2303 matches found
This Week in Security News: IoT Threats and Risks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threats and risks to complex IoT environments. Also, learn about new security challenges and risks the food production...
2019 Security Predictions Report Released
What Makes For Really Good Security Predictions Each year Trend Micro releases its annual Security Predictions Report. Good security predictions are very difficult to develop, and companies and consumers need to be selective about the security advice they take. What makes a good security...
Beyond Catching Sender Spoofing – using AI to stop email fraud and Business Email Compromise
In September, we announced our new email security technologies powered by XGen™ and a new product, Smart Protection for Office 365. One key technology introduced was our new AI based Email fraud, or Business Email Compromise BEC, detection technique. A user receiving a BEC email will have a...
Cybersecurity in the Workplace is Everybody’s Business
What can individual users do to preserve cybersecurity at work? Your organization is spending on cybersecurity tools, you have an awareness program, and if you look you will find that there are standards and procedures for choosing and maintaining products to help keep information secure. But wha...
Endpoint isn’t the best place to block threats
Hackers often look for a number of ways to target business users, compromise critical systems and get away with sensitive information or money. These attacks can come from email and web sources, and even infect business endpoints. According to a 2015 industry survey, 73 percent of respondents...
An Established Solution for Mobile Threats
As much as smartphones and applications have evolved over the years, so has mobile malware. We’re seeing an increasing number of threats—from mobile ransomware and auto-clicking adware to dangerous backdoors that can compromise your privacy. And there are also legitimate personal applications tha...
Level up your cybersecurity journey with CLOUDSEC 2017
Beginning this month, Trend Micro will be hosting CLOUDSEC, one of the largest cybersecurity conferences across Asia-Pacific and Europe. The event features presentations and panel discussions from industry experts and thought leaders who will discuss high-level strategies, forward looking securit...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry...
Using Zoom? Here’s how to keep your business and employees safe
Cyber-criminals are always looking for new opportunities to make money and steal data. Globally trending events are a tried-and-tested way of doing just this, and they don’t come much bigger than the current Covid-19 pandemic. It’s sparking a wave of phishing, BEC, extortion, ransomware and data...
Is My Mac Secure from Malware and Viruses?
Do you own a Mac? If so, you might have the common perception that they’re more secure from internet threats than Windows PCs. Unfortunately, this isn’t the case. The truth is that Macs have historically not been targeted by hackers as frequently as Windows systems, simply because there were fewe...
Cyber Insurance Rates to Rise – What Should I Do?
Organizations manage risk in three ways: they accept it, they take out insurance against it, or they take active measures to diminish its potential impact. These active measures commonly include deploying or enhancing or removing technology, updating policies and procedures, instituting training...
Decoding Water Sigbin's Latest Obfuscation Tricks
Water Sigbin aka the 8220 Gang exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against...
CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages PKG files...
MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639
We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation...
The Economics of XDR
Pulling from recent data and research, security experts discuss the value that organizations have seen from adopting extended detection and response XDR solutions...
Threat Actors Exploit Misconfigured Apache Hadoop YARN
We look into how threat actors are exploiting Apache Hadoop YARN, a part of the Hadoop framework that is responsible for executing tasks on the cluster. This analysis covers the payloads deployed, the tactics used in the attacks, and basic recommendations for strengthening cloud security...
Trend Micro’s Top Ten MITRE Evaluation Considerations
The introduction of the MITRE ATT&CK evaluations is a welcomed addition to the third-party testing arena. The ATT&CK framework, and the evaluations in particular, have gone such a long way in helping advance the security industry as a whole, and the individual security products serving the market...
Warning! Windows 10 Fake Update is Actually Ransomware
Microsoft never sends updates via email. Many folks don’t know that, which is why a new ransomware campaign masquerading as a Windows 10 update is so pernicious. You may have already gotten a fake notice saying “Install Latest Microsoft Update Now!” Or “Critical Microsoft Windows Update!”, with t...
