2304 matches found
This Week in Security News: New Bluetooth Vulnerability Exposes Billions of Devices to Hackers and Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a new security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device. Also, learn...
This Week in Security News: Security Researcher Discloses Four IBM Zero-Days After Company Refused to Patch and Trend Micro Integrates with Amazon AppFlow
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a security researcher who has published details about four zero-day vulnerabilities impacting an IBM security product after the...
This Week in Security News: 5 Reasons to Move Your Endpoint Security to the Cloud Now and ICEBUCKET Group Mimics Smart TVs to Steal Ad Money
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about 5 reasons your organization should consider moving to a cloud managed solution. Also, read about a massive online fraud operatio...
Cloud-First but Not Cloud-Only: Why Organizations Need to Simplify Cybersecurity
The global public cloud services market is on track to grow 17% this year, topping $266 billion. These are impressive figures, and whatever Covid-19 may do short-term to the macro-economy, they’re a sign of where the world is heading. But while many organizations may describe themselves as...
Trend Micro Cloud App Security Blocked 12.7 Million High-Risk Email Threats in 2019 – in addition to those detected by cloud email services’ built-in security
On March 3, 2020, the cyber division of Federal Bureau of Investigation FBI issued a private industry notification calling out Business Email Compromise BEC scams through exploitation of cloud-based email services. Microsoft Office 365 and Google G Suite, the two largest cloud-based email service...
Why Should CISOs Care About XDR?
We have been collectively saying in our industry for the last 15-20 years that a layered approach to your security stack is a “best practice,” but as with all best practices, these are ideals rather than reality for so many charged with protecting their organizations. The vast majority of CISOs a...
Is Your Baby Monitor Susceptible to Hacking?
There’s no doubt that digital technology, in many of its forms, brings everyday tasks much closer-to-hand. From discovering breaking news, to online shopping, to keeping tabs on your home via security cameras—everything is within the touch of a button. Even so, with the growing reach of the...
Why Enterprises Still Have to Worry about Eavesdropping
When one thinks about eavesdropping, a mental image of a shadowy stranger, hiding behind a corner and listening in on others' conversations may come to mind. With the rise of VoIP calling, however, enterprises became aware of digital eavesdropping that impacted their corporate business calls. Now...
This Week in Security News: Scams and Security Risks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the EU and Japan finalized an agreement enabling the cross-border transfer of data. Also, businesses are turning to machine learning to comb...
The trend toward cryptojacking: What it is and how businesses can prevent it
Digital attacks have evolved quite a bit in recent years. First, businesses and researchers observed a rash of ransomware, wherein encryption was exploited to lock users out of their data and files in an attempt to collect financial ransom. Now, the next big wave in cybercriminal strategy has com...
The Risks of Bio-IoT
Bio-IoT: Internet of Things applied to biological systems, such as pharmaceutical delivery systems, implanted medical devices, intelligent prosthetics, surgical assistants, and remote patient monitoring. IoT 2.0, with ample processing resources and OSI-conformant networking, promises vast...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Trend Micro TippingPoint 8400TX Threat Protection System Receives “Recommended” Rating from NSS Labs
Organizations today are faced with an unenviable task: meeting market demands for continuous innovation and growth while keeping key systems and data safe from a growing range of cyber threats. To add to this already monumental task, it must all be done without disrupting network performance or...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
ViperSoftX Updates Encryption, Steals Data
We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious. We also noted more sophisticated encryption and basic anti-analysis...
This Week in Security News: Microsoft Patches 120 Vulnerabilities, Including Two Zero-Days and Trend Micro Brings DevOps Agility and Automation to Security Operations Through Integration with AWS Solutions
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about one of Microsoft’s largest Patch Tuesday updates ever, including fixes for 120 vulnerabilities and two zero-days. Also, learn abo...
How to Best Secure Your Azure Container Registry
Securing your container registry is critical. Read along as we take a look at the native Microsoft® Azure® container protection in Azure Security Center versus Trend Micro Cloud One™ – Container Security to see what's best for your security needs...
Trend Micro Integrates with Amazon AppFlow
The acceleration of in-house development enabled by public cloud and Software-as-a-Service SaaS platform adoption in the last few years has given us new levels of visibility and access to data. Putting all of that data together to generate insights and action, however, can substitute one challeng...
5 reasons to move your endpoint security to the cloud now
As the world has adopts work from home initiatives, we’ve seen many organizations accelerate their plans to move from on-premises endpoint security and Detection and Response EDR/XDR solutions to Software as a Service versions. And several customers who switched to the SaaS version last year,...
Trend Micro Discloses Insider Threat Impacting Some of its Consumer Customers
We recently became aware of a security incident that resulted in the unauthorized disclosure of some personal data of an isolated number of customers of our consumer product. We immediately started investigating the situation and found that this was the result of a malicious insider threat. The...
Tips to Accelerating PCI Data Security Standard Projects with Deep Security as a Service
Does your organization need to meet PCI DSS requirements? Are you struggling with multiple security tools? Or stretching your already overstretched team to prepare for an audit? Time to hit the accelerator with Trend Micro! If your applications deal with credit or payment card data, you need to g...
This Week in Security News: Macs, Hacks and Attacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, GitHub was hacked via their official account with cryptocurrency Sycoin. Also, a phishing attack targeting trustee company HealthEquity led ...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 16, 2018
It was a crazy week at this year’s RSA Conference in San Francisco. I always try to get a quick view of the floor to see companies old and new exhibit their wares. Unfortunately, work never sleeps when you attend a conference, and the shortage of seating at this year’s event left many, including...
VPN 101 – Part 1: What You Need to Know to Stay Safe and Protect Your Privacy Online
Submitted by Brook Stein The Internet is a wonderful thing. But we all know there are also risks lurking around every corner. We want to protect ourselves from malware and identity theft, prevent third-party trackers and advertisers slurping our private information, and keep our kids safe when...
Got AV? Good Start! Now it’s Time to Protect Your Entire Family
We all know cyberspace can be a scary place. That’s why Trend Micro is here to protect your digital life with a range of comprehensive security products. But we’ve noticed that some of our customers are only protecting their main PC or Mac, leaving other devices – especially smartphones – exposed...
Is Your Security Team Setup To Fail?
The ingredients for strong cybersecurity aren’t a secret. In fact, they haven’t changed significantly over the past 20 years—the ingredients are available to almost every organization out there. On the surface, doing security isn’t that hard: | Patch quickly and frequently. Use reasonable securit...
Threat Actors Abuse claude.ai Shared Chat for ClickFix Malvertising Campaign
Cybercriminals hijacked Google Ads searches for popular AI developer tools to funnel over 2,000 victims toward malicious download pages before quietly moving their operation onto claude.ai's own platform, turning the trusted domain into a delivery mechanism for credential-stealing malware...
Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence
This blog entry will examine Trend Micro MDR team's investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group...
Rust-Based Info Stealers Abuse GitHub Codespaces
This is the first part of our security analysis of an information stealer targeting GitHub Codespaces CS that discusses how attackers can abuse these cloud services for a variety of malicious activities...
New OpcJacker Malware Distributed via Fake VPN Malvertising
We discovered a new malware, which we named “OpcJacker” due to its opcode configuration design and its cryptocurrency hijacking ability, that has been distributed in the wild since the second half of 2022...
Supply Chain Attacks from a Managed Detection and Response Perspective
In this blog entry, we will take a look at two examples of supply chain attacks that our Managed Detection and Response MDR team encountered in the past couple of months...
CVE-2021-30724: CVMServer Vulnerability in macOS and iOS
We discovered a vulnerability in macOS, iOS, and iPadOS rooted in the CVMServer. The vulnerability, labeled CVE-2021-30724, can allow threat actors to escalate their privilege if exploited...
Are IoT Threats Discussed In The Cybercriminal Underground?
With IoT devices expected to reach tens of billions in the next few years, is it any wonder that cybercriminals are looking for ways to take advantage of this massive attack surface to generate illicit money? A number of Trend Micro researchers from around the globe decided to look into this and...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
NCSA Small Business Webinar Series
Working from home? How do you keep your employees cyber-safe and cyber-secure? How do you protect your reputation, profit, and cash flow when you depend on your IT infrastructure as never before? The National Cyber Security Alliance is hosting a series of webinars for small business owners, and...
This Week in Security News: Ransomware Campaigns and Cryptocurrency Miners
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about three different ransomware campaigns that caused havoc in different public sectors. Also, read how threat actors are infecting...
This Week in Security News: Facebook and Faxploits
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, Facebook removed 652 fake accounts originating from Russia and Iran. Also, Microsoft identified and removed fake internet domains that...
Simplifying and Prioritizing Advanced Threat Response Measures
I had to go to the doctor the other day because I was miserable and sick. I don’t like going to the doctor so I waited until my stuffy nose and congestion turned into a full blown sinus infection. The doctor said this thing was going around, and I should be better in a few day with my prescriptio...
How Do I Make My Windows 10 Computer Run Faster? (Part 1)
We’ve all been there. You get your shiny home PC or laptop back from the store and unboxed and everything is perfect. It runs like a dream: starting up quickly, speeding you through internet searches and web browsing, and applications open in the blink of an eye. But then over the following month...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of February 26, 2018
Pwn2Own 2018 is coming up in a couple of weeks and I am excited to see what interesting vulnerabilities will pop up at the contest. I attempted to explain the contest to my mom, and in the simplest terms, I told her that Pwn2Own is a contest where contestants are rewarded for breaking something...
This Week in Security News: Meltdowns and Hijacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, we saw discussions on the vulnerabilities of chat bots and AI programs, and the types of software that may not be safe from malware and...
Trend Micro Kicks Off 2018 In Vancouver Helping Those In Need
The holiday season is traditionally a time for friends and family, gift-giving and celebrations. But it’s also a time to remember those less fortunate than ourselves, and to do what we can to make their lives better. As a responsible corporate citizen, Trend Micro is always keen to find new ways ...
Fixing the Meltdown and Spectre vulnerabilities
Two days ago, Graz University of Technology published a paper describing a pair of attacks on common microprocessors. The underlying vulnerability affects Intel, AMD, and ARM processors. All contemporary microprocessors pre-execute instructions. In other words, the vulnerability bypasses address...
Trend Micro Protects VMware on Amazon Web Services
Organizations are taking advantage of changes in computing technology to position themselves for a more agile future. Technology leaders and architects see value beyond the data center with new public cloud models and are keen on adopting hybrid infrastructure approaches to their compute...
Smartphones Under Fire: Why We Need to Keep Our Android Devices Safe
If there’s one thing we know about cybercrimnals it’s that where there’s people and money, they will surely follow. With an estimated 1.4 billion Android devices in use today, it’s not hard to see why they might have your smartphone in their sights. Attacks on Android devices made up 81 percent o...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 22, 2017
For those of you who follow the National Football League NFL, do you remember Super Bowl 47? I wasn’t exactly thrilled about the teams that played since I’m not a 49ers or Ravens fan. What was interesting about the game is that it was halted for over half an hour in the third quarter because of a...
Randstad Group Selects Trend Micro to Protect its Public Cloud Infrastructure
The Randstad Group is currently in the process of consolidating and centralizing its IT infrastructure across 30 IT departments, and will be providing service to more than 40 operating countries across four continents. To ensure the new infrastructure will have optimal security the company select...
Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories
Our research on Void Dokkaebi’s operations uncovered a campaign that turns infected developer repositories into malware delivery channels. By spreading through trusted workflows, organizational codebases, and open-source projects, the threat can scale from a single compromise to a broader supply...
Attacker Abuses Victim Resources to Reap Rewards from Titan Network
In this blog entry, we discuss how an attacker took advantage of the Atlassian Confluence vulnerability CVE-2023-22527 to connect servers to the Titan Network for cryptomining purposes...
APT34 Deploys Phishing Attack With New Malware
We observed and tracked the advanced persistent threat APT APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an African government agency to...