2303 matches found
Principles of a Cloud Migration – Security W5H – The HOW
“How about… ya!” Security needs to be treated much like DevOps in evolving organizations; everyone in the company has a responsibility to make sure it is implemented. It is not just a part of operations, but a cultural shift in doing things right the first time – Security by default. Here are a f...
The AWS Service to Focus On – Amazon EC2
If we run a contest for Mr. Popular of Amazon Web Services AWS, without a doubt Amazon Simple Storage Service S3 has ‘winner’ written all over it. However, what’s popular is not always what is critical for your business to focus on. There is popularity and then there is dependability. Let’s...
Suddenly Teleworking, Securely
So you suddenly have a lot of staff working remotely. Telework is not new and a good percentage of the workforce already does so. But the companies who have a distributed workforce had time to plan for it, and to plan for it securely. A Lot of New Teleworkers All At Once This event can't be treat...
The Summit of Cybersecurity Sits Among the Clouds
Trend Micro Apex One as a Service You have heard it before, but it needs to be said again—threats are constantly evolving and getting sneakier, more malicious, and harder to find than ever before. It’s a hard job to stay one step ahead of the latest threats and scams organizations come across, bu...
AWS Helping to Unlock Potentially Life-saving Innovation for the Healthcare Sector – While Keeping Sensitive Information Locked Down
Marnie Wilking – CISO, VP Information Assurance, Orion Health Many of the next significant, potentially lifesaving discoveries that will happen in healthcare will be the direct result of big data, machine learning and artificial intelligence. Making the shift to big data, machine learning and...
How the Industry 4.0 Era Will Change the Cybersecurity Landscape
Today’s highly automated and connected smart factories Industry 4.0 were born out of yesterday’s steam engines that mechanized manufacturing Industry 1.0; mass-production lines expanded with the advent of electricity Industry 2.0; and then IT-enabled manufacturing plants ushered in the era of...
How connected devices put health care at risk
The health care industry is one of the most attractive sectors to hackers. Not only do hospitals, doctor offices and other facilities store and have access to an array of patients' personal information, but many organizations also have financial details on file to facilitate billing processes. On...
Graffiti in the digital world: How hacktivists use defacement
Activists have been featured more frequently in the news lately, with marches shining the spotlight on women's rights and bringing about an end to gun violence, to name a few. However, the real world isn't the only place where activism happens. The digital realm has become a critical space for...
Flying Under the Radar: How Hackers Use Protection Strategies for Attack
It's a recurring theme in sports movies, war stories and crime stories alike: In order to defeat the enemy, one must think like the enemy. This approach has been taken - oftentimes quite successfully - in an array of settings, including the cybersecurity realm. Security researchers are constantly...
How vulnerability research benefits both vendors and customers
Zero-day vulnerabilities - newly discovered exploits that haven't been previously identified - are now emerging more often. Worse still is the fact that these dangerous flaws sometimes aren't pinpointed until hackers have already exploited them. According to a prediction from Cybersecurity Ventur...
Accelerating AI Research to Improve Threat Protection
Once the realm of science fiction, artificial intelligence AI is now very much science fact. The potential of this ground-breaking technology – and related disciplines including deep learning and machine learning – is so great that even governments in the UK and US have released reports on its...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of May 1, 2017
As you read this blog, I am probably sitting on a beach in Cancun, Mexico getting a nice tan and not thinking about security well, maybe just a little. A couple of days before I left, I had to deal with the inevitable. It never fails – every time I am about to go on vacation, the urgency of thing...
Russian Infrastructure Plays Crucial Role in North Korean Cybercrime Operations
In this blog entry, we discuss how North Korea's significant role in cybercrime – including campaigns attributed to Void Dokkaebi – is facilitated by extensive use of anonymization networks and the use of Russian IP ranges...
Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores
The Trend Micro Mobile Application Reputation Service MARS team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023...
Xollam, the Latest Face of TargetCompany
This blog talks about the latest TargetCompany ransomware variant, Xollam, and the new initial access technique it uses. We also investigate previous variants' behaviors and the ransomware family's extortion scheme...
Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal
We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat APT group, and discuss its use of CapraRAT, an Android RAT with clear similarities in design to the group’s favored Windows malware, Crimson RAT...
This Week in Security News - August 13, 2021
This Week in Security News: Hackers Steal $600 million in Largest Ever Cryptocurrency Heist and Cybersecurity is the New ‘Great Game’...
August Patch Tuesday: A Quiet Month for Microsoft
August proves to be a quieter month for Microsoft, after an eventful July. This month, there were only 44 security bulletins, part of which are three Print Spooler flaws and a further fix for PetitPotam...
This Week in Security News: Cybercriminals Use Stolen Data and Hacking Tools as Prizes in Poker Games and Rap Battles and VirusTotal Now Supports Trend Micro ELF Hash
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how cybercriminals are passing the time during the COVID-19 pandemic with online poker games, where the prizes include stolen...
This Week in Security News: Linkury Adware Caught Distributing Full-Blown Malware and Cross-Platform Modular Glupteba Malware Uses ManageX
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how an adware family known primarily for distributing browser hijackers, Linkury, has been caught distributing malware. Also, re...
ISO/SAE 21434: It’s time to put the brakes on connected car cyber-threats
Connected cars are on the move. Globally their number is set to grow 270% between 2018 and 2022 to reach an estimated 125 million in a couple of years. Increasingly, these vehicles are more akin to high-performance mobile computers with wheels than traditional cars, with features including intern...
Principles of a Cloud Migration – Security, The W5H
Whosawhatsit?! - WHO is responsible for this anyways? For as long as cloud providers have been in business, we’ve been discussing the Shared Responsibility Model when it comes to customer operation teams. It defines the different aspects of control, and with that control, comes the need to secure...
Monitoring and Maintaining Trend Micro Home Network Security – Part 4: Best Practices
We continue our four-part series on protecting your home and family. See the links to the previous parts at the end of this blog. We’re now done with familiarizing ourselves with the features of Trend Micro Home Network Security HNS It’s now time for you to get a bit more adept at regular...
Digital skimmers: What are they and how can I keep my card details safe online?
A few weeks ago, British Airways was hit by the largest ever regulatory fine of its kind, after global customers visiting its website had their card data stolen. The $228m penalty levied by the UK’s privacy watchdog reflects the seriousness of the attack and the carrier’s failure to protect its...
The Next Enterprise Challenge: How Best to Secure Containers and Monolithic Apps Together, Company-wide
Submitted by: Adam Boyle, Head of Product Management, Hybrid Cloud Security, Trend Micro When it comes to software container security, it’s important for enterprises to look at the big picture, taking into account how they see containers affecting their larger security requirements and future...
Protect Your Online Privacy with the New Trend Micro Zero Browser
In the digital age, your personal data and online behavior is increasingly being tracked whenever you browse, search, watch the news, use social networks, purchase goods, or manage your accounts online. Trend Micro, with nearly 30 years of experience in the security industry, is acutely aware of...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 22, 2018
Yesterday, the Zero Day Initiative ZDI announced the dates and contest rules for Pwn2Own 2018. Last year, we celebrated the 10th anniversary of the event and the 11th year is going to be bigger than ever! Pwn2Own will be returning to Vancouver, BC, at the CanSecWest Conference on March 14-16, 201...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 15, 2018
It’s been just over 14 years since I almost left this crazy world due to a bad car accident. I have a number of scars and daily pains that serve as reminders of that day. While some may think scars and pain are a burden and a nuisance, I think of them as reminders of how far I’ve come since that...
Optimize Your Mac!
Mac laptop and mini users often struggle to optimally use their computer’s memory or to keep their disk clean, since these Macs may be a bit tight on resources to begin with. Users can run out of memory when multiple memory-hogging apps are open, or they can run out of disk space particularly on...
Cybersecurity Wants You!
At Black Hat in Las Vegas last week, Trend Micro’s Kevin Simzer spoke about the global, dire need for cybersecurity talent. The number of open jobs in cybersecurity continues to increase dramatically. A report from Cisco stated that there were over one million unfilled positions globally in 2016...
The Law of Unintended Outbreak – Who Is at Risk from Petya?
Hot on the heels of the global WannaCry outbreak in May, yesterday saw a wave of what looked like copycat malware sweeping the globe again. However, on closer inspection there may more to this than meets the eye, more than a simple new variant of an already established ransomware borrowing...
