2304 matches found
Earth Preta’s Cyberespionage Campaign Hits Over 200
We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective...
Royal Ransomware expands attacks by targeting Linux ESXi servers
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog...
LockBit Resurfaces With Version 2.0 Ransomware Detections in Chile, Italy, Taiwan, UK
The ransomware group LockBit resurfaced in June with LockBit 2.0, with reports indicating an increased number of targeted companies and the incorporation of double extortion features. Our detections followed attack attempts in Chile, Italy, Taiwan, and the UK from July to August...
This Week in Security News - August 6, 2021
This week, learn how false advertisers use spam browser notifications to gain ad revenue. Also, read about the results from Trend Micro’s first half 2021 biannual Cyber Risk Index report...
#LetsTalkSecurity: What Could Possibly Go Wrong?
Let's Talk Security: Season 02 // Episode 04: Host, Rik Ferguson, interviews the Head of Cyber Security for Moonpig, Tash Norris. Together they question, what could go wrong in the world of cyber security?...
Protection from Malware and AWS Bucket Leaks
You can’t control the weather. But you can safeguard your downstream infrastructure investment...
Updated XCSSET Malware Targets Telegram, Other Apps
In our last update on the XCSSET campaign, we updated some of its features targeting latest macOS 11 Big Sur. Since then, the campaign added more features to its toolset, which we have continually monitored. We have also discovered the mechanism used to steal information from various apps, a...
This Week in Security News: Trend Micro’s Zero Day Initiative Celebrates 15 Years and 24 Million Customers Affected after Experian Data Breach
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read how the Zero Day Initiative ZDI has awarded more than $25 million in bounty rewards to security researchers over the past decade and a...
Parlez-vous Machine?
Have you ever heard of the MQTT or CoAP protocols? No? Well the device on your wrist, and so many devices around you, could be using them right now. MQTT and CoAP are machine-to-machine or M2M protocols. With the rise of the internet of things IoT and operational technology OT, there’s increased...
The Risk of IoT Security Complacency
Trend Micro recently surveyed 1,150 IT executives globally. We found a gap between the perceived risk from IoT and the planned mitigation for that risk. Most senior executives recognize that IoT can introduce security risk to the organization, but few will invest resources to remediate that risk...
Cybercriminals Changing Tactics as Seen in First Half Report
Today, Trend Micro released its first half 2018 security roundup report in which we want to share the threat intelligence we discovered through the Trend Micro Smart Protection Network that allows us to identify the threats that have targeted our customer base. Below are some thoughts I’d like to...
Carrier Grade Security Means … Using Carrier Grade Security
It’s a common mistake in enterprises to copy-paste security solutions from a peer. Strategies can be recycled, but sadly with even very similar businesses almost always have radically different IT and security requirements. I recall one hospital that looked at a nearly identical peer hospital tha...
AV-Comparatives: Trend Micro Antivirus for Mac Provides 100% Malware Protection for Mac Users
Despite popular opinion otherwise, the days have long since passed when Mac users can venture forth on the Internet without having to worry about viruses or ransomware, phishing attacks or dangerous URLs. Though the number of attacks on the Mac are fewer than those on Windows machines because the...
Fighting the Skills Gap Via Industry Leading Research and Inspiring Events
By Kevin Simzer Among the headline-grabbing reports of election hacking, nation-state raids on utilities firms, and mega-data breaches, few outside the industry ask the question: Did the cybersecurity skills shortage play a part? It’s impossible to say for sure. However, what we do know is that...
The Aurora Power Grid Vulnerability and the BlackEnergy Trojan
At recent Industrial IoT security briefings, the Aurora vulnerability has come up repeatedly. Attendees ask, “Is our country’s power grid safe? How can we protect the grid? What is Aurora?” This post provides a look at Aurora, and the BlackEnergy attack that can exploit Aurora. In March 2007, the...
This Week in Security News: Cyber Leads and Email Frauds
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, The Trump Administration added a cyber lead at Homeland Security and the Energy Department. Also, the FBI announced the arrest of 74 “email...
Trend Micro at MWC: Securing Our Mobile, Connected World
Time flies pretty fast in tech. When Trend Micro was founded nearly 30 years ago, mobile phones were pretty clunky, prohibitively expensive and not in the least bit “smart.” Fast forward to today and the device in your pocket has more compute power than the NASA machines that put man on the moon...
3 reasons the ransomware threat will continue in 2018
Ransomware has been on the scene for more than a decade now, and thanks to increasingly sophisticated samples that attack victims across nearly every country, it's become a global threat. According to CSO, ransomware has a longer history than many realize. While large-scale attacks reached the...
Trend Micro: Winning at Wellness Again
In the never-ending race for profits, shareholder value and customer wins, organizations can sometimes forget about their employees. Yet in reality, your workers are your number one asset: if they feel undervalued or disrespected it can rip the heart and soul out of the organization, setting off ...
Cybercriminal Undergrounds: Social and Economic Philosophies
When you think of a hacker, what's the first thing that comes to mind? It might be a lone person typing away in a dark room, an image commonly represented in movies and television. However, the world of cybercrime is much more sophisticated than this. Attackers are forming groups to create larger...
Today’s Predictions for Tomorrow’s Internet
Making predictions is a tricky business and in no area more so than in the area of rapidly developing technology. The pace of change continues to accelerate and the nature of innovation is such that entrepreneurs, as well as criminals are continually searching for “the next big thing” to either...
