2303 matches found
Complete Guide to Protecting 7 Attack Vectors
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial attack vendors and provides proactive security tips to help you reduce cyber risk across the attack surface...
Cybersecurity Posture & Insurance Outlook with Advisen
Trend Micro’s Eric Skinner, and Advisen, an insurance data and analytics company, discuss the current threat landscape, cyber risk management, and how vendors and cyber insurers can champion enhanced cybersecurity posture...
Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware...
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware...
Common Cloud-Native Security Misconfigurations & Fixes
Cloud configuration errors are a major concern for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them...
Stronger Cloud Security in Azure Function Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Function...
The Risk of Ransomware Supply Chain Attacks
Over the years, ransomware has become a major threat and it can put supply chains in deep trouble...
Better Together: AWS and Trend Micro
This post relays the latest threat detection tool innovation of AWS - Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable layer of defense in our fight against a shared adversary...
Worldwide 2021 Email Phishing Statistics & Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace security based on email threats detected in 2021...
Data Distribution Service: Exploring Vulnerabilities and Risks Part 2
In part two of our series, we’ll highlight both known and new DDS vulnerabilities and what they mean for mission critical operations...
DevOps vs SRE: Differences & Similarities
While DevOps and site reliability engineering teams often work together and have shared goals, there are important distinctions between the two. This article explores the differences between their functions and responsibilities...
Why It’s Time to Map the Digital Attack Surface
Trend Micro research reveals struggle to control cyber risks against mounting digital attack surfaces...
Examples of Cyber Warfare #TrendTalksBizSec
Cyber Warfare has been a topic of discussion for years but has reached a new level of prominence in this age of hyper-connected critical infrastructure. Our Trend Micro experts touch on this evolution, disinformation campaigns, and cyber mercenaries...
Security 101: Cloud-native Virtual Patching
Learn about the challenges faced when implementing a vulnerability and patch management policy and how does cloud-native virtual patching can help...
State of OT Security in 2022: Big Survey Key Insights
Learn about the state of OT Security in 2022 by reading the key insights found through surveying more than 900 ICS business and security leaders in the US, Germany and Japan...
New Linux-Based Ransomware 'Cheerscrypt' Targets EXSi Devices
Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises EXSi servers. We discuss our initial findings on in this report...
Cyber risk management: Attribution strategies
Discover the importance of cyber attribution, the benefits, and the right tools to assist your efforts so you can better manage cyber risk across your digital attack surface...
AvosLocker Ransomware Variant Abuses Driver File to Disable Antivirus, Scans for Log4shell
We found an AvosLocker ransomware variant using a legitimate antivirus component to disable detection and blocking solutions...
How XDR Security Aids in Cyber Risk Management
Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to better understanding, communicating, and mitigating cyber risk across your enterprise...
Cybersecurity Predictions for 2022
Explore Trend Micro Research’s security insights and predictions for 2022 to enable more informed and proactive decision-making...
Why the Mitre Engenuity ATT&CK Evaluations Matter
This year’s MITRE Engenuity™ ATT&CK Evaluation simulates techniques associated with notorious threat groups Wizard Spider and Sandworm to test solutions' ability to detect and stop APT and Targeted Attacks...
This Week in Security News - April 1, 2022
Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’...
How CISOs can Mitigate Cryptomining Malware
Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat...
An Investigation of Cryptocurrency Scams and Schemes
We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets worldwide...
This Week in Security News - February 25, 2022
Recent cyberattacks increasingly target open-source web servers, and US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions...
Global Cyberattacks Tied to the Russian Invasion of Ukraine
Cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices to manage your cyber risk...
Security Automation with Vision One & Palo Alto
Trend Micro Vision One™ integrates with Palo Alto Networks Cortex™ XSOAR to drive automated response to incidents uncovered by Vision One...
This Week in Security News - February 11, 2022
Hidden scams in malicious scans, and feds arrest couple who allegedly laundered $1 Billion in stolen bitcoins...
Defending Users’ NAS Devices From Evolving Threats
In our latest research, we analyze the threats targeting well-known brands of network-attached storage NAS devices...
Workshop: Building Modern Applications with DevOps Security
In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility...
The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs
In our study, we relied on the tactics, techniques, and procedures of MITRE ATT&CK to define the malware capabilities and characteristics of IoT Linux malware. We describe our findings and how IoT malware has been evolving...
Analyzing How TeamTNT Used Compromised Docker Hub Accounts
Following our previous disclosure of compromised Docker hub accounts delivering cryptocurrency miners, we analyze these accounts and discover more malicious actions that you need to be aware of...
Private 5G Security Risks in Manufacturing Part 4
We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry...
This Week in Security News - November 12, 2021
This week, learn about the prolific cybermercenaries, Void Balaur, and their recent attacks. Also, read on the 80-country agreement to mobilize safeguards against cyberattacks...
Deploy Layered Security with Azure GWLB & Trend Micro
Looking to deploy broad network layer protection that integrates with your Azure services? You’re in the right place. Learn more about our latest launch partnership with Azure Gateway Load Balancer...
Cracking the code in the boardroom
Former FBI Special Agent, Scott Augenbaum talks about how CISOs can successfully communicate with the board to implement more preventative protection...
Security Risks with Private 5G Networks in Manufacturing Part. 3
We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...
Workshop: Visibility Into Open Source Code
Learn how to leverage Trend Micro Cloud One - Open Source Security by Snyk with your code repositories and CI/CD pipelines to scan projects. Resulting in better visibility, tracking, and early awareness into open source issues...
This Week in Security News – October 21, 2021
In this week in security news, learn about a new backdoor from PurpleFox that utilizes WebSockets for more secure communication the link between the Sinclair ransomware attack and the cybercrime group Evil Corp...
Forced Entry: A Security Test for Automatic Garage Doors
In this blog entry we revisit threats to automatic garage doors by using SDR to test two attack scenarios. We demonstrate a rolling code attack and one that involves a hidden remote feature...
Secure Public Web Apps Running on Azure
Discover how to meet your end of the shared responsibility model with simplified security integrations for Azure...
This Week in Security News – October 15, 2021
Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...
Actors Target Huawei Cloud Using Upgraded Linux Malware
In this article, we discuss a new Linux malware trend in which malicious actors deploy code that removes applications and services present mainly in Huawei Cloud...
This Week in Security News – October 1, 2021
Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about Zloader, a notable recent ZBOT variant. Also, read on a recently introduced bill that would mandate ransom payment reporting...
Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads
In this blog entry we look into a fileless campaign that used a new HCrypt variant to distribute numerous remote access trojans RATs in victim systems. This new variant also uses an updated obfuscation mechanism which we detail...
1H’2021 Security Review Shows Active Cloud Attacks
Trend Micro’s midyear report highlights the growing importance of cloud security as attacks increase in frequency and complexity...
This Week in Security News - September 10, 2021
Biden announces cybersecurity initiative partnership, US Government seeks public feedback on draft federal zero trust strategy and more...
Manage Open Source Software Library Risks
Learn about the growing open source library trend, the pros and cons of using open source code, and how to mitigate associated risks...
The Evolution of Connected Cars as Defined by Threat Modeling UN R155-Listed Attack Vectors
The United Nations Regulation No. 155 sets requirements for cybersecurity in vehicles. We conducted a threat modelling exercise on its defined attack vectors as a form of risk assessment in order to help organizations comply with this regulation and identify what to prioritize...
Detect Container Drift in Your Kubernetes Deployments
Discover how to maintain compliance and secure your Kubernetes containers with automated security policies and scanning...