2303 matches found
Accelerating into 2024 with NEOM McLaren Formula E Team
Learn more about how Trend is engineering innovation and resiliency with NEOM McLaren Formula E Team in 2024 and beyond...
3 Strategic Insights from Cybersecurity Leader Study
Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges...
IT & OT security: How to Bridge the Gap
Connecting IT and OT environments can give industrial organizations powerful efficiencies, but it also introduces cybersecurity challenges. A new Trend Micro/SANS Institute report gets at the heart of those IT and OT security issues—and how to address them...
Ex-USSS CISO Explains Agencies' Struggle with Biden EO
Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden's cybersecurity executive order...
An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector
In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain...
GraphQL vs gRPC: Which One Creates More Secure APIs?
Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API frameworks and how to prevent them...
Guide to Serverless Architecture Design Patterns
Discover the power of serverless architecture design patterns for scalable and efficient application development. Explore EDA, pub-sub, fan-out/fan-in, strangler, and saga patterns. Learn how to select, implement, and optimize them for your needs...
Worldwide 2022 Email Phishing Statistics and Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2022...
Improve Post-Quantum Cryptography Security with CSPM
Gain valuable insight into the emerging world of post-quantum computing and how a security posture management CSPM can bolster your post quantum cryptography defenses...
Establishing a Proactive Cybersecurity Plan
To help organizations shift security left, Greg Young, Vice President of Cybersecurity and CorpDev at Trend Micro and Andy Anderson, DataStream CEO and Co-Founder, discuss how IT decision makers can educate the board with a proactive cybersecurity plan...
Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer
Find out how the Managed XDR team uncovered RedLine Stealer’s evasive spear-phishing campaign that targets the hospitality industry...
Phishing as a Service Stimulates Cybercrime
With phishing attacks at an all-time high, phishing as a service PhaaS is turning this once-skilled practice into a pay-to-play industry. Understanding the latest attack tactics is critical to improving your email security strategy...
Ransomware Recovery Plan for 2023
It’s important to defend against ransomware attacks, but is your organization prepared to deal with the consequences of a breach? Find out how to plan an effective ransomware recovery strategy...
What is Business Attack Surface Management?
Explore how businesses can make internal and external attack surface management ASM actionable...
CISO's Challenges Involved with Business Leader & SOC
Yohei Ishihara, IoT security evangelist at Trend Micro, discussed the challenges CISOs facing within organizations driving industrial IoT...
Detecting Windows AMSI Bypass Techniques
We look into some of the implementations that cybercriminals use to bypass the Windows Antimalware Scan Interface AMSI and how security teams can detect threats attempting to abuse it for compromise with Trend Micro Vision One™...
Conti Team One Splinter Group Resurfaces as Royal Ransomware with Callback Phishing Attacks
From September to December, we detected multiple attacks from the Royal ransomware group. In this blog entry, we discuss findings from our investigation of this ransomware and the tools that Royal ransomware actors used to carry out their attacks...
4 Cybersecurity Budget Management Tips
Learn how CISOs and security leaders can strategically manage their cybersecurity budget to run more productive security teams amid a recession and skills shortage...
Cybersecurity Plan: 3 Keys for CISOs
CISOs and security professionals need a cybersecurity plan to succeed. Explore three keys for a winning strategy...
Email Security Best Practices for Phishing Prevention
Trend Micro Research reported a 137.6% growth in phishing attacks blocked and detected in 2021. Explore the latest phishing trends and email security best practices to enhance your email security and reduce cyber risk...
How Will the Metaverse Affect Cloud Security?
The metaverse is an immersive digital world of augmented reality. While supporting a virtual universe relies on cloud storage, questions arise on how this will affect cloud security. Gain valuable insight on security concerns surrounding the metaverse now and in the near future...
New Golang Ransomware Agenda Customizes Attacks
A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and Africa. This ransomware is called Agenda and is customized per victim...
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware...
CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies
We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension...
A Secure Access Service Edge (SASE) Guide for Leaders
Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface...
Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data
We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and exfiltrate data. We share our key findings in this report...