As Cities Get Smarter, So Should Their Security
TrendMicro Today, more urban centers than ever are implementing a range of advanced technological systems. These sensors and networks used in combination with citizens' mobile devices create smarter cities capable of reduced pollution, increased safety, better engagement with residents and more...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
BPFDoor’s Hidden Controller Used Against Asia, Middle East Targets
A controller linked to BPF backdoor can open a reverse shell, enabling deeper infiltration into compromised networks. Recent attacks have been observed targeting the telecommunications, finance, and retail sectors across South Korea, Hong Kong, Myanmar, Malaysia, and Egypt...
IoT Botnet Linked to Large-scale DDoS Attacks Since the End of 2024
Since the end of 2024, we have been continuously monitoring large-scale DDoS attacks orchestrated by an IoT botnet exploiting vulnerable IoT devices such as wireless routers and IP cameras...
Breaking Down Earth Estries' Persistent TTPs in Prolonged Cyber Operations
Discover how Earth Estries employs a diverse set of tactics, techniques, and tools, including malware such as Zingdoor and Snappybee, for its campaigns...
Router Roulette: Cybercriminals and Nation-States Sharing Compromised Networks
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024...
Reduce Business Email Compromise with Collaboration
Here's the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space...
How to Embrace a Cloud Security Challenge Mindset
CISOs responsible for tackling cloud security challenges need to rethink traditional security practices, protect apps and infrastructure they don’t control, and justify enterprise security investments. Trend Micro’s Bryan Webster told the AWS SecurityLIVE! audience it can all be done—by embracing...
ZTNA vs VPN: Secure Remote Work and Access
Explore the drivers behind switching from VPN to Zero Trust Network Access ZTNA for any device access from anywhere...
Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
We detail the update that advanced persistent threat APT group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems...
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
We discovered a new backdoor which we have attributed to the advanced persistent threat actor known as Earth Kitsune, which we have covered before. Since 2019, Earth Kitsune has been distributing variants of self-developed backdoors to targets, primarily individuals who are interested in North...
Unlocking Serverless with AWS Lambda and IAM
Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that can be expanded on as you grow and explore the many services on AWS...
3 cybersecurity trends & mitigation strategies for CISOs
Explore 3 cyber security trends and how to strategically mitigate future risks with Trend Micro’s Jon Clay, VP of threat intelligence and Ed Cabrera, chief cybersecurity officer...
What Is Zero Trust and Why Does It Matter?
There has been a lot of discussion around Zero Trust recently—is it a solution? A strategy? A pipe dream? Eric Skinner from Trend Micro gets real about Zero Trust and explains what it really is, and how organizations can use it to be more resilient...
Cloud Security Is Simple, Absolutely Simple.
"Cloud security is simple, absolutely simple. Stop over complicating it." This is how I kicked off a presentation I gave at the CyberRisk Alliance, Cloud Security Summit on Apr 17 of this year. And I truly believe that cloud security is simple, but that does not mean easy. You need the right...
This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about two recently detected variants of existing Linux botnet malware types targeting exposed Docker servers. Also, read about a group...
Trend Micro Guardian: Protecting Your Kids On-the-Go
Some smart devices are not limited to use on the home network; for instance, your child’s mobile phone or tablet. Keeping your kids safe on these on-the-go devices means extending your security policies beyond the home. Trend Micro Home Network Security HNS makes it easy with its complementary ap...
Phishing, Part 2: Staying Safe
As mentioned in Phishing Part 1: On the Lookout, phishing attacks have been around for years, but today’s cybercriminals are adept at using them in an ever-increasing variety of ways to get what they want. According to the most recent FBI figures, phishing and its variants was the third most...
How cryptocurrency is shaping today’s threat environment
Cryptocurrency has exploded as a popular way to support digital transactions. Since its creation, users have discovered an array of different ways to leverage cryptocurrency, including within mining strategies and digital wallets. Expanded use cases and interest helped propel the value of digital...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of October 30, 2017
Competition is inherent in our DNA. At a basic level, we compete for things like water and food. We also take it up a level and compete for wealth, fame and power. Some compete to be the best in sports, like my Houston Astros winning the 2017 World Series, and others compete to be the best in the...
Business Process Compromise: The Next Step in Advanced Targeted Attacks
Targeted attacks have come a long way in recent years, leveraging increasingly advanced techniques aimed at specific individuals. Often, these hackers pinpoint a single person within an enterprise, steal their credentials, log into an account, and leverage this position to find sensitive...
The Unified Cloud
Throughout the history of cloud computing, 2006 was a momentous year. In 2006 Amazon Web Services released S3, the first pay per GB storage service. By August, they released EC2, allowing you to spin up a server and pay by the hour in the cloud. In the decade that has followed, AWS has emerged as...
Claude Code Security set the Cybersecurity Stocks on Fire - Here's the Signal in the Smoke
Learn how Claude Code Security set Cybersecurity stocks on fire...
Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data...
TIDRONE Targets Military and Satellite Industries in Taiwan
Our research reveals that an unidentified threat cluster we named TIDRONE have shown significant interest in military-related industry chains, particularly in the manufacturers of drones...
Pawn Storm Uses Brute Force and Stealth Against High-Value Targets
Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted...
Prevent BEC with AI-Powered Email and Collaboration
Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments...
DarkGate Opens Organizations for Attack via Skype, Teams
We detail an ongoing campaign abusing messaging platforms Skype and Teams to distribute the DarkGate malware to targeted organizations. We also discovered that once DarkGate is installed on the victim’s system, additional payloads were introduced to the environment...