2303 matches found
To Keep Up With Cybersecurity Laws, Go 'Federal First'
With new cybersecurity laws and regulations rolling out, the best way to maintain broad compliance is to align with the most stringent frameworks. In the U.S., that means taking a ‘federal first’ approach—conforming to the highest security requirements of the United States federal government...
Attackers Use Containers for Profit via TrafficStealer
We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads...
Cyber Threat Intelligence: The Power of Data
Discover how cybersecurity leaders and decision makers can leverage cyber threat intelligence to increase security posture and reduce risk...
5 Types of Cyber Crime Groups
Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy...
Choosing a Hybrid Cloud Security Solution 101
Explore helpful tips for choosing the right hybrid cloud security solution to address cybersecurity challenges of today and tomorrow...
Why Chaos Engineering is a Good Stress Test Strategy
Learn about chaos engineering, a method of resilience testing that intentionally introduces “chaos” into a system to discover vulnerabilities and weaknesses that can be exploited by attackers...
Preventing and Detecting Attacks Involving 3CX Desktop App
In this blog entry, we provide technical details and analysis on the 3CX attacks as they happen. We also discuss available solutions which security teams can maximize for early detection and mitigate the impact of 3CX attacks...
ICS/OT Cybersecurity 2022 TXOne Annual Report Insights
This article gives an in-depth overview of TXOne’s insight report on ICS/OT cyber incidents...
Secure Cloud Migration 101
Cloud migration is a journey, not a destination. Learn the basics of security for making the gradual switch, so you can get the most out of what the cloud has to offer...
Pack it Secretly: Earth Preta’s Updated Stealthy Strategies
After months of investigation, we found that several undisclosed malware and interesting tools used for exfiltration purposes were being used by Earth Preta. We also observed that the threat actors were actively changing their tools, tactics, and procedures TTPs to bypass security solutions. In...
Expanding Attack Blueprints: 2022 Annual Cybersecurity Report
In this blog entry, we shine a spotlight on some of the most critical cybersecurity concerns of 2022, which we discuss in full in our annual cybersecurity report, “Rethinking Tactics: 2022 Annual Security Report.”...
Decrypting Cyber Risk Quantification
Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization...
Fight Ransomware with a Cybersecurity Audit
An advanced cybersecurity audit helps identify overlooked IP addresses, forgotten devices, and misconfigured infrastructure that can expose organizations to ransomware and other cyber threats. Find out how to strengthen attack surface risk management...
Cybersecurity Posture & Insurance Outlook with Advisen
Trend Micro’s Eric Skinner, and Advisen, an insurance data and analytics company, discuss the current threat landscape, cyber risk management, and how vendors and cyber insurers can champion enhanced cybersecurity posture...
Attacking The Supply Chain: Developer
In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment IDE, this proof considers the execution of malicious build scripts via injecting commands when th...
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click PPC ads to distribute IcedID via malvertising attacks...
Prevent Cryptocurrency Cyber Extortion
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. We review cryptocurrency trends and how enterprises can enhance their cybersecurity posture to prevent cyber extortion...
When and How to Use AWS Graviton
Discover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton...
Web3 IPFS Only Used for Phishing - So Far
We discuss the use of the InterPlanetary File System IPFS in phishing attacks...
Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan RAT named the CHAOS Remote Administrative Tool...
Protect Your Network with Zero-Day Threat Protection
Explore the world of zero-day threats and gain valuable insight into the importance of proactive detection and remediation. Learn how Trend Micro™ Research mitigates risk by providing global cybersecurity intelligence to continuously discover the ever-changing attack surface, understand and...
Industry 4.0: CNC Machine Security Risks Part 2
This three-part blog series explores the risks associated with CNC machines...
How the MITRE ATT&CK Framework Enhances Cloud Security
Upgrade your cybersecurity game with MITRE ATT&CK™. Discover how this framework can help you protect your business—now and in the future...
How a Unified Security Platform Protects the Cloud
Massive growth in cloud use has increased the enterprise attack surface. Addressing the risks with specialized point solutions is unwieldy, complex and can leave vulnerability gaps—driving many companies to seek a unified cyber security platform...
Hybrid Cloud Management Security Tools
Explore hybrid cloud management security challenges, components, and tips to minimize your cyber risk...
Guide to Better Threat Detection and Response
50% of teams in a Trend Micro global study said they’re overwhelmed by the number of alerts surfaced by disconnected point products and SIEMs. Discover how XDR can reduce false positives and enhance threat detection and response...
Guide to Better Threat Detection and Response (XDR)
50% of teams in a Trend Micro global study said they’re overwhelmed by the number of alerts surfaced by disconnected point products and SIEMs. Discover how XDR can reduce false positives and enhance threat detection and response...
TeamTNT Returns — Or Does It?
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat actor group, WatchDog...
Oil and Gas Cybersecurity: Trends & Response to Survey
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry's challenges and present Trend Micro's recommendations...
Incident Response Services & Playbooks Guide
63% of c-level executives in the US don’t have an incident response plan yet 50% of organizations experience a cyberattack. Explore incident response services and playbooks to strengthen your cyber defenses...
Preventing Cryptocurrency Cyber Extortion
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. Discover cryptocurrency trends and how enterprises can enhance their cybersecurity posture to prevent cyber extortion...
Pros and Cons of 5G
As private 5G networks continue to roll-out, CISOs and security leaders need to fully aware of the security implications to minimize cyber risk. Explore pros and cons as well as security tips for implementing private 5G...
How Malicious Actors Abuse Native Linux Tools in Attacks
Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on how to minimize their impact...
Play Ransomware's Attack Playbook Unmasks it as Another Hive Affiliate like Nokoyawa
Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them indicate that Play, like Nokoyawa, may be a Hive affiliate...
3 Hybrid Cloud Security Challenges & Solutions
Explore hybrid cloud security challenges, components, and tips to minimize your cyber risk...
Event-Driven Architectures & the Security Implications
This article explores event-driven architecture EDA with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best practices for mitigating security concerns...
Forecasting Metaverse Threats: Will it Become Metaworse?
This report shares threat predictions concerning a rapidly evolving area of the physical and digital word – the metaverse. We refine our definition of the metaverse, while identifying threats against it and inside it...
Lessons from the Russian Cyber Warfare Attacks
Trend Micro experts discuss how the prominence of cyberwarfare in a hyper-connected world is a call for enhanced cyber risk management...
How to Apply a Zero Trust Security Model to ICS
Discover how to leverage the zero trust strategy to protect ICS environments, enabling a stronger security posture and reducing risk...
Trend Micro CEO Discusses Need for a Unified Cybersecurity Platform
In the face of evolving cyberattacks, an ever-expanding digital attack surface, and a global skills shortage, organizations need a more unified approach to managing cyber risk. Trend Micro co-founder & CEO Eva Chen discusses our vision and strategy for delivering a unified cybersecurity platform...
New Linux-Based Ransomware Cheerscrypt Targeting ESXi Devices Linked to Leaked Babuk Source Code
New findings showed that Cheerscrypt, a new Linux-based ransomware variant that compromises ESXi servers, was derived from the leaked Babuk source code. We discuss our analysis in this report...
Celebrating 15 Years of Pwn2Own
Join Erin Sindelar, Mike Gibson, Brian Gorenc, and Dustin Childs as they discuss Pwn2Own's 15th anniversary, what we've learned, and how the program will continue to serve the cybersecurity community in the future...
Sandstone CTO shares how to assess cyber risk in the cloud
Chaitanya Pinnamanemi discusses how visibility and prioritization are key to securing your digital attack surface and reducing cyber risk...
NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
This report focuses on the components and infection chain of the NetDooka framework. Its scope ranges from the release of the first payload up until the release of the final RAT that is protected by a kernel driver...
Unified Cybersecurity Platform: Why CISOs are Shifting
Our global study polled more than 2,300 IT security decision makers to discover how to best assist and support SecOps teams with a unified cybersecurity platform so you can be more resilient with less resources...
Aligning the c-suite with cyber risk management
As we creep toward a post-pandemic world, organizations need to plan accordingly. Explore Trend Micro’s latest cyber risk research to enable your business to maximize its growth and potential...
Secure application development cloud best practices
The need for agility can often sideline security best practices; we explore how to build with security at the forefront without compromising time to delivery...
Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders
We take a look at our latest Cyber Risk Index CRI findings across North America, Europe, Asia-Pacific, and Latin/South America, to help security leaders better understand, communicate, and address their enterprise’s cyber risk...
TM Named CWS "Strong Performer" in Forrester Wave 2022
Trend Micro was named a strong performer in the Forrester Wave™: Cloud Workload Security, Q1 2022, achieving the highest possible score in the market presence category. That said, Trend Micro Cloud One secures far more than workloads and containers...
How to Optimize Your Lambda Code
Learn how to make your code run more efficiently in AWS Lambda, so you can save money and time!...