2304 matches found
Securing Weak Points in Serverless Architectures
The big shift to serverless computing is imminent. Gain insights on the security considerations and recommendations for serverless environments that can help ensure your serverless deployments are secure...
Have You Considered Your Organization’s Technical Debt?
TL;DR Deal with your dirty laundry. Have you ever skipped doing your laundry and watched as that pile of dirty clothes kept growing, just waiting for you to get around to it? You’re busy, you’re tired and you keep saying you’ll get to it tomorrow. Then suddenly, you realize that it’s been three...
Cloud Security Gaps and Misconfigurations
Listen to this podcast from “The SecureWorld Sessions” to learn how to discover the security gaps and misconfigurations that may be lurking in your infrastructure after migrating to the cloud, and how you can simplify your security...
Protect Your Container Images and CI/CD Pipeline
Ever wonder if the container images you provide to customers have been checked for vulnerabilities, malware, and other malicious threats? Read this article on how to easily and quickly set up protection for your container images and CI/CD pipeline...
#LetsTalkCloud: The Unicorn Project Principles
Let's Talk Cloud: Season 02 // Episode 06: Host, Mark Nunnikhoven, interviews Trend Micro Developer, Madeline Van Der Paelt. Together they dive into the core principles enumerated in Gene Kim's book, The Unicorn Project...
Essential Strategies for Securing Smart Factories
With Industry 4.0, manufacturing organizations need to recognize the unique threats and risks facing them, and strategize towards addressing them...
Zero-Day Coverage Update – Week of July 23, 2018
We’re at the end of July and the Zero Day Initiative ZDI has published 873 advisories so far. That’s 273 advisories this month alone – and that’s just the tip of the iceberg! Earlier this week, ZDI announced the Targeted Incentive Program, which brings over $1,500,000 USD in special bounty awards...
How attackers are abusing high-profile users and executives
Email is the prime communication channel for businesses and their employees worldwide. In fact, last year saw more than 269 billion emails sent per day, and Radicati Group researchers predict that by 2021, this number will rise to more than 319 billion. With so much critical and sensitive...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of April 30, 2018
When I was little, I discovered the joy of jumping on the bed. While it was fun to jump on the bed, I wanted to make it more challenging so I started to imitate the ski jumpers I had seen during the 1976 Winter Olympics and jump from my parents’ dresser to the bed. I quickly found out there’s a...
State-of-the-art Security: The role of technology in the journey to GDPR compliance
As we’ve discussed over the last 7 weeks in our video case study series, the General Data Protection Regulation GDPR impacts many different areas of our company, including our employees, customers, and partners. The GDPR also mandates the use of state-of-the-art security, which, as a leader in...
Arm your users with knowledge to spot phishing attacks – for free!
Attendees to the Black Hat 2017 security conference said their No. 1 security concern and most time-consuming activity was phishing and social engineering attacks. That’s no surprise with the increase in Business Email Compromise BEC attacks and with most ransomware being delivered by email. But...
Sharing the Journey to GDPR Compliance
Customer data is everything at Trend Micro. As a global cybersecurity leader, protecting customer data is what we do for a living, which is why it’s important for us to put into practice what we talk to our customers about. As a demonstration of our commitment to protecting our millions of...
Security Glue Between the Silos of Endpoint, Server, Cloud and Network Security Gets More Critical
Endpoint and Host security techniques have diverged. There used to be considerable similarity between the techniques and tools used to secure desktops, servers, and even networks. Desktops evolved to become Endpoints, as mobile devices proliferated and they were assembled into a collective of bei...
Protecting Your Children with Parental Controls
Chances are, your kids have never known a world when the internet wasn’t there—which is both good and bad news. On the one hand, it means these digital natives take to the online world much quicker than you or I ever did. On the other, it also means they’re less likely to question what they see o...
Ransomware Updates: Newest Threats, Protection Best Practices
Ransomware has consistently been in the spotlight since attacks first began emerging a few years ago. Now that new and powerful samples like WannaCry are being used to infiltrate large-scale organizations, ransomware continues to grab headlines. According to Trend Micro, one of the latest...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Embracing Choice in Cybersecurity: TrendAI Vision One™ and SentinelOne Integration
Discover how the TrendAI Vision One and SentinelOne integration exemplifies our commitment to endpoint flexibility...
Critical React Server Components Vulnerability CVE-2025-55182: What Security Teams Need to Know
CVE-2025-55182 is a critical CVSS 10.0 pre-authentication remote code execution vulnerability affecting React Server Components used in React.js, Next.js, and related frameworks see the context section for a more exhaustive list of affected frameworks...
Proactive Security and Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)
CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse...
How Google’s Wiz Acquisition Impacts CNAPP
Google aims to stake out a share of the CNAPP market and compete head-on against AWS and Microsoft Azure with its planned Wiz acquisition. What are the implications for companies invested in AWS and Azure cloud infrastructure?...
