2303 matches found
This Week in Security News: More Than 8,000 Unsecured Redis Instances Found in the Cloud and Wiper Malware Called “Coronavirus” Spreads Among Windows Victims
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about 8,000 Redis instances running unsecured in different parts of the world, even deployed in public clouds. Also, read about a new...
There is a Skills Shortage, But it isn’t Your Real Problem
During my undergraduate days, I recall hearing that the Bell System was slow to deploy automated dialing. While smaller local phone companies allowed callers to dial a number directly from their phone, the Bell system continues to rely on switchboard operators into the 1930s. In fact, early phone...
A New Playground for Cybercrime: Why Supply Chain Security Must Cover Software Development
Most organisations see supply chains as providers of physical goods and services. The supply chain management function in these companies usually provides the governance framework to reduce third-party risks and prevent hackers from stealing data, disrupting daily operations and affecting busines...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of August 28, 2017
The only topic I can bring up this week is the devastation in Texas caused by Hurricane Harvey. Many cities have been completely destroyed and to add insult to injury, Harvey moved back to the Gulf of Mexico and made landfall again in Louisiana. Catastrophic flooding has left tens of thousands...
Security for a Rapidly Changing World: Why XGen™ is Our Formula for Success
Right now, we’re living through a period of almost unprecedented technological change. It can be easy sometimes to get caught up in the excitement of this change and miss the bigger picture; the wider themes that tie our past to our future. That’s why at Trend Micro we’re proud to have been able ...
The Jetson’s Cyber Concerns – Future Smart Cities Cybersecurity Checklist
As cities continue to grow smarter, they will also become easier to hack. With millions if not billions of dollars going into research for urban domains and the Internet of Things IoT, there will be more opportunities to utilize technology to define, access and improve smart city services and...
Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence
Trend Micro discovered that old Atlassian Confluence versions that were affected by CVE-2023-22527 are being exploited using a new in-memory fileless backdoor...
Cryptojacking via CVE-2023-22527: Dissecting a Full-Scale Cryptomining Ecosystem
A technical analysis on how CVE-2023-22527 can be exploited by malicious actors for cryptojacking attacks that can spread across the victim’s system...
TeamCity Vulnerability Exploits Lead to Jasmin Ransomware, Other Malware Types
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems...
CVE-2024-21412: Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day
The APT group Water Hydra has been exploiting the Microsoft Defender SmartScreen vulnerability CVE-2024-21412 in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative...
Getting ATT&CKed By A Cozy Bear And Being Really Happy About It: What MITRE Evaluations Are, and How To Read Them
Full disclosure: I am a security product testing nerd. I’ve been following the MITRE ATT&CK Framework for a while, and this week the results were released of the most recent evaluation using APT29 otherwise known as COZY BEAR. First, here’s a snapshot of the Trend eval results as I understand the...
Cloud Transformation Is The Biggest Opportunity To Fix Security
This overview builds on the recent report from Trend Micro Research on cloud-specific security gaps, which can be found here. Don’t be cloud-weary. Hear us out. Recently, a major tipping point was reached in the IT world when more than half of new IT spending was on cloud over non- cloud. So rath...
This Week in Security News: BEC and Blackgear
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the FBI reports a global BEC loss of over $12 billion in 2018. Also, a Blackgear cyberespionage campaign has reemerged, using social media a...
Trend Micro a Leader in Forrester Wave Endpoint Security Report
The results are in from another independent analyst report and it’s great news for Trend Micro’s endpoint security. We achieved the highest score possible for the “strategy” category, were top ranked for “current offering” category, and among the second-highest scores in the market presence...
The Human (Resource) Role in the Journey to GDPR Compliance
Employees are at the center of dealing with the General Data Protection Regulation GDPR, which is the new European regulation that aims to strengthen and standardize the data pricy rights of European citizens. As we’ve discussed throughout this blog series, the GDPR impacts many organizations...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of December 25, 2017
Last Sunday, my day could be best described by the lyrics of Sammy Hagar’s song “I Can’t Drive 55.” I was issued a ticket for an alleged speeding infraction. I usually drive about 10 mph over the speed limit, but my “alleged” lead foot got the best of me and so did the Texas Highway Patrol. C’est...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
Jenkins Args4j CVE-2024-23897: Files Exposed, Code at Risk
Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897...
Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit
In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal...
This Week in Security News: Cybercriminals Distribute Backdoor with VPN Installer and New ‘Alien’ Malware can Steal Passwords from 226 Android Apps
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how threat actors are bundling Windscribe VPN installers with backdoors. Also, read about a new strain of Android malware that...
Automatic Visibility And Immediate Security with Trend Micro + AWS Control Tower
Things fail. It happens. A core principle of building well in the AWS Cloud is reliability. Dr. Vogels said it best, “How can you reduce the impact of failure on your customers?” He uses the term “blast radius” to describe this principle. One of the key methods for reducing blast radius is the AW...
This Week in Security News: 7 Tips for Security Pros Patching in a Pandemic and Coinminer, DDoS Bot Attack Docker Daemon Ports
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a malicious cryptocurrency miner and Distributed Denial of Service DDoS bot that targets open Docker daemon ports. Also, learn...
This Week in Security News: How to Stay Safe as Online Coronavirus Scams Spread and Magecart Cyberattack Targets NutriBullet Website
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about tips you can use to secure your home office. Also, read about how Magecart Group 8 targeted the website of the blender...
This Week in Security News: The First Patch Tuesday Update of 2020 and Pwn2Own Vancouver Announced
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a major crypto-spoofing bug impacting Windows 10 that has been fixed as part of Microsoft’s January Patch Tuesday update. Also,...
Online Phishing: How to Stay Out of the Hackers’ Nets
Despite the growing popularity of social media and messaging apps, email remains the preferred way to communicate online for millions of Americans. And the bad guys know it. Of the 28.6 billion cyber-threats Trend Micro blocked globally in the first half of 2019, over 24.3 billion were carried by...
Tackling the BEC Epidemic in a New Partnership with INTERPOL
In just a few short years, Business Email Compromise BEC has gone from a peripheral threat to a major cyber risk for organizations. It’s making criminal gangs millions of dollars each month, hitting corporate profits and reputation in the process. Trend Micro has built a formidable array of...
This Week in Security News: Magecart Attacks and Is Your Smart TV Spying on You?
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Magecart attacks and the security implications of PSD2. Also, read about how your smart TV might be leaking your data to the lik...
A $100,000 Commitment to Close the Gender Diversity Gap in Cybersecurity
Today as we celebrate International Women’s Day we’re filled with both admiration for strong women who inspire and a sense of responsibility to honor diversity in an industry that has traditionally been quite uniform, especially when it comes to gender. While we celebrate the achievements of wome...
A View of Upcoming Threat Coverage from Pwn2Own 2018
This blog will be updated throughout the competition so keep tracking for the latest updates on upcoming threat coverage! St. Patrick’s Day is coming up later this week, but the contestants at Pwn2Own 2018 will need more than luck on their side. They will need to dive into their expert hacking...
TippingPoint Threat Intelligence and Zero-Day Coverage – Week of March 5, 2018
Today marks the first day of South by Southwest SXSW here in Austin and if you happen to be in town for the event, Trend Micro will be there! Starting tomorrow, Trend Micro will be exhibiting at the SXSW Job Market in booth 523. The SXSW Job Market is being held on March 10-11, 2018 at the Palmer...
How your enterprise applications could be putting your company at risk
The typical company, large or small, depends on a number of different enterprise applications in order to ensure that employees can complete critical, daily tasks. Apps like those for enterprise resource planning, customer relationship management, screen and file sharing have become commonplace i...
3 Reasons to Use VMware NSX with Trend Micro Deep Security
Enterprises have begun adopting network virtualization for their IT infrastructure. According to a 2016 survey conducted by Accenture, 95 percent of small, medium, and large enterprises believe “network services will be virtualized.” Meanwhile, 25 percent of those who have adopted network...
Not All Threats Are Created Equal
In today’s world, security teams are bombarded constantly with security events and threat information from multiple sources, making it impossible to address each threat with the same amount of urgency. Where does one even start? We know every threat should be addressed, but not all threats are...
Smart Check Validated for New Bottlerocket OS
Containers provide a list of benefits to organizations that use them. They’re light, flexible, add consistency across the environment and operate in isolation. However, security concerns prevent some organizations from employing containers. This is despite containers having an extra layer of...
How to Fix a Mac Stuck on a White Screen
If a plain white screen appears when your Mac starts, then some of its hardware or software may have failed. Follow the steps below to solve the problem. 1. Check your Mac’s hardware systematically. To find a malfunctioning device attached to your Mac, start by disconnecting everything from it,...
This Week in Security News: The Cost of Being Unprepared
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, a Georgia bill has the potential to threaten security researchers, and a new report says 77 percent of businesses lack a cybersecurity...
The Evolution of Ransomware
While many businesses and individual users understand that ransomware isn't a new threat, many don't actually know how long this particular infection style has been utilized by hackers. The first attacks took place more than a decade ago, and since then, ransomware authors have only become more...
This Week in Security News
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...
National Cyber Security Awareness Month for Organizations
The month of October 2017 is again the National Cyber Security Awareness Month NCSAM for individuals and organizations. This year’s theme is shared responsibility which is something we’ve been talking a lot about when it comes to public cloud support for many years. This year Trend Micro will be...
Targeted Attack Landscape: A Continuing Threat
When planning the cyber defenses of an organization, it's important to factor in the total threat landscape - including continuing threats as well as emerging security issues. In this way, organizations can create a more holistic data protection posture. While not seen in many headlines currently...
Transforming the Cyber Health of Small HCOs Across the US
When we talk about healthcare breaches, there are some big-name incidents. Yet in reality there’s a huge number of smaller providers who are in the hackers’ sights and maybe don’t have the resources or expertise to adequately defend themselves. With ransomware threatening to shut down systems and...
Cyber Insurance Market 2022: FAQs & Updates with iBynd
iBynd VP of Insurance, Tim Logan, and Trend Micro’s Cyber Risk Specialist Vince Kearns provide insights on cyber insurance must-haves, pricing, services, and how the industry is changing in the face of ransomware attacks, cryptocurrency, and emerging cybersecurity technologies...
From Bugs to Zoombombing: How to Stay Safe in Online Meetings
The COVID-19 pandemic, along with social distancing, has done many things to alter our lives. But in one respect it has merely accelerated a process begun many years ago. We were all spending more and more time online before the virus struck. But now, forced to work, study and socialize at home,...
What Worries CISOs Most In 2019
We recently held a valuable conversation and a great dinner with about a dozen senior IT security leaders in Atlanta, Georgia. I was fortunate to attend and discuss what plagues them most. Here are some of their concerns. Many face considerable change in their business environments – one third of...
Protecting Critical Infrastructure and Roadways: How Smart Cities Create New Risks
Advanced technology has changed countless facets of everyday life, from internal enterprise processes to consumer pursuits and beyond. Even the design, management and support for large and small cities has shifted thanks to innovative smart city systems. While advanced components to support...
This Week in Security News: Rules and Regulation
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, House lawmakers approved legislation for securing technology used to power critical infrastructures from cyberattacks. Read on to learn more...
This Week in Security News: ePrivacy and Hack Back
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, the Council of the European Union reviewed a bill dubbed the “ePrivacy” Regulation, which targets message-sharing services like WhatsApp and...
How To Budget For Cyber Security in 2018
As Q4 begins in earnest, now is the time to start making considerations for next year's budgets. This is especially true for the company's IT and cyber security budgets - a difficult decision with so many robust technologies and new threats emerging. Compounding this problem is the fact that many...
Earth Krahang Exploits Intergovernmental Trust to Launch Cross-Government Attacks
Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa...
Cyberattack Lateral Movement Explained
Lightly edited transcript of the video above Hi there, Mark Nunnikhoven from Trend Micro Research, I want to talk to you about the concept of lateral movement. And the reason why I want to tackle this today is because I've had some conversations in the last few days that have really kind of hit...