2304 matches found
Managing Cyber Risk for Under-Pressure CISOs
Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively...
Modern Attack Surface Management (ASM) for SecOps
Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management ASM and what SecOps need to look for in an ASM solution...
Top 4 Emerging Trends in Software Engineering
Explore key takeaways about emerging software engineering trends from Gartner's annual Application Innovation and Business Solutions Summit...
How to Improve Cybersecurity Awareness and Training
Bill Malik, former Research Director at Gartner, discusses how to leverage the Capability Maturity Model to create an effective awareness program...
Managing Cyber Risk for CISOs Under Pressure
Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively...
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership
In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign...
INTERPOL + Trend to Fight African Cybercrime Networks
Global threat intelligence helps to disrupt thousands of African cyber crimes networks...
ChatGPT Highlights a Flaw in the Educational System
Rethinking learning metrics and fostering critical thinking in the era of generative AI and LLMs...
New SEC Cybersecurity Rules: What You Need to Know
The US Securities and Exchange Commission SEC recently adopted rules regarding mandatory cybersecurity disclosure. Explore what this announcement means for you and your organization...
New SEC Cybersecurity Rules: What You Need to Know
The US Securities and Exchange Commission SEC recently adopted rules regarding mandatory cybersecurity disclosure. Explore what this announcement means for you and your organization...
Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns
Trend Micro’s Mobile Application Reputation Service MARS team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users...
4 Cybersecurity Budget Management Tips
Learn how CISOs and security leaders can strategically manage their cybersecurity budget to run more productive security teams amid a recession and skills shortage...
The XDR Payoff: Better Security Posture
As the extended detection and response XDR market grows and evolves, it’s a great opportunity to learn about the positive outcomes like better security posture experienced by organizations that have invested in these capabilities...
Cybersecurity Awareness Training to Fight Ransomware
Advanced technologies allow organizations to discover, assess and mitigate cyber threats like ransomware. But truly strong cybersecurity also requires a threat-aware workforce—prompting more and more enterprises to focus on cybersecurity awareness training and testing...
How to Achieve AWS Operational Excellence in Your Cloud Workload
Explore the Operational Excellence pillar of the AWS Well-Architected Framework and examine best practices and design principles for cloud-based security operations, including CI/CD and risk management...
How to Implement a Secure API Gateway
As you rely more on APIs to connect microservices in modern applications, these APIs become a lucrative target for bad actors. Learn how an API gateway provides an extra layer of security, helping protect your systems and data from unauthorized access...
Insight on Vulnerabilities in MOVEit Transfer
Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back...
Behind the Scenes: Unveiling the Hidden Workings of Earth Preta
This blog entry discusses the more technical details on the most recent tools, techniques, and procedures TTPs leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor...
Health Industry Cybersecurity Best Practices 2023
This blog explains the new resources of health industry cybersecurity practices and landscape analysis which the HHS U.S. Department of Health and Human Services released in Apr 2023...
Against the Clock: Cyber Incident Response Plan
Conventional wisdom says most organizations will experience a cybersecurity breach at some point—if they haven’t already. That makes having a ready-to-launch incident response process crucial when an attack is detected, as this fictionalized scenario shows...
SaaS Drove Trend’s 20% Q1 2023 Year-Over-Year Growth
Trend’s diversification of business units and geographic markets provides resilience that enables growth, anticipation and innovation...
Managed XDR Investigation of Ducktail in Trend Vision One™
The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers...
How to Build a Simple Application Powered by ChatGPT
OpenAI’s ChatGPT API enables applications to access and integrate ChatGPT, a large language model LLM that generates human-like responses to input. Learn how to build a web application that utilizes ChatGPT to generate useful output...
Data Exfiltration Prevention with Zero Trust
Data exposure from SaaS and cloud applications is an increasing risk factor facing businesses today. Discover how SASE capabilities can help prevent data exfiltration, achieve zero trust, and reduce cyber risk across the attack surface...
Achieving Cloud Compliance Throughout Your Migration
Part of a secure cloud migration strategy is ensuring compliance of all the moving pieces. Just like your cloud journey, cloud compliance isn’t all about the final destination. Discover how to leverage cloud security tools to ensure compliance is met along the way...
Attackers Use Containers for Profit via TrafficStealer
We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads...
Top 5 Infrastructure as Code Security Challenges
Learn how to counteract the top five challenges of infrastructure as code IaC and discover how these obstacles pose a threat to security and gain valuable insight in how to mitigate these risks...
S4x23 Review Part 4: Cybersecurity for Industrial IoT
In this fourth article, I introduce the discussion related to Industrial IoT, that is involved challenges to adopt cybersecurity strategy into modernizing environment...
Azure Serverless Security Risks Exposed by New Study
Simulation uncovers hidden features and urges greater user awareness...
AWS Graviton Use Cases
Discover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton...
Making the digital world safer, one Tesla at a time
Contestants gather at Pwn2Own Vancouver to showcase their skills and uncover vulnerabilities...
3 Ways to Evolve Your Cybersecurity Operations
To meet the expectations of today’s digital enterprises, cybersecurity operations need to modernize in three key ways: by optimizing extended detection and response XDR, adopting proactive cyber risk management, and moving to a unified security platform...
Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers
Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog...
4 Predictions for Cyber Insurance Requirements 2023
As the threat landscape evolves and the cost of data breaches increase, so will cyber insurance requirements from carriers. Cyber Risk Specialist Vince Kearns shares his 4 predictions for 2023...
Web3 IPFS Currently Used For Phishing
We discuss the use of the InterPlanetary File System IPFS in phishing attacks...
Top 3 Non-Technical Cybersecurity Trends for 2023
A strong cybersecurity strategy isn’t just about choosing the right tools. Cybersecurity experts Greg Young and William Malik discuss three non-technical cybersecurity trends for 2023 to help security leaders reduce cyber risk across the enterprise attack surface...
Cyber Crime: INTERPOL Uses Trend Threat Intelligence
INTERPOL recently conducted operation African Surge to take down malicious infrastructure across the African continent and requested the help of private enterprises. Trend Micro is proud to have been asked to participate, and provided global threat intelligence that was utilized in this operation...
Global Cyber Risk at Elevated Level
North America Least Prepared for Cyberattacks...
Are Containers Affected by OpenSSL Vulnerabilities?
Find out if your container-based applications are vulnerable to the new OpenSSL vulnerabilities and the recommendations to help ensure you are protected...
Organized Cyber Crime Cases: Access as a Service
Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service AaaS, an emerging business model selling all-access passes to other cyber criminals...
Manufacturing Cybersecurity: Trends & Survey Response
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry's challenges and present Trend Micro's recommendations...
Threat Actors Target AWS EC2 Workloads to Steal Credentials
We found malicious samples attempting to steal Amazon Elastic Compute Cloud EC2 Workloads' access keys and tokens via typosquatting and the abuse of legitimate tools...
LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint...
Ransomware Insurance Security Strategies
Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how to improve your ransomware prevention strategy to reduce cyber risk and meet insurance requirements...
TeamTNT Returns – or Does It?
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat actor group, WatchDog...
Enhance Cyber Defense with 2022 Cybersecurity Trends
Jon Clay, VP of Threat Intelligence, reviews cybersecurity trends from the first half of 2022 to help CISOs and security leaders enhance their cyber defense strategy and lower cyber risk...
4 Cybersecurity Budget Management Tips
Learn how CISOs can strategically manage their cybersecurity budget to run more productive cybersecurity teams amid a skills shortage...
Biden Cybersecurity Executive Order: Ex-USSS Reflects
Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, reflects on the effectiveness of Biden’s executive order and what organizations of all sizes can learn from it...
Cyber Security Managed Services 101
MSP partnerships are growing in line with rapid cloud migration and the evolving threat landscape. Discover how an MSP can help your business and tips for making an informed partner decision...
Improve Threat Detection & Response with OCSF
New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier...