2303 matches found
Trend Micro Contributes and Maps Container Security to MITRE ATT&CK: A Game-Changer for Cyber Defense
Trend Micro leads the way by mapping its Container Security detection capabilities to the MITRE ATT&CK framework for Containers and contributing real-world attack data...
AI Pulse: The Good from AI and the Promise of Agentic
The perils of AI get a lot of airtime, but what are the upsides? This issue of AI Pulse looks at some of the good AI can bring, from strengthening cybersecurity to driving health breakthroughs—and how the coming wave of agentic AI is going to take those possibilities to a whole new level...
Embracing a Risk-Based Cybersecurity Approach With ASRM
Explore how a risk-based cybersecurity approach is critical to proactively stopping dynamic, ever-evolving threats...
SOC Around the Clock: World Tour Survey Findings
Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what SOC teams had to say...
Water Makara Uses Obfuscated JavaScript in Spear Phishing Campaign, Targets Brazil With Astaroth Malware
Trend Micro researchers have uncovered a surge of malicious activities involving a threat actor group that we track as Water Makara. This group is targeting enterprises in Brazil, deploying banking malware using obfuscated JavaScript to slip past security defenses...
Rogue AI: What the Security Community is Missing
This is the fourth blog post in an ongoing series on Rogue AI. Keep following for more technical guidance, case studies, and insights...
AI Pulse: What's new in AI regulations?
Fall is in the air and frameworks for mitigating AI risk are dropping like leaves onto policymakers’ desks. From California’s SB 1047 bill and NIST’s model-testing deal with OpenAI and Anthropic to REAIM’s blueprint for military AI governance, AI regulation is proving to be a hot and complicated...
Delivering Proactive Protection Against Critical Threats to NVIDIA-powered AI Systems
On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk...
First to Detect AI Threats, Including NVIDIA-powered Systems
On Wednesday, NVIDA released updates to fix a critical vulnerability in its NVIDIA Container Toolkit, which, if exploited, could put a wide range of AI infrastructure and underlying data/secrets at risk...
Cybersecurity Compass: An Integrated Cyber Defense Strategy
Explore how the Cybersecurity Compass can guide various security professionals' and stakeholders' decision-making before, during, and after a breach...
Tech Consolidation – How and When?
Streamlining IT for business optimal business performance...
Healthcare cybersecurity updated in HIMSS23
This update reports on the current state of cybersecurity in the healthcare industry from the CISA’s keynote in Cybersecurity forum of HIMSS23...
Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
A packaging error in Anthropic’s Claude Code npm release briefly exposed internal source code. This entry examines how threat actors rapidly weaponized the resulting attention, pivoting an existing AI-themed campaign to spread Vidar and GhostSocks...
TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats
TrendAI™ Research explored agentic AI cybercrime and EV infrastructure security through two research sessions at RSAC 2026...
Pawn Storm Campaign Deploys PRISMEX, Targets Government and Critical Infrastructure Entities
This blog discusses the steganography, cloud abuse, and email-based backdoors used against the Ukrainian defense supply chain in the latest Pawn Storm campaign that TrendAI™ Research observed and analyzed...
Your AI Gateway Was a Backdoor: Inside the LiteLLM Supply Chain Compromise
TeamPCP orchestrated one of the most sophisticated multi-ecosystem supply chain campaigns publicly documented to date that cascaded through developer tooling and compromised LiteLLM, exposing how AI proxy services that concentrate API keys and cloud credentials become high-value collateral when...
Why East-West Visibility Matters for Grid Security
Learn how east-west traffic visibility helps detect and stop lateral movement attacks inside electric grid infrastructure and critical OT networks...
Your 100 Billion Parameter Behemoth is a Liability
The "bigger is better" era of AI is hitting a wall. We are in an LLM bubble, characterized by ruinous inference costs and diminishing returns. The future belongs to Agentic AI powered by specialized Small Language Models SLMs. Think of it as a shift from hiring a single expensive genius to runnin...
Trend Vision One™ Integration with AWS Security Hub CSPM: Unifying Cloud Security
The integration between Trend Vision One and Security Hub CSPM is exactly that, two powerful platforms enhancing each other to keep your AWS infrastructure protected...
ValleyRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a ValleyRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...
Trend & AWS Partner on Cloud IPS: One-Click Protection
In the race to secure cloud infrastructure, intrusion prevention systems IPS remain one of the most critical yet complex at the cloud network layer of defense. For many organizations, deploying IPS in the cloud is a balancing act between agility and control...
Active Water Saci Campaign Spreading Via WhatsApp Features Multi-Vector Persistence and Sophisticated C&C
Continuous investigation on the Water Saci campaign reveals innovative email-based C&C system, multi-vector persistence, and real-time command capabilities that allow attackers to orchestrate coordinated botnet operations, gather detailed campaign intelligence, and dynamically control malware...
How Trend Micro Empowers the SOC with Agentic SIEM
By delivering both XDR leadership and Agentic SIEM innovation under one platform, Trend is redefining what security operations can be...
How Your AI Chatbot Can Become a Backdoor
In this post of THE AI BREACH, learn how your Chatbot can become a backdoor...
CNAPP is the Solution to Multi-cloud Flexibility
Cloud-native application protection platform CNAPP not only helps organizations protect, but offers the flexibility of multi-cloud...
Domino Effect: How One Vendor's AI App Breach Toppled Giants
A single AI chatbot breach at Salesloft-Drift exposed data from 700+ companies, including security leaders. The attack shows how AI integrations expand risk, and why controls like IP allow-listing, token security, and monitoring are critical...