How To Be An Informed Skeptic About Security Predictions
It doesn’t take a wily prediction to see that the cycles of tech procurement and planning are increasingly compressed. In enterprise IT, the two largest forces at play are business changes and technology changes. These two major forces are somewhat independent; a lot of tech change happened durin...
This Week in Security News: Pwn2Own Adds Industrial Control Systems to Hacking Contest and Cyber Crooks Target ESports
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Among news from this week, learn about Pwn2Own’s new hacking contest that will take place in Miami next year. Also, as October was Cybersecurity...
30 Years of Trend Micro
This year marks 30 years of Trend Micro. That’s three decades of working to make the world safe for exchanging digital information in a constantly changing technology and cyber threat environment. Our founders often reference the humble beginnings of the company – starting from a garage in...
Data Privacy in the Age of IoT
On Data Privacy Day, January 28th, we should have all taken a few moments to think more carefully about safeguarding our personal data, staying safe online, and improving our privacy habits. Just what does that mean in the age of IoT — the Internet of Things? In previous years, cyber threats most...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of November 6, 2017
I started a 14-day detox this week that eliminates common food allergens and hormones. It’s going to be two weeks of no fun, but it’s good to give your body a little reset. Plus, I’ll be done just in time for the Thanksgiving holiday. Eliminating toxins from your body can be compared to eliminati...
Bargains and brotherhood: The underground Digital Souks of the Middle East
The release of our report “Digital Souks: A glimpse into the Middle Eastern and North African underground” marks the 12th in our Cybercriminal Underground Economy Series CUES. Having previously published several papers covering the Japanese, French, German, North American, Chinese, Russian and...
New Collaboration with Adobe and MAPP
Collaboration with industry partners is helping secure the digital world by distributing Trend Micro vulnerability information to security vendors more quickly so they can enhance protection for their customers...
Tax Scams – Everything you need to know to keep your money and data safe
Tax season has always been a pretty nerve-wracking time for hard-working Americans. But over the years, technology advances have arrived to gradually make the process a bit easier. The bad news is that they can also introduce new cyber risks and even more stress. There are two things that...
21 Tips to Stay Secure, Private, and Productive as You Work from Home on Your Mac
Nowadays, Macs are part of the work-from-home workforce during the COVID-19 pandemic. If you’ve brought a Mac from the office to home, it’s likely your IT department has already set it up to meet your company’s security policies. But what if you’re enlisting a Mac already at home to do duty for...
This Week in Security News: December Patch Tuesday Updates and Retail Cyberattacks Set to Soar 20 Percent During 2019 Holiday Season
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about the threat campaign Waterbear and how it uses API hooking to evade security product detection. Also, read about December Patch...
This Week in Security News: Trend Micro Selected as Launch Partner for AWS Ingress Routing Service and Stalkerware on the Rise
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about stalkerware and why it’s on the rise. Also, read about Trend Micro’s selection as a launch partner for the new Amazon Virtual...
There She Breaches! Watch Out For Your Identity Data!
Data breaches keep on coming. Here’s what you can do to stay ahead of the hackers Money makes the world go around. It’s the glue that holds our society together and the engine that drives our economy. But it’s also coveted by a growing global population of highly resourceful and determined...
Customer Perspective: Catching the thief lurking in the shadows with EDR and MDR
A guest blog by Ian Loe, Senior Vice President, Cybersecurity, NTUC Enterprise Co-operative Limited News flash: aided by time, persistence and smarts, advanced cybersecurity felons are leapfrogging traditional security systems to compromise confidential data. Realising this, we at NTUC Enterprise...
The GDPR is Coming: We Shed Light on What’s Still Not Working
On May 25, the biggest shake-up to Europe’s data protection laws in almost a generation will finally take effect, after years of planning. For any US organization handling data on EU citizens, including service providers, it means you could face hefty fines of up to €20m $24.7m or 4% of global...
Why Stand-Alone IDPS Matters More Than Ever, and the 2018 Gartner Magic Quadrant
First, What is IDPS and Why Do We Care? Intrusion Prevention Systems IPS emerged as an improvement on Intrusion Detection Systems IDS. IDS are out-of-band collectors of network traffic that analyze the information and provide alerts. The “eureka” of IPS was that instead of just alerting, why not...
Agenda Ransomware Propagates to vCenters and ESXi via Custom PowerShell Script
This blog entry discusses the Agenda ransomware group's use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers...
This Week in Security News: Ransomware Gang is Raking in Tens of Millions of Dollars and Microsoft Patch Tuesday Update Fixes 17 Critical Bugs
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about a ransomware group that walked away with 2,200 Bitcoin: More than $33 million based on the current Bitcoin exchange rate. Also, read...
Is Cloud Computing Any Safer From Malicious Hackers?
Cloud computing has revolutionized the IT world, making it easier for companies to deploy infrastructure and applications and deliver their services to the public. The idea of not spending millions of dollars on equipment and facilities to host an on-premises data center is a very attractive...
Four Reasons Your Cloud Security Is Keeping You Up At Night
We are excited to introduce guest posts from our newest Trenders from Cloud Conformity, now Trend Micro Cloud One – Conformity. More insights will be shared from this talented team to help you be confident and in control of the security of your cloud environments! Why your cloud security is keepi...
Celebrating Decades of Success with Microsoft at the Security 20/20 Awards
Effective collaboration is key to the success of any organization. But perhaps none more so than those working towards the common goal of securing our connected world. That’s why Trend Micro has always been keen to reach out to industry partners in the security ecosystem, to help us collectively...
This Week in Security News: Latest Cyber Risk Index Shows Elevated Risk of Cyber Attack and IoT Company Wyze Exposes Information of 2.4M Customers
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Trend Micro’s Cyber Risk Index CRI and its results showing increased cyber risk. Also, read about a data breach from IoT company...
Parental Controls – Trend Micro Home Network Security has got you covered
We continue our three-part series on protecting your home and family. If you missed our first part, you can find it here. Are your kids at that formative age when they’re beginning to use mobile devices? How about at that inquisitive age when they start to discover the wonders of the Internet? Or...
Threat Intelligence, the Dark Web and Information sharing: Supporting improved protection
There are numerous different elements and obstacles that contribute to the challenges of data protection in the current threat environment. However, a leading issue is ensuring protection against the latest, emerging attack styles and breach strategies. After all, how can an organization ensure t...
Celebrating the life of Tamir Segal
Trend Micro may be a global organization of more than 5,000 employees, but we’re also a tight-knit family. So it was with great sadness and shock that we heard of the passing of Tamir Segal, who has served as our Israel Country Manager for the past eight years. Our thoughts and prayers are with h...
Customer data & marketing operations: Keeping your data safe on the journey to GDPR compliance
Emails. Web forms. Events. Oh my! These marketing tactics are all designed to gather, store, and evolve relationships with your prospects, customers, and partners. Often times, they are the first point of contact for your organization from the outside world—and they all feed into your marketing...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Edith Wharton, Identity Theft, and the GDPR
During one of my talks for Gartner, I asked the audience, “How many of you have ever had anything stolen?” Many hands went up. Then I asked, “How did you know it was stolen?” The answers generally offered, “I looked for it, and it wasn’t there.” Data theft, and in particular identity theft, is...
The biggest ransomware threat could be in your pocket
WannaCry and NotPetya ransomware attacks in recent months have reignited concern over just how these threats occur. As a result, many leaders have reinvigorated their security efforts regarding computer vulnerabilities. However, they might be missing another big endpoint susceptible to ransomware...
Latest Batloader Campaigns Use Pyarmor Pro for Evasion
In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries...
Tutorial: How to Build Your First Node.js gRPC API
Compared to other API technologies like REST and GraphQL, gRPC is lightweight and exceptionally robust, thanks in large part to its use of protobufs. Interested in exploring how to build your own API? Read on to see how easy it is to do so with Node.js and gRPC...
Newark Releases Latest Global IoT Trends Report
The latest trend report also said that security concerns negatively impact the adoption of IoT technologies and the growth of Industry 4.0...