2304 matches found
BlackCat Ransomware Deploys New Signed Kernel Driver
In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase...
Risks in Telecommunications IT
We summarize the characteristics, threats, and recommendations to improve the security posture of enterprises' and telecommunications companies' IT infrastructure...
This Week in Security News - July 16, 2021
Trends and Shifts in the Underground N-Day Exploit Market and Scams Make Getting Verified on Social Media a Minefield...
This Week in Security News: Trend Micro Research Discovers Cybercriminal Turf War on Routers and a Massive Twitter Breach Compromises Some of the World’s Most Prominent Accounts
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about Trend Micro’s report on the botnet battle for IoT territory and how attacker groups are trying to gain control of vulnerable...
This Week in Security News: Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update and New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Microsoft’s largest-ever Patch Tuesday update including 129 CVEs. Also, read about a new Android Spyware dubbed ActionSpy. Read...
Cloud Native Application Development Enables New Levels of Security Visibility and Control
We are in unique times and it’s important to support each other through unique ways. Snyk is providing a community effort to make a difference through AllTheTalks.online, and Trend Micro is proud to be a sponsor of their virtual fundraiser and tech conference. In today’s threat landscape new clou...
Principles of a Cloud Migration – From Step One to Done
Boiling the ocean with the subject, sous-vide deliciousness with the content. Cloud Migrations are happening every day. Analysts predict over 75% of mid-large enterprises will migrate a workload to the cloud by 2021 – but how can you make sure your workload is successful? There are not just facto...
How to Stay Safe as Online Coronavirus Scams Spread
Few national emergencies have the ability to strike panic into the populace quite like a virus pandemic. It’s fortunately something most of us have never had to experience, until now. At the time of writing, the number of global confirmed cases of Coronavirus infection, or COVID-19, has reached...
This Week in Security News: DevOps Implementation Concerns and Malware Variants
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how most respondents to a Trend Micro survey shared their concern for the risks in implementing DevOps. Also, read on about how...
Securing the Convergence of IT with OT
The Industrial Internet of Things IIoT is the leading edge of the convergence of Operational Technology OT with IT. This convergence begins with network connectivity but requires enhancements in operational procedures, technology, and training as well. Beginning with the network, IT and OT use...
This Week in Security News: Banks and Botnets
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the FBI warned U.S. banks of a wide-scale cybercrime campaign called “ATM cash-out,” in which hackers use cloned ATM cards for fraudulent...
Your startup disk is almost full – How you can fix it on your Mac
Every Mac user will experience the message “Your startup disk is almost full” at one time or another. Understanding what “startup disk is full” actually means is the first important step before you can fix this issue. What if my Mac’s Startup Disk is Full? The answer to this question is easy. Whe...
Coupon fraud could be costing your business millions
Customers are always looking for good deals with their purchases and a coupon could be the defining factor for a buyer completing his or her transaction. In fact, a 2015 survey by CreditCards.com found that paper coupons were used by 63 percent of respondents. This is followed by discounts for...
Decade Long Partnership = Global Partner Innovation Award
Here at Trend Micro we highly value the relationships we’ve build with our partners, especially those that have spanned several years. However, it’s particularly gratifying when those partners choose to recognize our work with an award. So, excuse us while we toot our own horn’s for a bit...
AI-Automated Threat Hunting Brings GhostPenguin Out of the Shadows
In this blog entry, Trend™ Research provides a comprehensive breakdown of GhostPenguin, a previously undocumented Linux backdoor with low detection rates that was discovered through AI-powered threat hunting and in-depth malware analysis...
Earth Ammit Disrupts Drone Supply Chains Through Coordinated Multi-Wave Attacks in Taiwan
Trend™ Research discusses the evolving tradecraft of threat actor Earth Ammit, proven by the advanced toolset used in its TIDRONE and VENOM campaigns that targeted the drone supply chain...
Noodle RAT: Reviewing the New Backdoor Used by Chinese-Speaking Groups
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime...
Earth Preta Campaign Uses DOPLUGS to Target Asia
In this blog entry, we focus on Earth Preta's campaign that employed a variant of the DOPLUGS malware to target Asian countries...
SeroXen Incorporates Latest BatCloak Engine Iteration
We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable FUD .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion...
Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals
Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu's motives seem to have...
New APT34 Malware Targets The Middle East
We analyze an infection campaign targeting organizations in the Middle East for cyberespionage in December 2022 using a new backdoor malware. The campaign abuses legitimate but compromised email accounts to send stolen data to external mail accounts controlled by the attackers...
What Exposed OPA Servers Can Tell You About Your Applications
This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security...
Workshop: AWS S3 Bucket for Malware Scanning
In this workshop, you will learn how to scan your objects that are being uploaded to Amazon S3 buckets for malware and integrate into your custom workflows, by automating with your current resources, directly in your AWS environment...
Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One
We look into the different implementations of PrintNightmare and include recommendations on how security teams can safeguard their workloads...
Identity Fraud: How to Protect Your Identity Data, Accounts and Money During the Coronavirus Crisis
We’ve all been spending more of our time online since the crisis hit. Whether it’s ordering food for delivery, livestreaming concerts, holding virtual parties, or engaging in a little retail therapy, the digital interactions of many Americans are on the rise. This means we’re also sharing more of...
This Week in Security News: Microsoft Fixes 129 Vulnerabilities for September’s Patch Tuesday and Trend Micro’s XDR Offerings Simplify and Optimize Detection and Response
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about this month’s Patch Tuesday update from Microsoft. Also, learn about Trend Micro’s Worry-Free XDR: a new version of its XDR platfo...
Black Hat Trip Report – Trend Micro
At Black Hat USA 2020, Trend Micro presented two important talks on vulnerabilities in Industrial IoT IIoT. The first discussed weaknesses in proprietary languages used by industrial robots, and the second talked about vulnerabilities in protocol gateways. Any organization using robots, and any...
Cleaner One Pro Speeds Up Your Mac: Part 2
In Part 1 of this blog, we introduced Trend Micro Cleaner One Pro, a one-stop shop to help you speed up your Mac, highlighting the Quick Optimizer, the Main Console, and the Cleaning Tools. In Part 2, we resume the discussion of how to make your Mac run faster with the remaining Cleaner One Pro...
Ask Me Anything – Celebrating The Fifth Anniversary Of My Monthly Threat Webinar
In July 2015, I did my first threat webinar. I had planned to do it on a monthly basis, and never imagined I would still be doing it five years later, but here I am, still creating monthly webinars. I still do. I started the webinar series to help people understand the different threats targeting...
This Week in Security News: Payment Card Skimmer Attacks Hit 8 Cities and Survey Finds 72% of Remote Workers Have Gained Cybersecurity Awareness During Lockdown
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about eight U.S. cities that recently had payment card data stolen via point-of-sale skimming malware on their Click2Gov online payment...
Cloud Assurance from Infrastructure to App
In this webinar, Trend Micro and IDC explain the importance of security guardrails in Amazon Web Services AWS and Microsoft® Azure™ play in obtaining cloud operational excellence...
This Week in Security News: Intel Says ‘Tiger Lake’ Will Drown Control-Flow Malware and New Phishing Campaign Targeting Office 365 Exploits Brand Names
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how the next generation of Intel mobile processors will include malware protection built into the chip. Also, read about a new...
Securing Smart Manufacturing
“Alexa, turn on the TV.” ”Get it yourself.” This nightmare scenario could play out millions of times unless people take steps to protect their IoT devices. The situation is even worse in industrial settings. Smart manufacturing, that is, Industry 4.0, relies on tight integration between IT system...
Why CISOs Are Demanding Detection and Response Everywhere
Over the past three decades, we’ve had time at Trend Micro to observe the industry trends that have the biggest impact on our customers. And one of the big things we’ve seen is that threats move largely in tandem with changes to IT infrastructure. This matters today because most organizations are...
COVID-19: How Do I Work from Home Securely?
The coronavirus pandemic—the infection officially designated as COVID-19—is causing upheaval across the globe. Aside from the serious economic and public health implications, one very practical impact of shelter-in-place dictums is to force many companies to support remote working where they can...
In Safe Hands with Trend Micro Home Network Security – Part 3: Testing Its Functions
We continue our four-part series on protecting your home and family. See the links to the previous parts at the end of this blog. As you use more internet-connected devices and smart appliances in your home, it’s of utmost importance to make sure your gadgets are properly protected from malware a...
Zero-Day Coverage Update – Week of July 2, 2018
The General Data Protection Regulation GDPR has been up and running for a couple of months now and your organization is compliant. It’s time to take a little break – well, not so fast! Late last week, the State of California passed a new data privacy law called the California Consumer Privacy Act...
We Did It Again! Trend Micro Named a Leader in 2018 Gartner Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS)
Trend Micro has been named a Leader in the Gartner 2018 Magic Quadrant for Intrusion Detection and Prevention Systems IDPS again. We have improved our position in both Completeness of Vision and Ability to Execute from last year, and we believe that placement in the Leaders’ quadrant illustrates...
Accelerating Security for Intelligent Transportation Systems: A New Trend Micro Report
Connected cars and autonomous vehicles are getting all the headlines these days, especially when it comes to cybersecurity concerns. But that’s only half of the story. An under-reported but hugely important piece of the puzzle relates to the Intelligent Transportation Systems ITS needed to create...
How IOC Sharing Will Help Us Build a More Secure Healthcare Sector
At Trend Micro we work hard every day to reduce the risk posed by cyber attacks from hacktavists, transnational cybercriminals, and cyber espionage groups. Nowhere is this more pertinent than in the healthcare industry, where everything from data breaches to ransomware attacks impacting medical...
Ransomware: What Are the Bad Guys After and How Do I Stop Them?
If the past few days of WannaCry ransomware activity have taught us anything it’s that cybercriminals pose a clear and present danger to organizations and their customers all over the world. But have you ever wondered exactly what the bad guys are after when they launch their online attacks at yo...
Industrial Robots are Hackable: How Do We Fix Them?
Discuss cyber attacks involving robots and many people might think you’re talking about the latest Hollywood blockbuster to hit the screens. The reality, however, is that industrial robotic systems now form a vital cog in the manufacturing process of everything from silicon chips to cars and even...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
From Langflow to Monero: Inside CVE-2026-33017 Cryptominer
We tracked a cryptocurrency-mining campaign exploiting CVE-2026-33017, which revealed how threat actors are now scanning exposed AI application infrastructure for their next foothold...
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
TrendAI™ integrates Anthropic's Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: one keeps all data inside the environment, while the other feeds TrendAI Vision One™ for deeper correlation and compliance...
Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver
In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware...
SeroXen Mechanisms: Exploring Distribution, Risks, and Impact
This is the third installment of a three-part technical analysis of the fully undetectable FUD obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into...
Earth Preta’s Cyberespionage Campaign Hits Over 200
We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective...
Royal Ransomware expands attacks by targeting Linux ESXi servers
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog...
Uncovering a Kingminer Botnet Attack Using Trend Micro™ Managed XDR
Trend Micro’s Managed XDR team addressed a Kingminer botnet attack conducted through an SQL exploit. We discuss our findings and analysis in this report...