2303 matches found
How to Secure DevOps in Microsoft Azure
Want to establish best practices within Microsoft Azure? Learn how to integrate a Secure DevOps Kit for Azure AzSK at the subscription level, as well as in your development process during coding, CI/CD pipeline, and future alerting and reporting...
Open Doors with Cloud Security Posture Management (CSPM)
Gain insights into the importance of being well-architected during the deployment process and how to quickly remediate risks by shifting best practice checks to the earliest phase of the CI/CD pipeline...
The Future is Misconfigured
As the world continues to grow more agile and flexible, it is crucial to know the state of the threat landscape. Trend Micro experts’ breakdown insights on current and emerging threats and technologies, with cloud misconfigurations front and center...
Cybersecurity in the C-Suite & Boardroom
As the pace of digital transformation increases, an industry declaration has emerged, “Cybersecurity is a boardroom issue.” To create a culture of cybersecurity, executives need to be more engaged and present with their strategies...
This Week in Security News: HR and Heritage Hacks
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the details of 92 million accounts for MyHertitage were discovered on a private server outside of the company. Also, companies using service...
What Is the Instructure Canvas Breach? Impact, Risks, and What Institutions Should Do
The Instructure Canvas breach affects universities, K–12 school districts, and teaching hospitals globally. This blog entry intends to provide context and practical guidance...
Supporting the National Cyber Strategy: How TrendAI™ Helps
A deeper look at the first three pillars and outlining how our capabilities directly support government agencies working to bring this strategy to life...
Kuse Web App Abused to Host Phishing Document
Bad actors took advantage of the legitimate name and services of Kuse, a popular AI-based app designed for workplaces. The attackers exploited the users’ trust in Kuse to carry out a phishing attack...
Identity Protection in the AI Era
Enterprises aiming to predict and mitigate human, machine, and AI‑agent risks at scale demand AI‑powered identity‑first security without compromise...
Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
Threat actors leveraged Anthropic’s Claude Code npm release packaging error to distribute Vidar, GhostSocks, and PureLog Stealer. This blog details immediate steps organizations can take and best practices to prevent further risk...
Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads
A supply chain attack hit Axios when attackers used stolen npm credentials to publish malicious versions containing a phantom dependency. This triggered a cross-platform RAT during installation and replaced its files with clean decoys, making detection challenging...
CISOs in a Pinch: A Security Analysis of OpenClaw
Learn how Claude Code Security set Cybersecurity stocks on fire...
U.S. Public Sector Under Siege
Discover why Government and Education must prioritize Cyber Risk Management...
Key Insights on SHADOW-AETHER-015 and Earth Preta from the 2025 MITRE ATT&CK Evaluation with TrendAI Vision One™
This blog discusses notable modern TTPs observed from SHADOW-AETHER-015 and Earth Preta, from TrendAI Research™ monitoring and TrendAI Vision One™ intelligence. These findings support the performance of TrendAI™ in the 2025 MITRE ATT&CK Evaluations...
Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response
Threat actors exploited Cloudflare's free-tier infrastructure and legitimate Python environments to deploy the AsyncRAT remote access trojan, demonstrating advanced evasion techniques that abuse trusted cloud services for malicious operations...
Trend Micro's Pivotal Role in INTERPOL's Operation Sentinel: Dismantling Digital Extortion Networks Across Africa
Continuing a Legacy of Successful Collaboration...
What Cyber Defenders Really Think About AI Risk
Learn how Trend Micro's 2025 Trend Micro Defenders Survey Report highlights current AI-related cybersecurity priorities and where security professionals use AI to their advantage...
Trend Vision One™ Stacks Up Against Scattered Spider and Mustang Panda in 2025 MITRE ATT&CK® Evaluations
Enterprise 2025 introduces the first full cloud adversary emulation and expanded multi-platform testing, focusing on two advanced threat areas: Scattered Spider’s cloud-centric attacks and Mustang Panda’s long-term espionage operations...
Unraveling Water Saci's New Multi-Format, AI-Enhanced Attacks Propagated via WhatsApp
Through AI-driven code conversion and a layered infection chain involving different file formats and scripting languages, the threat actors behind Water Saci are quickly upgrading their malware delivery and propagation methods across WhatsApp in Brazil...
Redefining Enterprise Defense in the Era of AI-Led Cyberattacks
More cybercriminals are turning to using autonomous AI tools to upgrade their attacks, as exemplified by the recent utilization of Anthropic’s Claude Code, prompting an urgent need for enterprises to adopt agentic AI-driven security platforms and proactive defenses to counter AI-related threats...
Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics
In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations while enhancing collection of victim-environment data...
How are you managing cloud risk?
Learn why managing cloud risk demands unified visibility, continuous risk assessment, and efficient security operations. Discover how a full-featured CNAPP like Trend Vision One™ Cloud Security enables organizations to move from reactive to proactive cloud protection...
AI Security: NVIDIA BlueField Now with Vision One™
Launching at NVIDIA GTC 2025 - Transforming AI Security with Trend Vision One™ on NVIDIA BlueField...
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns
Trend™ Research examines the complex collaborative relationship between China-aligned APT groups via the new “Premier Pass-as-a-Service” model, exemplified by the recent activities of Earth Estries and Earth Naga...
Shifts in the Underground: The Impact of Water Kurita’s (Lumma Stealer) Doxxing
A targeted underground doxxing campaign exposed alleged core members of Lumma Stealer Water Kurita, resulting in a sharp decline in its activity and a migration of customers to rival infostealer platforms...