How AI-Native Development Platforms Enable Fake Captcha Pages
Cybercriminals are abusing AI-native platforms like Vercel, Netlify, and Lovable to host fake captcha pages that deceive users, bypass detection, and drive phishing campaigns...
An MDR Analysis of the AMOS Stealer Campaign Targeting macOS via ‘Cracked’ Apps
Trend™ Research analyzed a campaign distributing Atomic macOS Stealer AMOS, a malware family targeting macOS users. Attackers disguise the malware as “cracked” versions of legitimate apps, luring users into installation...
Trend Vision One™ Email Security Raises the Standard
Learn all the new aspects of Trend Vision One™ Email Security and how it's raising the standard of effectiveness for the industry...
TAOTH Campaign Exploits End-of-Support Software to Target Traditional Chinese Users and Dissidents
The TAOTH campaign exploited abandoned software and spear-phishing to deploy multiple malware families, targeting dissidents and other high-value individuals across Eastern Asia...
Unlocking the Power of Amazon Security Lake for Proactive Security
Security is a central challenge in modern application development and maintenance, requiring not just traditional practices but also a deep understanding of application architecture and data flow. While organizations now have access to rich data like logs and telemetry, the real challenge lies in...
Securing Tomorrow: An Interview with Trend Micro VP of Product Management Michael Habibi
Proactive security in a rapidly evolving threat landscape...
How to Build an Effective Security Awareness Program
This is a step-by-step guide to build a strong security awareness and training program that empowers your employees and protects your business...
Ensuring Secure Container Deployments with Image Signature Verification
Ensure your container deployments are secure with a verified image signature...
Keeping Pace and Embracing Emerging Technologies
Trend Micro and the NEOM McLaren Formula E Team stay ahead of the curve by embracing new technologies, fostering a no-blame culture, and making split-second decisions in high-stakes environments...
Strengthen Security with Cyber Risk Advisory
In today’s fast-paced digital world, cyber threats are constantly evolving. Attackers are leveraging advanced techniques and artificial intelligence AI to exploit vulnerabilities, leaving organizations vulnerable to breaches and disruptions. To combat these challenges, organizations must stay...
Trend Vision One™ Now Supports Azure vTAP
Effective April 2025, Microsoft is launching their Azure vTAP and integrating it with Trend Vision One Network Detection and Response solution. This integration allows organizations to gain deep visibility into cloud network traffic without compromising performance. It ensures real-time detection...
Trend Micro and CISA Secure-By-Design Pledge
Trend’s support reaffirms dedication to safeguarding products and customers...
World Tour Survey: Cloud Engineers Wrestle with Risk
Trend surveyed 750 cybersecurity professionals in 49 countries to learn more about the state of cybersecurity, from job pressures to the need for more advanced tools. Explore what cloud security engineers teams had to say...
2024 Perspective: The Ultimate re:Invent Recap
Ashley & Danielle's Ultimate Recap...
FedRAMP ATO Boosts Zero Trust for Federal Agencies
Trend Vision One™ for Government has obtained a FedRAMP Authorization to Operate ATO. This milestone enables Federal government customers to leverage Trend’s platform to rapidly stop adversaries and control their cybersecurity risk posture...
5 AI Security Takeaways featuring Forrester
Highlights from the recent discussion between Trend Micro’s David Roth, CRO Enterprise America, and guest speaker Jeff Pollard, VP, Principal Analyst, Forrester about AI hype versus reality and how to secure AI in the workplace...
Network detection & response: the SOC stress reliever
Cybersecurity teams are well-equipped to handle threats to technology assets that they manage. But with unmanaged devices providing ideal spots for attackers to lurk unseen, network detection and response capabilities have become vitally important...
Securing Cloud Infrastructure Demands a New Mindset
Rising attacks on cloud infrastructure and services have created a ‘shared fate’ scenario for cloud providers and users, where a successful breach means everybody loses. Fresh thinking and closer collaboration can help avoid that outcome and better protect public cloud resources...
TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM
Moving beyond their LiteLLM campaign, TeamPCP weaponizes the Telnyx Python SDK with stealthy WAV‑based payloads to steal credentials across Linux, macOS, and Windows...
PureRAT Campaign Targets Job Seekers, Abuses Foxit PDF Reader for DLL Side-loading
Job seekers looking out for opportunities might instead find their personal devices compromised, as a PureRAT campaign propagated through email leverages Foxit PDF Reader for concealment and DLL side-loading for initial entry...
Maritime Cybersecurity: Threats & Regulations Loom
This review summarizes the key insights shared during the webinar held on April 9th, which featured maritime cybersecurity experts discussing the growing challenges facing ports, logistics operations, and global supply chains...
From Event to Insight: Unpacking a B2B Business Email Compromise (BEC) Scenario
Trend Micro™ Managed XDR assisted in an investigation of a B2B BEC attack that unveiled an entangled mesh weaved by the threat actor with the help of a compromised server, ensnaring three business partners in a scheme that spanned for days. This article features investigation insights, a proposed...
Lumma Stealer’s GitHub-Based Delivery Explored via Managed Detection and Response
The Managed XDR team investigated a sophisticated campaign distributing Lumma Stealer through GitHub, where attackers leveraged the platform's release infrastructure to deliver malware such as SectopRAT, Vidar, and Cobeacon...
Investigating A Web Shell Intrusion With Trend Micro™ Managed XDR
This blog discusses a web shell intrusion incident where attackers abused the IIS worker to exfiltrate stolen data...