2304 matches found
Emotet Returns, Now Adopts Binary Padding for Evasion
Following a three-month hiatus, Emotet spam activities resumed in March 2023, when a botnet known as Epoch 4 began delivering malicious documents embedded in Zip files that were attached to the emails...
Examining Ransomware Payments From a Data-Science Lens
In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups' ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.”...
Zero Day Threat Protection for Your Network
Explore the world of zero day threats and gain valuable insight into the importance of proactive detection and remediation...
OT Cybersecurity Plan to Prevent the 5Ds
Outline a cybersecurity plan to protect your operational technology network by studying the five techniques adversaries use to target them...
TgToxic Malware’s Automated Framework Targets Southeast Asia Android Users
We look into an ongoing malware campaign we named TgToxic, targeting Android mobile users in Taiwan, Thailand, and Indonesia since July 2022. The malware steals users’ credentials and assets such as cryptocurrency from digital wallets, as well as money from bank and finance apps. Analyzing the...
TLS Connection Cryptographic Protocol Vulnerabilities
TLS is the backbone of encryption and key to ensuring data integrity, but its misconfiguration can leave your system vulnerable. Read on to discover how to secure your TLS connection and arm your organization against malicious attacks...
Ransomware Business Models: Future Pivots and Trends
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term “evolutions” and the bigger deviations “revolutions” they can redirect...
Pilfered Keys: Free App Infected by Malware Steals Keychain Data
Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused by threat actors to steal your data. Find out how one app was used to gather information of Apple users...
Comprehensive Traceability for Android Supply-Chain Security
We discuss the importance of traceability in the world of mobile operating systems...
PCI Compliance Requirements: Network Security
There are many challenges that accompany implementing PCI compliance within your organization. And, these challenges can be particularly tough to navigate alone, given their importance. This article explores how Trend Micro Cloud One – Network Security helps you overcome the complexities of...
Security Risks in Logistics APIs Used by E-Commerce Platforms
Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and...
CIEM vs CWPP vs CSPM
This article will explore three solutions, CIEM, CWPP, and CSPM, detail a sample case for each, and help you to determine when and how to use them—whether individually or in conjunction with one another...
Hybrid Cloud Security Challenges & Solutions
Explore hybrid cloud security challenges, components, and tips to minimize your cyber risk...
Top 5 Cloud Security Trends from AWS re:Inforce 2022
With the industry changing so rapidly, it is often hard to keep up with what is new in cloud security, so we thought we would put together a list of the top five cloud security trends we found during AWS re:Inforce 2022...
4 Cybersecurity Budget Management Tips
Learn how CISOs can strategically manage their cybersecurity budget to run more productive cybersecurity teams amid a skills shortage...
Cyber Insurance Coverage Checklist: 5 Security Items
Explore 5 security considerations in-line with cyber insurance requirements to renew or obtain a policy while reducing your cyber risk...
SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant
This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of...
Private Network 5G Security Risks & Vulnerabilities
Why cybersecurity is the first step to private network deployment...
Websites Hosting Fake Cracks Spread Updated CopperStealer Malware
We found updated samples of the CopperStealer malware infecting systems via websites hosting fake software...
The Difference Between Virtual Machines and Containers
Discover the key differences, use cases, and benefits of virtual machines and containers...
New Partner Bit Discovery Helps TM with Attack Surface
We’re excited to partner with Bit Discovery, bringing attack surface discovery capabilities to the Trend Micro One platform, providing ongoing visibility to internal assets devices, identities, applications but also external, internet-facing assets...
Critically Underrated: Studying the Data Distribution Service (DDS) Protocol
Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service DDS standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022...
An Investigation of the BlackCat Ransomware via Trend Micro Vision One
We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes with extended detection and response XDR capabilities. BlackCat aka AlphaVM or AlphaV is a ransomware family created in the Rust programming language and operated under...
TM Named CWS "Strong Performer" by Research Firm
Trend Micro was named a strong performer in the Forrester Wave™: Cloud Workload Security, Q1 2022, achieving the highest possible score in the market presence category. That said, Trend Micro Cloud One secures far more than workloads and containers...
An In-Depth Look at ICS Vulnerabilities Part 3
In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common ICS-affecting vulnerabilities identified in 2021...
Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses both to deliver the LockBit ransomware...
Terraform Tutorial: Drift Detection Strategies
A fundamental challenge of architecture built using tools like Terraform is configuration drift. Check out these actionable strategies and steps you can take to detect and mitigate Terraform drift and manage any drift issues you might face...
Attacks Abound in Tricky Threat Terrain: 2021 Annual Cybersecurity Report
The digital transformations that had enabled many enterprises to stay afloat amid the Covid-19 health crisis also brought about major upheavals in cybersecurity, the impact of which was still widely felt in 2021. In our annual cybersecurity report, we look back at 2021 in terms of the most...
New Nokoyawa Ransomware Possibly Related to Hive
In March 2022, we came across evidence that another, relatively unknown, ransomware known as Nokoyawa is likely connected with Hive, as the two families share some striking similarities in their attack chain, from the tools used to the order in which they execute various steps...
New RURansom Wiper Targets Russia
We analyze RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its name, analysis reveals RURansom to be a wiper...
5 Cloud Native Security Platform Must-haves
Discover 5 key security components to review and how to leverage a cloud native security platform with Mick McCluney Trend Micro and Kelly Griffin AWS...
Why IaC Security Should Matter to CISOs
Explore how secure infrastructure-as-code IaC enables security leaders to help DevOps teams quickly deliver more business value...
How to Use Zero Trust Security for the Hybrid Cloud
Securing the hybrid cloud can be complex. Explore how CISOs can use the zero trust security approach for more proactive protection...
How to detect Apache Log4j vulnerabilities
Explore how to detect Apache Log4j Log4Shell vulnerabilities using cloud-native security tools...
This Week in Security News - January 21, 2022
This week, read about various cybersecurity threats that affect industrial control and the Cybersecurity and Infrastructure Security Agency CISA’s latest cyberattack warnings...
The Log4j story, and how it has impacted our customers
Read about the Log4j story, an analysis of the impact and what to do next...
Why You Need XDR in Today's Threat Landscape
Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to enabling more resilience...
New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes
We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related to database and backup management...
What to do at AWS re:Invent 2021 - Day 3
Welcome to your complete guide to AWS re:Invent 2021 Day 3, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually...
Reduce Friction Between IT Leaders and C-suite
As we creep toward a post-pandemic world, organizations need to plan accordingly. Explore Trend Micro’s latest cyber risk research to enable your business to maximize its growth and potential...
Defend Against Cyber Espionage Attacks
Explore Trend Micro’s latest research into Void Balaur, a prolific cybermercenary group, to learn how to defend against attacks launched by this growing group of threat actors...
Application Security 101
Everything DevOps teams need to know about web application security risks and best practices...
QAKBOT Loader Returns With New Techniques and Tools
QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware attacks. Our report shares some insight into the new techniques and tools this threat is using...
Compromised Docker Hub Accounts Abused for Cryptomining Linked to TeamTNT
In October 2021, we observed threat actors targeting poorly configured servers with exposed Docker REST APIs by spinning up containers from images that execute malicious scripts...
This Week in Security News - November 5th, 2021
This week, learn about what the future of cybercrime could potentially look like by the start of the next decade, according to Trend Micro’s Project 2030. Also, read on how a hacker stole $784k in crypto through SIM swaps...
Integrate Cybersecurity Incident Response in DevSecOps
This article examines the need for cross-functional integration and integrated communication between development and security teams to prevent communication dead zones and avoid delays in alerting and remediation...
Do Home Hackers Compromise Business Security?
The most recent Pwn2Own Fall 2021 Pwn2Own Austin includes more IoT entries than ever. This gives us an opportunity to probe today’s largest and newest enterprise attack surface: the home office...
This Week in Security News – October 22, 2021
In this week in security news, learn about a new backdoor from PurpleFox that utilizes WebSockets for more secure communication the link between the Sinclair ransomware attack and the cybercrime group Evil Corp...
Demo: How to Build a Container Registry from a Container
What came first the container or the container registry? Find out and learn how to build, run, and scan your very own container registry from a container itself on your laptop...
Demo: A Guide to Virtual Machine App Security
Enhance your virtual machine VM application security from vulnerabilities in your Spring Framework Java application by reviewing these guidelines...