Agenda Ransomware Group Adds SmokeLoader and NETXLOADER to Their Arsenal
During our monitoring of Agenda ransomware activities, we uncovered campaigns that made use of the SmokeLoader malware and a new loader we've named NETXLOADER...
Earth Kurma APT Campaign Targets Southeast Asian Government, Telecom Sectors
An APT group dubbed Earth Kurma is actively targeting government and telecommunications organizations in Southeast Asia using advanced malware, rootkits, and trusted cloud services to conduct cyberespionage...
Black Basta and Cactus Ransomware Groups Add BackConnect Malware to Their Arsenal
In this blog entry, we discuss how the Black Basta and Cactus ransomware groups utilized the BackConnect malware to maintain persistent control and exfiltrate sensitive data from compromised machines...
Silent Threat: Red Team Tool EDRSilencer Disrupting Endpoint Security Solutions
Trend Micro's Threat Hunting Team has observed EDRSilencer, a red team tool that threat actors are attempting to abuse for its ability to block EDR traffic and conceal malicious activity...
Earth Simnavaz Levies Advanced Cyberattacks Against UAE and Gulf Regions
Trend Micro's investigation into the recent activity of Earth Simnavaz provides new insights into the APT group’s evolving tactics and the immediate threat it poses to critical sectors in the UAE...
Bringing Security Back into Balance
This article by Trend Micro CEO Eva Chen brings focus back to striking the cybersecurity strategies balance between business C-suite and information technology IT departments...
2 Weeks Out: Evolution at RSAC 2024
Discover the latest innovations in cyber defense and Trend's expert insights on AI, data security, and emerging threats...
Deepfakes and AI-Driven Disinformation Threaten Polls
Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year...
Importance of Scanning Files on Uploader Applications
Delve into the crucial practice of file scanning within uploader applications, and learn defensive measures to safeguards against malicious threats like malware...
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear
Our blog entry provides an in-depth analysis of Earth Hundun's Waterbear and Deuterbear malware...
A Deepfake Scammed a Bank out of $25M — Now What?
A finance worker in Hong Kong was tricked by a deepfake video conference. The future of defending against deepfakes is as much as human challenge as a technological one...
Protecting Your Network Security from Ivanti Zero-Day Threat
The overlooked vulnerability with real impacts...
Accelerating into 2024 with NEOM McLaren Formula E Team
...
Forward Momentum: Key Learnings From Trend Micro’s Security Predictions for 2024
In this blog entry, we discuss predictions from Trend Micro’s team of security experts about the drivers of change that will figure prominently in 2024...
Exploring Weaknesses in Private 5G Networks
Dive into the world of private 5G networks and learn about a critical security vulnerability that could expose IoT devices to attacks from external networks...
Exposing Infection Techniques Across Supply Chains and Codebases
This entry delves into threat actors' intricate methods to implant malicious payloads within seemingly legitimate applications and codebases...
How to Improve Cybersecurity Awareness and Training
Bill Malik, former Research Director at Gartner, discusses how to leverage the Capability Maturity Model to create an effective awareness program...
Cybersecurity Awareness Month 2023: 4 Actionable Tips
Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface...
Zero Trust Adoption: Tips to Win Over Leadership
Implementing Zero Trust can be difficult due to outdated systems, employee resistance, and cost. Yet, the benefits outweigh the challenges. It is key to use a platform that combines multiple security technologies to simplify IT and risk assessment, proper planning, and getting security buy-in fro...
Decoding Turla: Trend Micro's MITRE Performance
This year, the MITRE Engenuity ATT&CK evaluation tested cybersecurity vendors against simulated attack scenarios mimicking the adversary group “Turla.” Learn about Trend Micro's 100% successful protection performance...
Protect CNC Machines in Networked IT/OT Environments
Networking IT/OT environments is a bit like walking a tightrope, balancing the pursuit of intelligence and efficiency against the risks of exposing OT systems to the wider world. Trend Micro recently teamed up with global machine tool company Celada to identify specific risks associated with...
TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms
Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members...
What Can Generative AI do for Hybrid Cloud Security?
As enterprise security operations centers absorb cloud security functions, they face new challenges and require new skills. Generative AI can help by laying a secure cloud foundation and empowering SOC teams to respond effectively when threats arise...
The Journey to Zero Trust with Industry Frameworks
Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model...
Break IT/OT Silos by Expanding SOC Responsibilities
The latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks...
How a Cyber Security Platform Addresses the 3 “S”
Explore how a security platform can help organizations address the 3 "S" impacting cybersecurity: stealth, sustainability, and shortage...
How to Reach Compliance with HIPAA
Explore how to fulfil HIPAA compliance standards without friction...
How to Implement a Secure API Gateway
As you rely more on APIs to connect microservices in modern applications, these APIs become a lucrative target for bad actors. Learn how an API gateway provides an extra layer of security, helping protect your systems and data from unauthorized access...
Understanding XPath Injection Vulnerabilities
The ability to trigger XPath queries with user-supplied information introduces the risk of XPath injection attacks. Read on to explore how these attacks work and discover how to keep your XPath queries secure...