a private equity fund sponsored by The Chertoff Group, an internationally recognized security and growth advisory firm. This strategic acquisition complements LevelBlue's recent agreement to acquire Aon's cybersecurity consulting business, formerly known as Stroz Friedberg, and further strengthens the company's market leadership, uniting two leading Managed Security Service Providers (MSSPs) to deliver unparalleled cybersecurity outcomes through a comprehensive and expanded suite of services designed to stay ahead of the rapidly evolving threat landscape. The acquisition will create the largest pure-play MSSP in the industry. The acquisition will integrate LevelBlue's extensive expertise in strategic risk management and cybersecurity infrastructure with Trustwave's Fusion Platform and cloud-native MDR service that provides 24/7 cybersecurity protection for organizations worldwide. The merged capabilities provide enterprises with unprecedented visibility and control over how security resources are provisioned, monitored, and managed across any environment, strengthening overall cyber resilience. The combined portfolios will also establish a strategically unified cybersecurity managed defense platform, supported by LevelBlue's AI threat detection platform and elite SpiderLabs' threat research and intelligence capabilities, safeguarding critical assets across cloud, hybrid, and on-premises environments. Earlier this year, Trustwave became the first pure-play MDR service provider to attain full authorized status by the Federal Risk and Authorization Management Program (FedRAMP). This prestigious achievement, along with Trustwave's StateRAMP authorization, positions LevelBlue to meet the Department of Defense's stringent 'US eyes only' requirement for the Defense Industrial Base and Cybersecurity Maturity Model Certification (CMMC) for MDR services across federal, state, and local government markets. 'The acquisition of Trustwave represents a pivotal moment for LevelBlue and the cybersecurity industry," said Robert McCullen, Chairman and CEO of LevelBlue. 'Trustwave's extensive expertise in managed detection and response services, combined with its unparalleled threat intelligence from SpiderLabs and mission-critical FedRAMP and StateRAMP authorizations, perfectly aligns with our vision to deliver simplified and powerful cybersecurity protection to organizations. This strategic move reflects our commitment to delivering better cybersecurity outcomes to our customers and enhances our global go-to-market capabilities, as well as in the U.S. federal, state, and local government markets.' "We're thrilled to partner with LevelBlue to drive our next phase of growth and unlock even greater cyber value for our clients,' said Trustwave CEO Eric Harmon. 'The threat landscape continues to evolve at an increasingly rapid pace. This announcement reinforces Trustwave's market leadership, and together with LevelBlue, positions us to further strengthen our combined leadership position, bolster our offensive and defensive security portfolio, and drive additional innovation to further safeguard and fortify our clients against disruptive and damaging cyber threats.' Based in Chicago, IL with worldwide operations, Trustwave is comprised of more than 1,000 security-focused professionals and is an analyst-recognized leader in managed detection and response, managed security services, cybersecurity advisory services, penetration testing, database security, and email security. The elite Trustwave SpiderLabs team delivers industry-leading threat research, intelligence, and threat hunting, all of which are integrated into Trustwave's services and products to enhance cyber resilience in an era of unavoidable cyberattacks. 'Two longtime leaders in MSS and MDR coming together signals market maturation and industry consolidation, but also a powerhouse opportunity,' said Christina Richmond, Principal Analyst at Richmond Advisory Group. 'Trustwave's SpiderLabs team and Fusion platform integrated with LevelBlue's threat intelligence and machine learning capabilities, backed by the Open Threat Exchange (OTX), will enhance threat detection and response on a cloud-based platform. Add in the recently announced acquisition of Aon's Cybersecurity and Intellectual Property Litigation consulting groups, and the potential for a full-service global cybersecurity and risk management firm is apparent.' "Joining forces with LevelBlue marks an exciting new chapter for Trustwave and our clients," said Chad Sweet, Chairman of Trustwave and Co-Founder of The Chertoff Group / MC 2. 'The combination of LevelBlue's AI threat detection and Trustwave's FedRAMP and StateRAMP authorized Fusion Intelligent Security Operations Platform enables leading-edge cybersecurity protection for enterprises and government clients." This acquisition is a critical part of LevelBlue's broader strategy to merge the best organizations with its capabilities, providing superior outcomes for clients. This portfolio consolidation is strategically designed to address the increasing demand for more comprehensive and integrated managed cybersecurity solutions, which positions LevelBlue to become the largest independent, pure-play MSSP globally. 'FedRAMP and StateRAMP certified managed detection and response capabilities are an exciting expansion to LevelBlue's managed security services,' added Shawn Hakl, Head of AT&T Business Products. 'This business combination positions LevelBlue as a strategic provider of cybersecurity services in AT&T's portfolio, especially to our valued federal customers.' Santander is serving as financial advisor and Kirkland & Ellis LLP is serving as legal advisor to LevelBlue. Guggenheim Securities is serving as financial advisor and Pillsbury Winthrop Shaw Pittman is serving as legal advisor to Trustwave. The Chertoff Group will partner with LevelBlue to provide strategic insight to further accelerate growth across the MDR market segment. Financial terms were not disclosed, and the acquisition is subject to customary closing conditions. About LevelBlue We simplify cybersecurity through award-winning managed services, experienced strategic consulting, threat intelligence, and renowned research. Our team is a seamless extension of yours, providing transparency and visibility into security posture and continuously working to strengthen it. We harness security data from numerous sources and enrich it with artificial intelligence to deliver real-time threat intelligence; this enables more accurate and precise decision making. With a large, always-on global presence, LevelBlue sets the standard for cybersecurity today and tomorrow. We easily and effectively manage risk, so you can focus on your business. About Trustwave Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Trustwave's comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes clients' cyber investments, and improves security resilience. Trusted by thousands of organizations worldwide, Trustwave leverages its world-class team of security consultants, threat hunters, researchers, and market-leading security operations platform to decrease the likelihood of attacks and minimize potential impact. Trustwave is an analyst-recognized leader in managed detection and response (MDR), managed security services (MSS), cyber advisory, penetration testing, database security, and email security. The elite Trustwave SpiderLabs team provides industry-defining threat research, intelligence, and threat hunting, all of which are infused into Trustwave services and products to fortify cyber resilience in the age of inevitable cyber-attacks.