Pawn Storm – A Look Into this Cyberespionage Actor Group
In April 2017 my monthly threat webinar focused on a cyberespionage group our Forward-Looking Threat Researcher, Feike Hacquebord, has been following for many years and recently published a report into the most recent two years of activities. In this post I want to focus on their tools and tactic...
Protecting Against RCE Attacks Abusing WhatsUp Gold Vulnerabilities
In this blog entry, we provide an analysis of the recent remote code execution attacks related to Progress Software’s WhatsUp Gold that possibly abused the vulnerabilities CVE-2024-6670 and CVE-2024-6671...
Analyzing a Facebook Profile Stealer Written in Node.js
We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication...
Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
We discovered an active campaign targeting Eastern Europeans in the cryptocurrency industry using fake job lures...
Trend Micro Joins AWS Marketplace Vendor Insights
Streamlining and enhancing security in the cloud with AWS and Trend Micro...
This Week in Security News - July 30, 2021
Threat Actors Exploit Apache Hadoop YARN and BlackMatter Ransomware Claims to Be Best of REvil, Darkside...
Ransom from Home – How to close the cyber front door to remote working ransomware attacks
Coronavirus has caused a major shift to our working patterns. In many cases these will long outlast the pandemic. But working from home has its own risks. One is that you may invite ransomware attacks from a new breed of cyber-criminal who has previously confined his efforts to directly targeting...
Message from Eva Chen – as a human being, not a CEO: We need to speak out and act against racism
I would like to express my outrage over the brutal killings of George Floyd, Breonna Taylor, and Ahmaud Arbery – not as the CEO of an international company, but as a human being and a citizen of the world. It makes me very sad, but also intensely frustrated and angry to realize how little is bein...
How the Cybercriminal Underground Has Changed in 5 Years
The cybercrime economy is one of the runaway success stories of the 21st century — at least, for those who participate in it. Estimates claim it could be worth over $1 trillion annually, more than the GDP of many countries. Part of that success is due to its ability to evolve and shift as the...
This Week in Security News: 10,000 Users Affected by Leak from Misconfigured AWS Cloud Storage and Massive U.S. Property and Demographic Database Exposes 200 Million Records
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how the data of train commuters in the U.K. who were using the free Wi-Fi in Network Rail-managed stations was unintentionally...
This Week in Security News: Security and Safety on Social Media
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, California lawmakers passed a new online privacy bill guaranteeing more control over user data. Also, Typeform announced a breach involving...
Lack of Internal IT Security Expertise Requires Connected Threat Defense
There are many different factors that can impact a company's overall security posture. Increasing sophistication on the part of cyber criminals, combined with more frequent attacks launched using advanced malware, represent some of the most pervasive drivers of IT security. However, one issue...
Protecting Your Small Business From WannaCry
May 12, 2017 saw the world’s first ever worm-based ransomware attack, WannaCry. Typically ransomware spreads via email as spam and phishing attacks, and relies on human intervention to initiate the infection. However, WannaCry is different in that it combines ransomware with a recently published...
OAuth Phishing On The Rise
Recently there was a significant volume of new phishing emails aimed at capturing access to Google accounts…specifically your email and contacts. You can read more about it at The Verge, Quartz, and Ars Technica. This phish is a great—evil !?!—example of a sophisticated attempt to gain access to ...
Earth Preta Evolves its Attacks with New Malware and Strategies
In this blog entry, we discuss our analysis of Earth Preta’s enhancements in their attacks by introducing new tools, malware variants and strategies to their worm-based attacks and their time-sensitive spear-phishing campaign...
OT and IT Visibility and Efficiency Barriers
Learn the common OT and IT visibility and efficiency barriers, as well as how to get around them...
BlackCat Ransomware Deploys New Signed Kernel Driver
In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase...
Risks in Telecommunications IT
We summarize the characteristics, threats, and recommendations to improve the security posture of enterprises' and telecommunications companies' IT infrastructure...
This Week in Security News - July 16, 2021
Trends and Shifts in the Underground N-Day Exploit Market and Scams Make Getting Verified on Social Media a Minefield...