2303 matches found
Cloud-ready and Channel-first
Trend Micro named one of 2023’s coolest cloud security companies...
Cyber Security Managed Services 101
MSP partnerships are growing in line with rapid cloud migration and the evolving threat landscape. Discover how an MSP can help your business and tips for making an informed partner decision...
Gootkit Loader Actively Targets Australian Healthcare Industry
We analyzed the infection routine used in recent Gootkit loader attacks on the Australian healthcare industry and found that Gootkit leveraged SEO poisoning for its initial access and abused legitimate tools like VLC Media Player...
A Closer Look at Windows Kernel Threats
In this blog entry, we discuss the reasons why malicious actors choose to and opt not to pursue kernel-level access in their attacks. It also provides an overview of kernel-level threats that have been publicly reported from April 2015 to October 2022...
Trend Micro Joins Google’s App Defense Alliance
Trend Micro will be joining Google's App Defense Alliance ADA to help improve their ability to identify malicious apps before they are published to the Google Play store...
Forging Ahead in 2023: Insights From Trend Micro’s 2023 Security Predictions
In 2023, cybercriminals and defenders alike will have to move forward with caution in the face of a business landscape that’s fraught with security blindsides and economic ebbs and flows...
Cybersecurity Reflections from 26 Years at Trend
Trend Micro is one of the few cybersecurity vendors today that can protect your entire world, whether it is your home office and family, your drive to work, or your work environment...
Industry 4.0: CNC Machine Security Risks Part 1
This three-part blog series explores the risks associated with CNC machines...
How a Unified Security Platform Protects the Cloud
Massive growth in cloud use has increased the enterprise attack surface. Addressing the risks with specialized point solutions is unwieldy, complex and can leave vulnerability gaps—driving many companies to seek a unified cyber security platform...
Security Culture Matters when IT is Decentralized
Decentralization can make enterprises more agile but it also makes IT and network security more complex. Creating a strong security culture, deploying the right tools, and defining an incident response plan are key to keeping the business protected...
Will Cloud-Native Network Security Oust Firewalls?
Security threats have already begun to outpace cloud firewalls. It’s a fact. But organizations exploring new cloud-native solution find themselves more prepared to stay resilient. Find out how cloud-native network security’s features and benefits are making this possible...
Hybrid Cloud Management Security Tools
Explore hybrid cloud management security challenges, components, and tips to minimize your cyber risk...
Latest on OpenSSL 3.0.7 Critical Bug & Security-Fix
Potential disruptions following vulnerabilities found in OpenSSL...
Latest on OpenSSL 3.0.7 Bug & Security-Fix
Potential disruptions following vulnerabilities found in OpenSSL...
How a Cloud Security Broker Reduces SaaS App Risks - SASE Part 4
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to maintain data control with Cloud Application Security Broker CASB technology...
From Bounty to Exploit: Observations About Cybercriminal Contests
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we discuss our takeaways and summarize the results of these contests...
Software Patch Management Policy Best Practices
Explore the top risk-based patch management policy best practices to mitigate the growing threat of vulnerability exploits in your organization...
Cyber Security Framework: Back to Basics
Dr. Ivan Pavlov once said: “If you want new ideas, read old books.” The same applies with cybersecurity best practices. Discover how you can extend a basic cyber security framework to reduce systems and employee security risks...
Stronger Cloud Security in Azure Functions Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions...
How Underground Groups Use Stolen Identities and Deepfakes
The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise BEC and identity verification bypassing to new levels...
How to Prevent Ransomware as a Service (RaaS) Attacks
Explore key insights on how ransomware as a service RaaS operators work and how to prevent ransomware attacks...
Top 5 CNAPP-Solved Security Challenges
Cloud-native application security solutions consist of various tools, each with its own objective - learn what security challenges CNAPP solves...
A Secure Access Service Edge (SASE ) Guide for Leaders
Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface...
Why It’s Time to Map the Digital Attack Surface
Trend Micro research reveals struggle to control cyber risks against mounting digital attack surfaces...
Azure vs. AWS Developer Tools
Both AWS and Azure developer tools provide key efficiencies in your DevOps environment, learn the comparison between tools, any overlap, and use cases for both...
Addressing Cyber Risk with a Unified Platform
Hear from guest speaker, Forrester analyst, Allie Mellen, as she shares insights and advice on the factors firms should consider when looking at leveraging a security platform for managing the attack surface lifecycle...
Trend Micro's One Vision, One Platform
Why Trend Micro is evolving its approach to enterprise protection...
AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
We found an AvosLocker ransomware variant using a legitimate anti-virus component to disable detection and blocking solutions...
Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders
We take a look at our latest Cyber Risk Index CRI findings across North America, Europe, Asia-Pacific, and Latin/South America, to help security leaders better understand, communicate, and address their enterprise’s cyber risk...
Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously
One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine cryptocurrency...
Cyber Threat Intelligence: Risk Management Strategies
The ever-expanding attack surface of the cloud calls for effective cyber risk management to enable enterprises to innovate and meet business objectives. Discover how to better understand, communicate, and mitigate cyber risk across the enterprise...
How to Build a Serverless API with Lambda and Node.js
Is your app server serving more stress than function? Explore this walkthrough for configuring and deploying a serverless API and discover the vast benefits of letting cloud services manage your infrastructure...
Will Russian Oil Ban Spur Increased Cyber-Attacks
President Biden banned the sale of Russian oil to the United States to deprive the Putin regime of the economic resources needed to wage war. But this may put US companies in the firing line of cyber-attacks from the east...
Global Cyberattacks: Managing Risk in Chaotic Times
As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices are presented to manage your cyber risk...
7 Container Security Best Practices For Better Apps
Explore how to implement 7 container security best practices within a CI/CD pipeline built with tools from Amazon Web Services AWS...
Codex Exposed: Helping Hackers in Training?
How useful is the Codex code generator as a potential training tool?...
Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques
Our technical brief provides an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure it uses...
This Week in Security News - January 14, 2022
This week, read about how crucial it is for security teams to adopt an integrated approach to threat detection, such as remote control, and Congress’s plan to update the Federal Information Security Management Act FISMA for the first time in eight years...
What to Do About Log4j
Learn more about some tactical measures people are already taking, and some strategic guidance for what to do after the immediate crisis abates...
Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager
We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign...
Why XDR security in today's threat landscape
Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to enabling more resilience...
How Zero Trust and XDR Work Together
As the Zero Trust approach gains momentum, more organizations are looking to apply it to their security strategy. Learn how XDR and Zero Trust work together to enhance your security posture...
This Week in Security News - December 10, 2021
This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure...
Discovering the Exploitable Security Gaps in Remote Work Spaces
Unprotected smart devices that populate home offices are seen as low-hanging fruit by cybercriminals. These machines can be compromised and used in criminal campaigns or leveraged to gain deeper access to home networks...
Does Home IoT Compromise Enterprise Security?
The most recent Pwn2Own Fall 2021 Pwn2Own Austin includes more IoT entries than ever. This gives us an opportunity to probe today’s largest and newest enterprise attack surface: the home office...
Cybersecurity Trends & Predictions for CISOs
Jon Clay, VP of threat research at Trend Micro, predicts cybersecurity attacks CISOs need to prepare for...
Ransomware Negotiation Scenarios: What to Expect
We wanted to get a better understanding of what victims go through during the aftermath and recovery process of a ransomware attack to help others in case they find themselves in a similar situation. To do this, we analyzed victim support chats for five ransomware families...
Ransomware Negotiation Scenarios: What to Expect
We wanted to get a better understanding of what victims go through during the aftermath and recovery process of a ransomware attack to help others in case they find themselves in a similar situation. To do this, we analyzed victim support chats for five ransomware families...
Workshop: AWS S3 Bucket for Malware Scanning
In this workshop, you will learn how to scan your objects that are being uploaded to Amazon S3 buckets for malware and integrate into your custom workflows, by automating with your current resources, directly in your AWS environment...
Private 5G Security Risks in Manufacturing Part 2
We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry...