2303 matches found
How to Build a Reliable Well-Architected Framework
In this article, we will explore the Reliability pillar of the AWS Well-Architected Framework, examining best practices for cloud-based operations, including change management and disaster recovery...
Build a Secure Well-Architected Cloud Environment
Explore the Security pillar of the AWS and Azure Well-Architected Framework and be guided through the fundamental security controls that should be addressed when designing, transitioning to, and operating in a cloud environment...
30-day trial of Trend Micro Cloud One
Experience cloud security simplified with a 30-day trial of Trend Micro Cloud One™, a security services platform for organizations building in the cloud...
A Guide to the Well-Architected Framework
This article explores the five pillars of the Amazon Web Services AWS and Azure Well-Architected Framework, examining best practices and design principles to leverage the cloud in a more efficient, secure, and cost-effective manner...
Integrate Security into Your GCP with Google Cloud SDK
Dive into this how to guide on integrating Trend Micro Cloud One™ – Workload Security with Google Cloud Platform™...
Cloud Security Gaps and Misconfigurations May be Lurking
While moving to remote work, your organization was probably focused on simply getting up and running—willing to accept a degree of risk. Now that you are adjusted to remote work, you could be faced with unexpected security gaps as a result...
Automate Virtual Machine Creation in Azure DevOps
See how you can enable more automation in your Microsoft® Azure® virtual machine infrastructure builds, deployments, and security implementation...
Secure and Integrate Your Azure DevOps CI/CD Pipeline
Explore experiments from Chuck Losh, Solution Architect, to explore how Application Security can help protect your applications at runtime as they are built, and integrate with your automated Azure DevOps CI/CD pipeline with automated testing...
Trend Micro™ Deep Security™ 20 is Here
Chuck Losh, Solutions Architect, takes us through the deployment of Trend Micro™ Deep Security™ 20 software in Microsoft® Azure® and runs through how to connect the database element to the Azure SQL Database...
How to Improve Azure Security with CIS Benchmarks
View Trend Micro Cloud One™ – Conformity in action! Read along as Chuck walks you through how to run a CIS report to see how to improve and remediate misconfigurations via a Conformity Bot...
Application Security 101
Security issues often arise as a result of applications being rushed for deployment without adequate checks and protections. What are the top security risks to applications and what can organizations do to secure their DevOps pipeline?...
Are You Promoting Security Fluency in your Organization?
Migrating to the cloud is hard. The PowerPoint deck and pretty architectures are drawn up quickly but the work required to make the move will take months and possibly years. The early stages require significant effort by teams to learn new technologies the cloud services themselves and new ways o...
Build in the Cloud with Confidence
The AWS Well-Architected Framework provides a consistent approach to building cloud architectures. Learn how to leverage consistent best practices and guidance for your architecture so you can focus on building great solutions in the cloud...
Reduce the Attack Surface of Your Container Images
Follow along as Chuck Losh, Solutions Architect, walks through a new way of thinking in how to construct distroless images from Google, using an example of a multi-stage Dockerfile method...
CISOs Are Demanding Detection and Response Everywhere
As digital transformation increases the corporate attack surface, IT leaders require enhanced visibility, detection, and response—not just at the endpoint, but across all key IT layers...
How to Migrate Data Centers with Azure Migrate
Previously, migrating your servers to the cloud was a huge undertaking, but with Azure Migrate, you get services to discover, assess, and migrate your server. See how you can utilize these tools to make your cloud journey a little less daunting...
#LetsTalkCloud: Transformations In The Cloud
Let's Talk Cloud: Season 02 // Episode 02: Host, Mark Nunnikhoven, interviews AWS Serverless Hero and Cloud Bard at A Cloud Guru, Forrest Brazeal. Together they discuss cloud fluency, digital transformation, and why cartoons are great for communication...
How To Get The Most Out Of Industry Analyst Reports
Whether you're trying to inform purchasing decisions or just want to better understand the cybersecurity market and its players, industry analyst reports can be very helpful. Following our recent accolades by Forrester and IDC in their respective cloud security reports, we want to help customers...
This Week in Security News: Medical Malware and Monitor Hacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how baby monitors may be susceptible to hacking. Also, learn about a medical flaw that enables hackers to hide malware. Read on: Is Yo...
The Latest on WannaCry, UIWIX, EternalRocks and ShadowBrokers
Ransomware has gained global attention over the course of the last two weeks due to the huge spread of WannaCry. Following the initial attacks, we’ve seen UIWIX, Adylkuzz and now EternalRocks come onto the scene leveraging the same core set of vulnerabilities. The common thread between the three...
Old WinRAR Flaw Fuels Attacks on Ukraine: How Unmanaged Software Keeps the Door Open
Two separate Russia-aligned campaigns are still exploiting the WinRAR flaw CVE-2025-8088 against Ukrainian organizations nearly a year after it was patched, showing how unmanaged software keeps an exploited entry point open long after the fix ships...
Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware
Void Dokkaebi, a North Korea-aligned intrusion set, has updated its information-stealing malware, InvisibleFerret, shifting its delivery format to evade script-based detections...
U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026
The first quarter of 2026 has reinforced a hard truth: U.S. government agencies and educational institutions are operating in the most hostile cyber threat environment ever recorded...
TrendAI Insight: New U.S. National Cyber Strategy
TrendAI reviews the White House National Cyber Strategy, outlining six pillars to strengthen U.S. cybersecurity—from deterrence and regulation to federal modernization, critical infrastructure protection, AI leadership, and workforce development...
Europol, Microsoft, TrendAI™ and Collaborators Halt Tycoon 2FA Operations
Tycoon 2FA was dismantled this week by law enforcement and industry partners including TrendAI™. The phishing-as-a-service platform offered MFA bypass services using adversary-in-the-middle AitM proxying...
Malicious OpenClaw Skills Used to Distribute Atomic MacOS Stealer
Malicious OpenClaw skills trick AI agents and users into installing a new AMOS variant that steals extensive data at scale...
Pwn2Own: Researchers Earn $1 Million for 76 Zero-Days
Discover how TrendAI Zero Day Initiative ZDI identified critical vulnerabilities across connected vehicles, EV chargers, and automotive systems...
From Extension to Infection: An In-Depth Analysis of the Evelyn Stealer Campaign Targeting Software Developers
This blog entry provides an in-depth analysis of the multistage delivery of the Evelyn information stealer, which was used in a campaign targeting software developers...
Trend Micro Recognized as a Leader in The Forrester Wave™ 2025 for NAV
Unified visibility, proactive intelligence, and proven leadership in network analysis and visibility...
Fast, Broad, and Elusive: How Vidar Stealer 2.0 Upgrades Infostealer Capabilities
Trend Research examines the latest version of the Vidar stealer, which features a full rewrite in C, a multithreaded architecture, and several enhancements that warrant attention. Its timely evolution suggests that Vidar is positioning itself to occupy the space left after Lumma Stealer’s decline...
New Ransomware Charon Uses Earth Baxia APT Techniques To Target Enterprises
We uncovered Charon, a new ransomware strainfamily that uses advanced APT-style techniques, including DLL sideloading, process injection, and anti-EDR capabilities, to target organizations with customized ransom demands...
Proactive Security Insights for SharePoint Attacks (CVE-2025-53770 and CVE-2025-53771)
CVE-2025-53770 and CVE-2025-53771 are vulnerabilities in on-premise Microsoft SharePoint Servers that evolved from previously patched flaws, allowing unauthenticated remote code execution through advanced deserialization and ViewState abuse...
Critical Langflow Vulnerability (CVE-2025-3248) Actively Exploited to Deliver Flodrix Botnet
This blog uncovers an active campaign exploiting CVE-2025-3248 in Langflow versions before 1.3.0 that deploys the Flodrix botnet, enabling threat actors to achieve full system compromise, initiate DDoS attacks, and potentially exfiltrate sensitive data...
Driving Success on the Track or in the Boardroom
Discover how the Trend Micro and the NEOM McLaren Formula E Team partnership is powered by a common vision for winning, on the track and in the boardroom...
Trend Secures AI Infrastructure with NVIDIA
Together, we are focused on securing the full AI lifecycle—from development and training to deployment and inference—across cloud, data center, and AI factories...
CrazyHunter Campaign Targets Taiwanese Critical Sectors
This blog entry details research on emerging ransomware group CrazyHunter, which has launched a sophisticated campaign aimed at Taiwan's essential services...
Incomplete NVIDIA Patch to CVE-2024-0132 Exposes AI Infrastructure and Data to Critical Risks
A previously disclosed vulnerability in NVIDIA Container Toolkit has an incomplete patch, which, if exploited, could put a wide range of AI infrastructure and sensitive data at risk...
Capacity is Critical in Riskier Threat Landscape
International cooperation, reporting, and capacity building are critical to enhance cybersecurity defenses. Effective governance in an increasingly risky landscape requires visibility as well as coordinated vulnerability disclosure...
NDR: Not Just a "Nice to Have" Anymore
Network Detection and Response NDR is no longer a 'nice-to-have'—it’s essential. NDR complements EDR, accelerates incident response, and enhances visibility, making it a critical tool for modern cybersecurity strategies and service providers...
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella
LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with significant updates to their strategy, tactics, and arsenals...
Trend Micro and Japanese Partners Reveal Hidden Connections Among SEO Malware Operations
Trend Micro researchers, in collaboration with Japanese authorities, analyzed links between SEO malware families used in SEO poisoning attacks that lead users to fake shopping sites...
Fake LockBit, Real Damage: Ransomware Samples Abuse Amazon S3 to Steal Data
This article uncovers a Golang ransomware abusing Amazon S3 for data theft, and masking as LockBit to further pressure victims. The discovery of hard-coded AWS credentials in these samples led to AWS account suspensions...
Inaugural World Tour 2024 Survey Findings
Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what CISOs had to say...
Complete Guide to Protecting Seven Attack Vectors
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews seven key initial attack vectors and provides proactive security tips to help you reduce cyber risk across the attack surface...
AI Pulse: Brazil Gets Bold with Meta, Interpol’s Red Flag & more
The second edition of AI Pulse is all about AI regulation: what’s coming, why it matters, and what might happen without it. We look at Brazil’s hard não to Meta, how communities are pushing back against AI training data use, Interpol’s warnings about AI deepfakes, and more...
AI-Powered Deepfake Tools Becoming More Accessible Than Ever
Trend Micro research uncovers new cybercrime tools posing increased threats to security, highlighting the rapid evolution of AI-powered hacking services and their potential for mass exploitation...
Teaming up with IBM to secure critical SAP workloads
Trend Micro partners with IBM to offer advanced threat detection and response for protecting critical infrastructures running on IBM Power servers...
An In-Depth Look at Crypto-Crime in 2023 Part 2
In 2023, the cryptocurrency industry faced a significant increase in illicit activities, including money laundering, fraud, and ransomware attacks. Ransomware attacks were especially prevalent and profitable for attackers. However, other forms of criminal activity also saw a rise...
The Top 10 AI Security Risks Every Business Should Know
With every week bringing news of another AI advance, it’s becoming increasingly important for organizations to understand the risks before adopting AI tools. This look at 10 key areas of concern identified by the Open Worldwide Application Security Project OWASP flags risks enterprises should kee...
Worldwide 2023 Email Phishing Statistics and Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2023...