2303 matches found
Worldwide 2023 Email Phishing Statistics and Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2023...
Explore AI-Driven Cybersecurity with Trend Micro, Using NVIDIA NIM
Discover Trend Micro's integration of NVIDIA NIM to deliver an AI-driven cybersecurity solution for next-generation data centers. Engage with experts, explore demos, and learn strategies for securing AI data centers and optimizing cloud performance...
RSAC 2024 Review: AI & Data Governance Priorities
Get our take on the RSA 2024 conference where we review some of the major topics covered such as AI and data governance...
ISPM & ITDR Synergize for AI-Based Identity Security
In the ever-evolving landscape of cybersecurity, staying ahead of malicious actors requires a multifaceted approach...
Cybersecurity Decluttered: A Journey to Consolidation
Learn how far cybersecurity has come from scattered resources to consolidation the future...
A Necessary Digital Odyssey of RPA and AI/ML at HUD
Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations...
Exploring Changing SOC Landscapes
The landscape of cybersecurity is continuously evolving, with new threats emerging and the roles and responsibilities of security professionals constantly adapting...
Decoding Digital Transformation: AI, ML, and RPA in the Modern Era
Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies...
What Generative AI Means for Cybersecurity in 2024
After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks - learn what generative AI means for cybersecurity in 2024...
Unifying Cloud Security Beyond Siloes
Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management...
Accelerating into 2024 with NEOM McLaren Formula E Team
Learn more about how Trend is engineering innovation and resiliency with NEOM McLaren Formula E Team in 2024 and beyond...
Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign
...
2023 Review: Reflecting on Cybersecurity Trends
Every year, experts weigh in with predictions of what the big cybersecurity trends will be—but how often are they right? That’s the question Trend Micro’s Greg Young and Bill Malik asked recently on their Real Cybersecurity podcast, looking at what forecasters got wrong on a wide range of topics,...
Modern Attack Surface Management for CISOs
Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management ASM and what CISOs need to look for in an ASM solution...
Email Security Best Practices for Phishing Prevention
Trend Micro Research reported a 29% growth in phishing attacks blocked and detected in 2022. Explore the latest phishing trends and email security best practices to enhance your email security and reduce cyber risk...
How to Protect Your CI/CD Pipeline
Continuous integration and continuous delivery/deployment CI/CD has won over app developers, with enterprise cybersecurity teams on the hook to protect CI/CD pipelines. OWASP’s Top 10 CI/CD Security Risks clarify what to watch for...
The Current Security State of Private 5G Networks
Private 5G networks offer businesses enhanced security, reliability, and scalability. Learn more about why private 5G could be the future of secure networking...
Top 10 AI Security Risks According to OWASP
The unveiling of the first-ever Open Worldwide Application Security Project OWASP risk list for large language model AI chatbots was yet another sign of generative AI’s rush into the mainstream—and a crucial step toward protecting enterprises from AI-related threats...
Using Kubernetes ConfigMaps for Proper Secret Management
Kubernetes ConfigMaps and Secrets have transformed how you manage containerized applications securely. Read on to learn how ConfigMaps have revolutionized application lifecycle processes by reducing hardcoding efforts and enhancing portability...
Info Stealer Abusing Codespaces Puts Discord Users at Risk
In this entry, we detail our research findings on how an info stealer is able to achieve persistence on a victim’s machine by modifying the victim’s Discord client...
Future Exploitation Vector: File Extensions as Top-Level Domains
In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains TLDs while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards...
Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices
An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things IoT devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023...
Cyber Risk Management in 2023: The People Element
Explore the latest findings from Trend Micro’s Cyber Risk Index 2H’2022 and discover how to enhance cybersecurity risk management across the digital attack surface...
Attack on Security Titans: Earth Longzhi Returns With New Tricks
After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat APT group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat...
CIEM vs CWPP vs CSPM Use Cases
Discover the differences between CIEM, CWPP, and CSPM and how to use them individually or in conjunction...
