2303 matches found
Curb Your Cyber Risk
With global cyber risk at an all-time high, understand how you can lower yours...
1H 2020 Cyber Security Defined by Covid-19 Pandemic
When we published our 2020 Predictions report in December, we didn’t realize there was a global pandemic brewing that would give cybercriminals an almost daily news cycle to take advantage of in their attacks against people and organizations around the world. Malicious actors have always taken...
Connected Security Solutions Helps City of Tyler’s CIO to Reduce Costs While Enabling Delivery of Enhanced Community & Public Safety Services
“We’re here to serve” is Benny Yazdanpanahi’s motto as CIO for City of Tyler located in Texas. Supporting a population of approximately 107,000, Yazdanpanahi’s vision for his city relies on the use of data to deliver exceptional services to citizens, today and into the future. Since joining the...
The Challenges and Opportunities of Working Remotely
Security has faced its own unique set of challenges during the shift to remote working. Ian Keller, CSO of SBV Services, recently sat down with Trend Micro and shared his thoughts on how his organization is coping with the current pandemic...
How to Best Secure All Your Cloud Native Environments
Hear from Ian Heritage about the security challenges surrounding weak configurations, container and serverless threats in cloud-native environments, and strategies that help you build secure and ship fast on AWS...
Beyond the Endpoint: Why Organizations are Choosing XDR for Holistic Detection and Response
The endpoint has long been a major focal point for attackers targeting enterprise IT environments. Yet increasingly, security bosses are being forced to protect data across the organization, whether it’s in the cloud, on IoT devices, in email, or on-premises servers. Attackers may jump from one...
Bridging the Cloud Communication Gap. #LetsTalkCloud
The conversation between you and your Board of Directors is not always a walk in the park. With more and more cloud projects coming your way, it’s time to change the conversation to speak their language and start smoothing out the journey...
Protect Your Cloud Workloads using IaC
Get step-by-step instructions on how to perform an automated security deployment utilizing Terraform by Hashicorp, an Azure Custom-Script Extension, and a Trend Micro Cloud One™ deployment script stored in an Azure Key Vault...
How to Secure Applications Using Security as Code
Follow along as Chuck Losh, Solutions Architect, uses Azure App Service, Visual Studio Code, GitHub, and PHP to run an experiment on how to secure applications using security as code from Trend Micro Cloud One™ – Application Security...
#LetsTalkCloud: The Security of Software
Let's Talk Cloud: Season 02 // Episode 04: Host, Mark Nunnikhoven, interviews Founder, Security Trainer, and Coach at SheHacksPurple.dev, Tanya Janca. Together they explore tips and tricks for developing a security mindset...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Helping Mobile Operators Keep Customers Safe with Virtualized Network Security
At Trend Micro we’re always looking for innovative new ways to support our customers and help overcome their cybersecurity challenges. Mobile network operators MNOs are increasingly adopting virtualization and software acceleration technologies to become more agile in how they deploy and operate...
Bridging the Skills Gap with Trend Micro’s Capture the Flag (CTF) Competition
We all know the IT security industry is suffering from chronic skills gaps and shortages around the world. In the US things are no different, with an estimated talent shortfall of around 40,000 jobs for information security analyst roles alone. While various initiatives have been proposed, few ha...
The Latest on WannaCry, UIWIX, EternalRocks and ShadowBrokers
Ransomware has gained global attention over the course of the last two weeks due to the huge spread of WannaCry. Following the initial attacks, we’ve seen UIWIX, Adylkuzz and now EternalRocks come onto the scene leveraging the same core set of vulnerabilities. The common thread between the three...
Trend Micro and INTERPOL: Teaming Up Again to Fight Global Cybercrime
At Trend Micro we have a long history of partnering with law enforcement whenever called upon. We believe that the skills and resources of the private sector can offer allow law enforcement to surge and scale on any particular threat. Combatting the threat posed by transnational cyber criminal...
A Storm’s a Coming: How businesses can defend against threat actor groups like Pawn Storm
Pawn Storm aka Sednit5, Fancy Bear, APT28, Sofacy and STRONTIUM8 might sound like Instagram accounts, top-secret spy programs or recently passed legislation, but in reality they are all different names for the same successful cyber espionage group or threat actor group. These actors often use...
Governing Claude Enterprise in Environments Where Inline Controls Can't Go
TrendAI™ integrates the Claude Compliance API into TrendAI Vision One™ through two collectors that bring AI-aware visibility and detection to Claude Enterprise usage: one keeps all data inside the environment, while the other feeds TrendAI Vision One™ for deeper correlation and compliance...
Smart Contracts for C&C: How ClearFake Hid in Plain Sight on BSC Testnet
TrendAI™ Research analyzed an intrusion where threat actors used the EtherHiding technique to route ClearFake payload delivery through smart contracts on the BNB Smart Chain testnet. The attack chain ended with two simultaneously deployed stealers, SectopRAT and ACRStealer alongside an on-chain...
Analyzing TeamPCP’s Supply Chain Attacks: Checkmarx KICS and elementary-data in CI/CD Credential Theft
Our research examines the April 22 Checkmarx KICS and April 24 elementary-data incidents as part of a broader TeamPCP supply chain campaign. Across both cases, the actor abused trusted CI/CD and release workflows to steal credentials at scale...
Vibe Hacking: Two AI-Augmented Campaigns Target Government and Financial Sectors in Latin America
TrendAI™ Research has identified two emerging threat campaigns—SHADOW-AETHER-040 and SHADOW-AETHER-064—that use agentic AI to drive intrusion operations against government and financial organizations in Latin America, marking these among the first cases we have observed of AI agents executing...
Breaking Down S3 Ransomware: Variants, Attack Paths and Trend Vision One™ Defenses
In this blog entry, Trend™ Research explores how ransomware actors are shifting their focus to cloud-based assets, including the tactics used to compromise business-critical data in AWS environments...
RondoDox: From Targeting Pwn2Own Vulnerabilities to Shotgunning Exploits
Trend™ Research and ZDI Threat Hunters have identified a large-scale RondoDox botnet campaign exploiting over 50 vulnerabilities across more than 30 vendors, including flaws first seen in Pwn2Own contests...
A Cascade of Insecure Architectures: Axis Plugin Design Flaw Expose Select Autodesk Revit Users to Supply Chain Risk
We discovered Azure Storage Account credentials exposed in Axis Communications’ Autodesk Revit plugin, allowing unauthorized modification of cloud-hosted files. This exposure, combined with vulnerabilities in Autodesk Revit, could enable supply-chain attacks targeting end users...
New LockBit 5.0 Targets Windows, Linux, ESXi
Trend™ Research analyzed source binaries from the latest activity from notorious LockBit ransomware with their 5.0 version that exhibits advanced obfuscation, anti-analysis techniques, and seamless cross-platform capabilities for Windows, Linux, and ESXi systems...
Crypto24 Ransomware Group Blends Legitimate Tools with Custom Malware for Stealth Attacks
Crypto24 is a ransomware group that stealthily blends legitimate tools with custom malware, using advanced evasion techniques to bypass security and EDR technologies...
Preventing Zero-Click AI Threats: Insights from EchoLeak
A zero-click exploit called EchoLeak reveals how AI assistants like Microsoft 365 Copilot can be manipulated to leak sensitive data without user interaction. This entry breaks down how the attack works, why it matters, and what defenses are available to proactively mitigate this emerging AI-nativ...
Threat Intelligence Sweeping now supports container security telemetry data
Threat Intelligence Sweeping starts to support sweep container security telemetry data. Users can now use the TI tool to identify possible malicious activity in their container-based environments. The trigger events are visible in workbench alert...
Fake CAPTCHA Attacks Deploy Infostealers and RATs in a Multistage Payload Chain
We have detected a new tactic involving fake CAPTCHA pages that trick users into executing harmful commands in Windows. This scheme uses disguised files sent via phishing and other malicious methods...
Earth Kasha Updates TTPs in Latest Campaign Targeting Taiwan and Japan
This blog discusses the latest modifications observed in Earth Kasha’s TTPs from their latest campaign detected in March 2025 targeting Taiwan and Japan...
FOG Ransomware Spread by Cybercriminals Claiming Ties to DOGE
This blog details our investigation of malware samples that conceal within them a FOG ransomware payload...
ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains
In ZDI-23-1527 and ZDI-23-1528 we uncover two possible scenarios where attackers could have compromised the Microsoft PC Manager supply chain...
SocGholish’s Intrusion Techniques Facilitate Distribution of RansomHub Ransomware
Trend Research analyzed SocGholish’s MaaS framework and its role in deploying RansomHub ransomware through compromised websites, using highly obfuscated JavaScript loaders to evade detection and execute various malicious tasks...
AI Configuration Best Practices to address AI Security Risks
AI usage is on the rise as many companies are adopting AI for productivity gains and creation of new business opportunities which provide value to their customers...
Inside Water Barghest’s Rapid Exploit-to-Market Strategy for IoT Devices
In this blog entry, we discuss Water Barghest's exploitation of IoT devices, transforming them into profitable assets through advanced automation and monetization techniques...
Understanding the Initial Stages of Web Shell and VPN Threats: An MXDR Analysis
While cyberattacks that employ web shells and VPN compromise are not particularly novel, they are still prevalent. The recent incidents that Trend Micro MXDR analyzed highlight the importance of behavioral analysis and anomaly detection in security measures...
Fake LockBit, Real Damage: Ransomware Samples Abuse Amazon S3 to Steal Data
This article uncovers a Golang ransomware abusing Amazon S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions...
AI Pulse: Sticker Shock, Rise of the Agents, Rogue AI
This issue of AI Pulse is all about agentic AI: what it is, how it works, and why security needs to be baked in from the start to prevent agentic AI systems from going rogue once they’re deployed...
Confidence in GenAI: The Zero Trust Approach
Enterprises have gone all-in on GenAI, but the more they depend on AI models, the more risks they face. Trend Vision One™ – Zero Trust Secure Access ZTSA – AI Service Access bridges the gap between access control and GenAI services to protect the user journey...
Rogue AI is the Future of Cyber Threats
This is the first blog in a series on Rogue AI. Later articles will include technical guidance, case studies and more...
How to Write a Generative AI Cybersecurity Policy
It’s clear that generative AI is a permanent addition to the enterprise IT toolbox. For CISOs, the pressure is on to roll out AI security policies and technologies that can mitigate very real and present risks...
AI Pulse: Siri Says Hi to OpenAI, Deepfake Olympics & more
AI Pulse is a new blog series from Trend Micro on the latest cybersecurity AI news. In this edition: Siri says hi to OpenAI, fraud hogs the AI cybercrime spotlight, and why the Paris Olympics could be a hotbed of deepfakery...
SANS's 2024 Threat-Hunting Survey Review
In its ninth year, the annual SANS Threat Hunting Survey delves into global organizational practices in threat hunting, shedding light on the challenges and adaptations in the landscape over the past year...
Global Cybersecurity Trends: AI, Geopolitical Risks, and Zero Trust
Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024...
Global Cybersecurity Trends: AI, Geopolitical Risks, and Zero Trust
Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024...
Web Security Expands into Secure Service Edge (SSE)
Trend has been securing web access for over a decade with forward-looking innovation and a global footprint to support our customer’s security strategy. We are committed to our customers’ journey of transforming their current security posture, aligning with Zero Trust principles, and embracing a...
Cloud Security Predictions at AWS re:Invent 2023
Heading to AWS re:Invent 2023? Don’t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response CDR and what’s trending in cloud security...
Cloud Security Predictions at AWS re:Invent 2023
Heading to AWS re:Invent 2023? Don’t miss out on our talk with Melinda Marks, ESG Practice Director for Cybersecurity, about cloud detection and response CDR and what’s trending in cloud security...
100 Quarters of Profitability: Insights from a Trender
Learn what 100 straight quarters of profitability means to a Trender who has been here for every one of them...
Securing Cloud Infrastructure Demands a New Mindset
Rising attacks on cloud infrastructure and services have created a ‘shared fate’ scenario for cloud providers and users, where a successful breach means everybody loses. Fresh thinking and closer collaboration can help avoid that outcome and better protect public cloud resources...
Security Patch Management Strengthens Ransomware Defense
With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...