LevelBlue to Acquire Trustwave, Becoming Largest Pure-Play Managed Security Services Provider
LevelBlue to Acquire Trustwave, Becoming Largest Pure-Play Managed Security Services Provider

National Post

timea day ago

  • Business
  • National Post

LevelBlue to Acquire Trustwave, Becoming Largest Pure-Play Managed Security Services Provider

Article content LevelBlue Strengthens Market-Leading Managed Detection and Response Services with Advanced AI Capabilities, While Adding Prestigious FedRAMP and StateRAMP Authorizations Article content DALLAS — LevelBlue, a global leader in cloud-based, AI-driven managed security services (MSS), has signed a definitive agreement to acquire Trustwave, a global provider of cybersecurity and managed detection and response (MDR) services from the MC 2 Security Fund (MC 2), a private equity fund sponsored by The Chertoff Group, an internationally recognized security and growth advisory firm. This strategic acquisition complements LevelBlue's recent agreement to acquire Aon's cybersecurity consulting business, formerly known as Stroz Friedberg, and further strengthens the company's market leadership, uniting two leading Managed Security Service Providers (MSSPs) to deliver unparalleled cybersecurity outcomes through a comprehensive and expanded suite of services designed to stay ahead of the rapidly evolving threat landscape. The acquisition will create the largest pure-play MSSP in the industry. Article content Article content The acquisition will integrate LevelBlue's extensive expertise in strategic risk management and cybersecurity infrastructure with Trustwave's Fusion Platform and cloud-native MDR service that provides 24/7 cybersecurity protection for organizations worldwide. The merged capabilities provide enterprises with unprecedented visibility and control over how security resources are provisioned, monitored, and managed across any environment, strengthening overall cyber resilience. The combined portfolios will also establish a strategically unified cybersecurity managed defense platform, supported by LevelBlue's AI threat detection platform and elite SpiderLabs' threat research and intelligence capabilities, safeguarding critical assets across cloud, hybrid, and on-premises environments. Article content Earlier this year, Trustwave became the first pure-play MDR service provider to attain full authorized status by the Federal Risk and Authorization Management Program (FedRAMP). This prestigious achievement, along with Trustwave's StateRAMP authorization, positions LevelBlue to meet the Department of Defense's stringent 'US eyes only' requirement for the Defense Industrial Base and Cybersecurity Maturity Model Certification (CMMC) for MDR services across federal, state, and local government markets. Article content 'The acquisition of Trustwave represents a pivotal moment for LevelBlue and the cybersecurity industry,' said Robert McCullen, Chairman and CEO of LevelBlue. 'Trustwave's extensive expertise in managed detection and response services, combined with its unparalleled threat intelligence from SpiderLabs and mission-critical FedRAMP and StateRAMP authorizations, perfectly aligns with our vision to deliver simplified and powerful cybersecurity protection to organizations. This strategic move reflects our commitment to delivering better cybersecurity outcomes to our customers and enhances our global go-to-market capabilities, as well as in the U.S. federal, state, and local government markets.' Article content 'We're thrilled to partner with LevelBlue to drive our next phase of growth and unlock even greater cyber value for our clients,' said Trustwave CEO Eric Harmon. 'The threat landscape continues to evolve at an increasingly rapid pace. This announcement reinforces Trustwave's market leadership, and together with LevelBlue, positions us to further strengthen our combined leadership position, bolster our offensive and defensive security portfolio, and drive additional innovation to further safeguard and fortify our clients against disruptive and damaging cyber threats.' Article content Based in Chicago, IL with worldwide operations, Trustwave is comprised of more than 1,000 security-focused professionals and is an analyst-recognized leader in managed detection and response, managed security services, cybersecurity advisory services, penetration testing, database security, and email security. The elite Trustwave SpiderLabs team delivers industry-leading threat research, intelligence, and threat hunting, all of which are integrated into Trustwave's services and products to enhance cyber resilience in an era of unavoidable cyberattacks. Article content 'Two longtime leaders in MSS and MDR coming together signals market maturation and industry consolidation, but also a powerhouse opportunity,' said Christina Richmond, Principal Analyst at Richmond Advisory Group. 'Trustwave's SpiderLabs team and Fusion platform integrated with LevelBlue's threat intelligence and machine learning capabilities, backed by the Open Threat Exchange (OTX), will enhance threat detection and response on a cloud-based platform. Add in the recently announced acquisition of Aon's Cybersecurity and Intellectual Property Litigation consulting groups, and the potential for a full-service global cybersecurity and risk management firm is apparent.' Article content 'Joining forces with LevelBlue marks an exciting new chapter for Trustwave and our clients,' said Chad Sweet, Chairman of Trustwave and Co-Founder of The Chertoff Group / MC 2. 'The combination of LevelBlue's AI threat detection and Trustwave's FedRAMP and StateRAMP authorized Fusion Intelligent Security Operations Platform enables leading-edge cybersecurity protection for enterprises and government clients.' Article content This acquisition is a critical part of LevelBlue's broader strategy to merge the best organizations with its capabilities, providing superior outcomes for clients. This portfolio consolidation is strategically designed to address the increasing demand for more comprehensive and integrated managed cybersecurity solutions, which positions LevelBlue to become the largest independent, pure-play MSSP globally. Article content 'FedRAMP and StateRAMP certified managed detection and response capabilities are an exciting expansion to LevelBlue's managed security services,' added Shawn Hakl, Head of AT&T Business Products. 'This business combination positions LevelBlue as a strategic provider of cybersecurity services in AT&T's portfolio, especially to our valued federal customers.' Article content Santander is serving as financial advisor and Kirkland & Ellis LLP is serving as legal advisor to LevelBlue. Guggenheim Securities is serving as financial advisor and Pillsbury Winthrop Shaw Pittman is serving as legal advisor to Trustwave. The Chertoff Group will partner with LevelBlue to provide strategic insight to further accelerate growth across the MDR market segment. Financial terms were not disclosed, and the acquisition is subject to customary closing conditions. Article content About LevelBlue Article content We simplify cybersecurity through award-winning managed services, experienced strategic consulting, threat intelligence, and renowned research. Our team is a seamless extension of yours, providing transparency and visibility into security posture and continuously working to strengthen it. Article content We harness security data from numerous sources and enrich it with artificial intelligence to deliver real-time threat intelligence; this enables more accurate and precise decision making. With a large, always-on global presence, LevelBlue sets the standard for cybersecurity today and tomorrow. We easily and effectively manage risk, so you can focus on your business. Article content About Trustwave Article content Trustwave is a globally recognized cybersecurity leader that reduces cyber risk and fortifies organizations against disruptive and damaging cyber threats. Trustwave's comprehensive offensive and defensive cybersecurity portfolio detects what others cannot, responds with greater speed and effectiveness, optimizes clients' cyber investments, and improves security resilience. Trusted by thousands of organizations worldwide, Trustwave leverages its world-class team of security consultants, threat hunters, researchers, and market-leading security operations platform to decrease the likelihood of attacks and minimize potential impact. Article content Trustwave is an analyst-recognized leader in managed detection and response (MDR), managed security services (MSS), cyber advisory, penetration testing, database security, and email security. The elite Trustwave SpiderLabs team provides industry-defining threat research, intelligence, and threat hunting, all of which are infused into Trustwave services and products to fortify cyber resilience in the age of inevitable cyber-attacks. Article content Article content Article content Article content Article content Article content Article content

Tech sector faces sharp rise in AI & ransomware threats
Tech sector faces sharp rise in AI & ransomware threats

Techday NZ

time6 days ago

  • Business
  • Techday NZ

Tech sector faces sharp rise in AI & ransomware threats

New research from Trustwave highlights an increase in cyber threats facing technology organisations globally, with ransomware and AI-driven attacks on the rise. The series of reports released by the Trustwave SpiderLabs team outlines a rapidly evolving risk landscape for technology firms. According to the findings, companies in the technology sector account for 85% of all targeted ransomware incidents worldwide, with a 10% weekly increase in ransomware activity. Industry under pressure The reports detail how the technology industry's extensive integration with other sectors and fast-paced innovation have made it an appealing target for cybercriminals. Trustwave SpiderLabs analysts note that a sophisticated network of attackers is exploiting vulnerabilities ranging from supply chains to legacy systems. Ransomware operators noted in the reports, such as Ransomhub, CLOP, Akira, and Fog, have intensified their campaigns against technology firms, deploying tactics that include double extortion schemes and mass data exfiltration. The research identifies publicly exposed services, minimal year-over-year improvement in system exposure, new vulnerable ports, and outdated operating systems as ongoing points of access for attackers. AI-driven and supply chain threats One of the key trends highlighted is the use of artificial intelligence by attackers. Offensive AI is being used to craft increasingly advanced phishing emails, facilitate social engineering, and automate elements of supply chain attacks. This has led to larger and more successful campaigns by cybercriminals against technology sector targets. Supply chain attacks are another major concern noted in the reports. Cybercriminals are increasingly targeting third-party vendors, compromising continuous integration and delivery (CI/CD) pipelines, and exploiting open-source libraries. These breaches often stem from a single compromised supplier but can result in widespread and persistent security incidents for numerous technology firms. The dark web is also described as enabling a professionalised and collaborative ecosystem for attackers. Cybercriminals are monetising access and information stolen from technology companies, contributing to higher rates and values of supply chain attacks. Expert viewpoint "The technology sector's relentless pace of innovation is matched only by the creativity and determination of today's cyber adversaries. Our latest research shows that cybercriminals are not just keeping up—they're industrialising their operations, exploiting supply chains, and weaponising artificial intelligence (AI). Trustwave is committed to helping technology organisations build resilience through world-class threat intelligence, MDR, and security solutions that address the realities of a hyper-connected digital world." This statement was provided by Kory Daniels, Chief Information Security Officer at Trustwave, who emphasised the increasing professionalism and sophistication of attackers targeting the technology sector. Recommendations for technology firms The Trustwave SpiderLabs reports include several recommendations aimed at helping technology organisations bolster their defences. These suggestions centre on adopting a proactive, intelligence-led approach to cybersecurity: They encourage firms to implement robust identity and access management strategies, including multi-factor authentication and strict least-privilege policies. The reports also call for regular system inventory, risk assessment, and prompt patching of all networked devices—particularly those exposed to the public internet. Monitoring for dark web leaks and third-party supply chain risks using advanced threat intelligence tools is recommended, along with investment in AI-powered security systems capable of detecting and responding to sophisticated threats. Additionally, the reports highlight the need for ongoing employee security awareness training and the regular simulation of incident response protocols to prepare staff for potential breaches. The Trustwave research series includes the following titles: 2025 Trustwave Risk Radar Report: Technology sector, Technology sector deep dive: AI: The double-edged sword of the technology industry, and Technology industry deep dive: Dark web-powered supply chain attacks. Findings from the reports suggest that cybercriminals are not only broadening their reach, but also refining their tactics through the adoption of new technologies and collaborative practices. This, according to Trustwave, requires an equally sophisticated and comprehensive response from technology organisations seeking to reduce their exposure to risk and disruption.

Cybercrime surge hits technology sector as AI & supply chain attacks rise
Cybercrime surge hits technology sector as AI & supply chain attacks rise

Techday NZ

time7 days ago

  • Business
  • Techday NZ

Cybercrime surge hits technology sector as AI & supply chain attacks rise

New research has detailed how cybercriminals are increasingly targeting technology companies, leveraging advanced technologies and dark web marketplaces to intensify the impact of their attacks across global industries. The latest threat intelligence series from Trustwave details how both the pace and sophistication of cyber threats facing the technology sector have increased, with attackers now utilising supply chain vulnerabilities, artificial intelligence (AI), and stolen credentials to gain access to broader digital ecosystems. Supply chain attacks Trustwave's analysis reveals that access to sensitive components—such as GitLab API keys—can be sold on the dark web for up to USD $1,400, with such credentials marketed specifically for use in supply chain attacks. The report also highlights that credentials harvested through infostealers are actively traded and weaponised by attackers, providing a route to infiltrate technology providers with the aim of moving laterally across entire supply chains and partner networks. Instead of simply targeting individuals with stolen logins, cybercriminals are utilising these credentials to access wider digital infrastructures. Once inside, they are able to traverse interconnected services and platforms, opening potential backdoors into multiple organisations. Rise in ransomware targeting tech companies Trustwave SpiderLabs found that ransomware activity is increasingly focusing on technology vendors, with 85 percent of ransomware incidents in early 2025 impacting this sector, as opposed to end-user companies. Prominent ransomware groups such as Ransomhub, CLOP, Akira, and Fog have intensified their campaigns, driving a 10 percent weekly increase in attacks against technology organisations worldwide. The report notes that these attacks often feature double extortion tactics and mass data exfiltration, primarily affecting software, cloud, and infrastructure providers. Attacks exploiting third-party dependencies, CI/CD (continuous integration and continuous deployment) pipelines, and open-source libraries have also led to widespread breaches, sometimes originating from just a single compromised vendor. Legacy systems and public exposure Publicly exposed services remain a persistent risk, with minimal changes in overall exposure year-on-year. However, the continued use of legacy operating systems and new, vulnerable network ports are providing ongoing opportunities for threat actors to gain footing in technology environments. Weaponisation of AI The research indicates that offensive AI is enabling cybercriminals to craft more effective phishing campaigns, social engineering threats, and supply chain attacks. This increase in sophistication is reflected in both the scale and success rate of cyber intrusions targeting technology firms. Professionalisation of cybercrime The dark web is underpinning a professional and collaborative cybercriminal ecosystem, with attackers monetising data and access obtained from successful breaches. The increasing value and frequency of supply chain attacks are being driven by this underground marketplace, as criminal groups work together to amplify their reach. "The technology sector's relentless pace of innovation is matched only by the creativity and determination of today's cyber adversaries. Our latest research shows that cybercriminals are not just keeping up—they're industrializing their operations, exploiting supply chains, and weaponizing AI," said Kory Daniels, CISO at Trustwave. "Trustwave is committed to helping technology organizations build resilience through world-class threat intelligence, MDR, and security solutions that address the realities of a hyper-connected digital world." Trustwave's reports, including the 2025 Risk Radar Report: Technology Sector and research supplements on AI threats and dark web supply chain attacks, offer a comprehensive look at these evolving risks. Recommendations for technology organisations Trustwave SpiderLabs has issued several recommendations for technology firms to better protect themselves in this hostile environment. Organisations are urged to implement robust identity and access controls—such as multi-factor authentication and least-privilege policies—and to maintain regular inventories, assessments, and patches for all systems, particularly those exposed to the public internet. The guidance also includes ongoing monitoring for dark web leaks and third-party risk via advanced threat intelligence, investing in AI-powered security solutions to detect and counter emerging attacks, and bolstering employee readiness through ongoing security training and incident response practice. These recommendations reflect the growing recognition that technology organisations serve as a digital backbone for industries globally, making their protection critical to wider economic and operational stability in the face of sustained cyber threats.

Another warning for the US on Iran and Israel ceasefire collapse: Hackers may go back to work on ....
Another warning for the US on Iran and Israel ceasefire collapse: Hackers may go back to work on ....

Time of India

time25-06-2025

  • Business
  • Time of India

Another warning for the US on Iran and Israel ceasefire collapse: Hackers may go back to work on ....

Hackers aligned with Iran have reportedly launched cyberattacks on U.S. banks, defense contractors, and oil companies in response to American strikes on Iranian nuclear facilities, but these efforts have not yet caused significant disruptions to critical infrastructure or the economy. According to a report by news agency AP, hackers backing Tehran have targeted U.S. banks, defense contractors and oil industry companies following American strikes on Iranian nuclear facilities — but so far have not caused widespread disruptions to critical infrastructure or the economy. However, experts warn that a collapse of the ceasefire between Iran and Israel, or actions by independent pro-Iranian hacking groups, could escalate the digital conflict. "If the ceasefire breaks down, we could see more aggressive cyberattacks," said Arnie Bellini, a tech entrepreneur and CEO of Bellini Capital, as quoted by AP. Bellini emphasized that cyberattacks are far less costly than traditional warfare, highlighting America's vulnerability due to its reliance on digital systems. "We're militarily dominant, but digitally, we're like Swiss cheese," he told the news agency. According to the report, two pro-Palestinian hacking groups claimed responsibility for targeting over a dozen U.S. aviation, banking, and oil firms with denial-of-service attacks following the strikes. The group Mysterious Team announced on Telegram, "We increase attacks from today," urging other hackers to join, per researchers at SITE Intelligence Group. by Taboola by Taboola Sponsored Links Sponsored Links Promoted Links Promoted Links You May Like Ductless Air Conditioners Are Selling Like Crazy [See Why] Keep Cool Click Here Undo The Department of Homeland Security issued a warning on June 22 about heightened Iranian cyber threats, while the Cybersecurity and Infrastructure Security Agency (CISA) urged critical infrastructure operators to remain vigilant, AP reports. Though Iran's cyber capabilities lag behind those of China or Russia, it has a history of using cyberattacks for espionage and disruption, often acting as a "chaos agent," according to Ziv Mador of Trustwave's SpiderLabs. Independent hacker groups, some loosely tied to Iranian agencies, pose a persistent threat. The report notes that Trustwave has identified over 60 such groups, capable of causing economic and psychological damage, as seen in past attacks like the 2023 hack of an Israeli emergency alert app falsely warning of a nuclear missile. Iran may also intensify efforts to spy on U.S. leaders, claims the AP report, citing last year's charges against three Iranian operatives for attempting to hack Donald Trump's campaign. "They're likely focusing on intelligence collection to predict U.S. or Israeli moves," Jake Williams, a former NSA expert, said as quoted by the report. Experts stress the need for stronger cyber defenses. Bellini, who donated $40 million to a new cybersecurity center at the University of South Florida, described the situation as a "new arms race" to AP, comparing it to "Wile E. Coyote vs. the Road Runner—a back-and-forth that never ends."

DOWNLOAD THE APP

Get Started Now: Download the App

Ready to dive into a world of global content with local flavor? Download Daily8 app today from your preferred app store and start exploring.
app-storeplay-store