Unpacking the Structure of Modern Cybercrime Organizations
We examine three differently sized criminal groups to know how they compare to similarly sized legitimate businesses in terms of how they are organized. We also discuss how threat researchers can use their knowledge of the size and structure of a target criminal organization to aid their...
Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks
In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups' targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.”...
Ransomware Revolution: 4 Types of Cyber Risks in 2023
The ransomware business model is poised to change. These four predictions could help to keep your organization secure from new forms of cyber extortion...
Vice Society Ransomware Group Targets Manufacturing Companies
In this blog entry, we’d like to highlight our findings on Vice Society, which includes an end-to-end infection diagram that we were able to create using Trend Micro internal telemetry...
Diving into an Old Exploit Chain and Discovering 3 new SIP-Bypass Vulnerabilities
More than two years ago, a researcher, A2nkF demonstrated the exploit chain from root privilege escalation to SIP-Bypass up to arbitrary kernel extension loading. In this blog entry, we will discuss how we discovered 3 more vulnerabilities from the old exploit chain...
Improve Cyber Security Posture with 2023 Predictions
If a stronger cyber security posture is one of your organization’s new year’s resolutions, focus on what matters with these five essential highlights from the Trend Micro Security Predictions for 2023...
Trend Joining App Defense Alliance Announced by Google
Trend Micro’s participation in Google’s App Defense Alliance will ensure the security of customers by preventing malicious apps from being made available on the Google Play Store...
WannaRen Returns as Life Ransomware, Targets India
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension...
DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
This report provides defenders and security operations center teams with the technical details they need to know should they encounter the DeimosC2 C&C framework...
Latest on OpenSSL 3.0 Critical Bug & Security-Fix
Potential disruptions following vulnerabilities found in OpenSSL...
Attack Surface Management 2022 Midyear Review Part 2
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year...
Attack Surface Management 2022 Midyear Review Part 1
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year...
Prevent Ransomware Attacks on Critical Infrastructure
Cyberattacks against critical infrastructure can cause massive societal disruption and take an enormous financial toll. Discover how to protect six key OT domains to help prevent ransomware and other threats to essential operations...
Water Labbu Abuses Malicious DApps to Steal Cryptocurrency
The parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their malicious decentralized application websites to steal cryptocurrency...
Simplify with Network Security as a Service (NSaaS)
Learn more on how network security as a service NSaaS employs the latest technologies to counter unknown threats and detect abnormal behavior before it becomes a direct threat...
Cybersecurity Awareness Month 2022: 3 Actionable Tips
Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface...
Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report
This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.”...
ZTNA vs VPN: Secure Remote Work & Access - SASE Part 2
Explore the drivers behind switching from VPN to Zero Trust Network Access ZTNA for any device access from anywhere...
Business Email Compromise Attack Tactics
Is BEC more damaging than ransomware? What tactics are BEC actors using? How can organizations bolster their defenses? Jon Clay, VP of threat intelligence, tackles these pertinent questions and more to help reduce cyber risk...
Protecting S3 from Malware: The Cold Hard Truth
Cloud object storage is a core component of any modern application, but most cloud file storage security is insufficient...
Analyzing the Hidden Danger of Environment Variables for Keeping Secrets
While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows...
Transport Layer Security (TLS): Issues & Protocol
Although Transport layer security TLS provides enhanced security, cybercriminals have become increasingly savvy, finding ways to circumvent many of these protections. Learn how malicious actors exploit vulnerabilities within TLS to introduce new forms of malware...
Improving Software Supply Chain Cybersecurity
Explore use cases for software supply chain cyberattacks and mitigation strategies to improve security maturity and reduce cyber risk...
Private 5G Network Security Expectations Part 1
Are "new" protocols and "private" networks sufficient for your cybersecurity requirements?...
Log4Shell Vulnerability in VMware Leads to Data Exfiltration and Ransomware
We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected systems. However, we also found that some of the victims were infected with ransomware days after the data...