Top 5 Infrastructure as Code Security Challenges
Learn how to counteract the top five challenges of IaC and discover how these obstacles pose a threat to security and gain valuable insight in how to mitigate these risks...
Data Distribution Service: An Overview Part 1
In this three-part blog series, we’ll look into Data Distribution Service, why it is critical, and how you can mitigate risks associated with it...
Hacking the Crypto-monetized Web
What danger lies around the corner?...
How to Present Cloud Risk to the Board
Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security leaders better explain cyber risk to the board...
Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
In this report, we investigate the reasons that the DeadBolt ransomware family is more problematic for its victims than other ransomware families that previously targeted NAS devices...
How to implement AWS Sustainability Pillar principles
Learn more about the AWS Well-Architected Framework Sustainability Pillar and how to securely and efficiently implement the six design principles to help you reduce your environmental impact while balancing agility and operational excellence...
Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys
We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user information, including private keys...
Trend Micro Partnering with Bit Discovery
We’re excited to partner with Bit Discovery, bringing attack surface discovery capabilities to the Trend Micro One platform, providing ongoing visibility to internal assets devices, identities, applications but also external, internet-facing assets...
Cyclops Blink Sets Sights on Asus Routers
This report discusses the technical capabilities of this Cyclops Blink malware variant that targets ASUS routers and includes a list of more than 150 current and historical command-and-control C&C servers of the Cyclops Blink botnet...
TianySpy Malware Uses Smishing Disguised as Message From Telco
Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been designed to steal credentials associated with membership websites of major Japanese telecommunication services...
LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk
This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The stack is the root of LoRaWAN implementation and security. We hope to help users secure it and make LoRaWAN communication resistant ...
Organized Cybercrime Cases: What CISOs Need to Know
Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service AaaS, an emerging business model selling all-access passes to other malicious actors...
Top 5 DevOps Resource Center Articles of 2021
We look back on the 5 most popular DevOps Resource Center articles in 2021 to help you build at your best in 2022...
Trend Micro Cloud One Network Security-as-a-Service
Trend Micro, alongside Amazon Web Services, provides the latest in cloud-native deployment options. We have simplified network security, protecting customers across Virtual Private Clouds VPCs without needing agents to be installed on instances...
This Week in Security News - November 19, 2021
This week, learn about how the QAKBOT Loader malware has evolved its techniques and strategies over time. Also, read about the most recent initiative by the legislation to further cybersecurity protection...
Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains
Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell...
Ctrl+Alt+Truth. Welcome to the future of cybercrime
Welcome to 2030, to the nation of New San Joban, where a single keystroke can alter reality. Discover what a fully converged digital world means for the future of cybersecurity, and how you can stay ahead of the bad guys...
Forced Entry: A Security Test for Automatic Garage Doors
In this blog entry we revisit threats to automatic garage doors by using SDR to test two attack scenarios. We demonstrate a rolling code attack and one that involves a hidden remote feature...
Midyear 2021 Cybersecurity Landscape Review: Attacks From All Angles Abound
Here is a rundown of data related to the crucial security issues that enterprises faced during this period, as examined in our report, “Attacks From All Angles: 2021 Midyear Cybersecurity Report.”...
Micro Frontend Framework Guide: Adaptability for Teams
It’s not you, it’s me. Why breaking up your monolith is the best course of action to design and deploy scalable web apps...
5GAA & Global Certification Forum Connect on New Cert.
The Global Certification Forum GCF and the 5G Automotive Association 5GAA announced their collaboration on a new program that will support the drive for interoperability, reliability, and safety of up and coming C-V2X systems...
PurpleFox Using WPAD to Target Indonesian Users
The PurpleFox Exploit Kit is now being distributed via WPAD attacks targeting Indonesian users...
XCSSET Quickly Adapts to macOS 11 and M1-based Macs
This latest update details our new research on XCSSET, including the ways in which it has adapted itself to work on both ARM64 and x86x64 Macs...
Achieve Operational Excellence in Your Cloud Workload
Explore the Operational Excellence pillar of the AWS and Azure Well-Architected Framework and examine best practices and design principles for cloud-based security operations, including CI/CD and risk management...