Trend Micro launches new integration with Zscaler to deliver real-time, Risk-Based Zero Trust Access
Discover how Trend Vision One™ integrates with Zscaler to unify detection and access enforcement, accelerate threat containment, reduce dwell time, and deliver seamless Zero Trust protection for modern enterprises...
Weaponized AI Assistants & Credential Thieves
Learn the state of AI and the NPM ecosystem with the recent s1ngularity' weaponized AI for credential theft...
This Is How Your LLM Gets Compromised
Poisoned data. Malicious LoRAs. Trojan model files. AI attacks are stealthier than ever—often invisible until it’s too late. Here’s how to catch them before they catch you...
EvilAI Operators Use AI-Generated Code and Fake Apps for Far-Reaching Attacks
Combining AI-generated code and social engineering, EvilAI operators are executing a rapidly expanding campaign, disguising their malware as legitimate applications to bypass security, steal credentials, and persistently compromise organizations worldwide...
Gunra Ransomware Group Unveils Efficient Linux Variant
This blog discusses how Gunra ransomware’s new Linux variant accelerates and customizes encryption, expanding the group’s reach with advanced cross-platform tactics...
CISA's NIMBUS 2000 Initiative: Understanding Key Findings and Strengthening Cloud Identity Security
This blog explores key findings from CISA’s NIMBUS 2000 Cloud Identity Security Technical Exchange and how Trend Vision One™ Cloud Security aligns with these priorities. It highlights critical challenges in token validation, secrets management, and logging visibility—offering insights into how...
Why Trend Micro Continues to be Named a CNAPP Leader
Trend Micro is recognized for our Cloud CNAPP capabilities and product strategy—affirming our vision to deliver a cloud security solution that predicts, protects, and responds to threats across hybrid and multi-cloud environments...
Why a Classic MCP Server Vulnerability Can Undermine Your Entire AI Agent
A single SQL injection bug in Anthropic’s SQLite MCP server—forked over 5,000 times—can seed stored prompts, exfiltrate data, and hand attackers the keys to entire agent workflows. This entry unpacks the attack chain and lays out concrete fixes to shut it down...
Trend Joins NVIDIA to Secure AI Infrastructure with NVIDIA
Together, we are focused on securing the full AI lifecycle—from development and training to deployment and inference—across cloud, data center, and AI factories...
Using Agentic AI & Digital Twin for Cyber Resilience
Learn how Trend is combining agentic AI and digital twin to transform the way organizations protect themselves from cyber threats...
Trend Cybertron: Full Platform or Open-Source?
Previously exclusive to Trend Vision One customers, select Trend Cybertron models, datasets and agents are now available via open-source. Build advanced security solutions and join us in developing the next generation of AI security technology...
Trend Micro & IBM Team Up To Boost Mainframe Security
Trend Micro Deep Security adds security for mainframe enterprise integration...
Updated Shadowpad Malware Leads to Ransomware Deployment
In this blog, we discuss about how Shadowpad is being used to deploy a new undetected ransomware family. They deploy the malware exploiting weak passwords and bypassing multi-factor authentication...
Future of Cybersecurity: Will XDR Absorb SIEM & SOAR?
XDR is reshaping cybersecurity by unifying and enhancing SIEM and SOAR capabilities into a single platform. It addresses alert fatigue, improves incident correlation, simplifies operations, and enhances efficiency for SOC teams...
ASRM: A New Pillar for Cyber Insurance Underwriting
ASRM transforms cyber insurance underwriting by integrating real-time risk assessments, advanced tools NDR, EDR, Cloud Security, MDR, and proactive mitigation strategies to improve accuracy, reduce claims, and build trust...
Investigating A Web Shell Intrusion With Trend Micro Managed XDR
This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data...
AI Pulse: Top AI Trends from 2024 - A Look Back
In this edition of AI Pulse, let's look back at top AI trends from 2024 in the rear view so we can more clearly predicts AI trends for 2025 and beyond...
MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur’s Multi-Platform Attacks
Trend Micro’s monitoring of the MOONSHINE exploit kit revealed how it’s used by the threat actor Earth Minotaur to exploit Android messaging app vulnerabilities and install the DarkNimbus backdoor for surveillance...
Gafgyt Malware Broadens Its Scope in Recent Attacks
Our researchers identified threat actors exploiting misconfigured Docker servers to spread the Gafgyt malware. This threat traditionally targets IoT devices; this new tactic signals a change in its behavior...
Gafgyt Malware Targeting Docker Remote API Servers
Our researchers identified threat actors exploiting misconfigured Docker servers to spread the Gafgyt malware. This threat traditionally targets IoT devices; this new tactic signals a change in its behavior...
AI Pulse: Election Deepfakes, Disasters, Scams & more
In the final weeks before November’s U.S. election, cybersecurity experts were calling October 2024 the “month of mischief”—a magnet for bad actors looking to disrupt the democratic process through AI-generated misinformation. This issue of AI Pulse looks at what can be done about deepfakes and...
Identifying Rogue AI
This is the third blog in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights...
Securing the Power of AI, Wherever You Need It
Explore how generative AI is transforming cybersecurity and enterprise resilience...
Why NDR is Key to Cyber 'Pest Control'
Intruders are drawn to enterprise IT environments the way mice are attracted to houses. And once either kind of invader is inside, they can be hard to get out. Network detection and response NDR lets you trace intruders’ pathways to find out where they’re coming in—and seal the gaps...
Noodle RAT: Reviewing the Backdoor Used by Chinese-Speaking Groups
This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime...