How to Improve Cybersecurity Awareness and Training

Bill Malik, former Research Director at Gartner, discusses how to leverage the Capability Maturity Model to create an effective awareness program...

AWS Graviton Use Cases

Discover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton...

Cybersecurity Awareness Month 2023: 4 Actionable Tips

Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface...

Examining the Activities of the Turla APT Group

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group...

Zero Trust Adoption: Tips to Win Over Leadership

Implementing Zero Trust can be difficult due to outdated systems, employee resistance, and cost. Yet, the benefits outweigh the challenges. It is key to use a platform that combines multiple security technologies to simplify IT and risk assessment, proper planning, and getting security buy-in fro...

Decoding Turla: Trend Micro's MITRE Performance

This year, the MITRE Engenuity ATT&CK evaluation tested cybersecurity vendors against simulated attack scenarios mimicking the adversary group “Turla.” Learn about Trend Micro's 100% successful protection performance...

Cybercriminals Exploit the Moroccan Tragedy in New Scam Campaign

This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud...

Attacks on 5G Infrastructure From Users’ Devices

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations depend on the speed, efficiency...

Protect CNC Machines in Networked IT/OT Environments

Networking IT/OT environments is a bit like walking a tightrope, balancing the pursuit of intelligence and efficiency against the risks of exposing OT systems to the wider world. Trend Micro recently teamed up with global machine tool company Celada to identify specific risks associated with...

Unsung Hero in Cyber Risk Management

Behind the scenes of the world of vulnerability intelligence and threat hunting...

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement

While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor's server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we've dubbed SprySOCKS due to its swift behavior and SOCKS implementation...

Biden National Cybersecurity Strategy Key Takeaways

Major changes are underway, with new rules for federal agencies and updated requirements for public-private partnerships. We discuss the implementation plans for the strategy's first two pillars: defend critical infrastructure and disrupt and dismantle threat actors...

3 Strategic Insights from Cybersecurity Leader Study

Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges...

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method...

Managing Cyber Risk for CISOs Under Pressure

Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively...

Azure vs. AWS Developer Tools Guide

Azure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision...

TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms

Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members...

TrickBot & Conti Sanctions: Implications for CISOs & Boardrooms

Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members...

How Zero Trust and XDR Work Together

As the Zero Trust approach gains momentum, more organizations are looking to apply it to their security strategy. Learn how XDR and Zero Trust work together to enhance your security posture...

Analyzing a Facebook Profile Stealer Written in Node.js

We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication...

Revisiting 16shop Phishing Kit, Trend-Interpol Partnership

In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign...

Qakbot Takedown: The Road Ahead is Long and Winding

A long and challenging journey against cybercrime around the world...

IT & OT security: How to Bridge the Gap

Connecting IT and OT environments can give industrial organizations powerful efficiencies, but it also introduces cybersecurity challenges. A new Trend Micro/SANS Institute report gets at the heart of those IT and OT security issues—and how to address them...

Earth Estries Targets Government, Tech for Cyberespionage

We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures TTPs employed, we observed overlaps with the advanced persistent threat APT group FamousSparrow as Earth Estries targets governments and...

Stealthy Android Malware MMRat Carries Out Bank Fraud Via Fake App Stores

The Trend Micro Mobile Application Reputation Service MARS team discovered a new, fully undetected Android banking trojan, dubbed MMRat, that has been targeting mobile users in Southeast Asia since late June 2023...

How to Protect Your CI/CD Pipeline

Continuous integration and continuous delivery/deployment CI/CD has won over app developers, with enterprise cybersecurity teams on the hook to protect CI/CD pipelines. OWASP’s Top 10 CI/CD Security Risks clarify what to watch for...

4 Popular Cybersecurity Myths vs. Facts

Any cybersecurity approach is only as strong as its underlying assumptions. What happens when those assumptions are wrong? Find out where confusion about cybersecurity facts can lead organizations astray...

6 Ransomware Trends & Evolutions to Watch For

In the era of digital transformation, ransomware groups are adapting to changing technology. The next evolution of ransomware could begin with these trends...

OT and IT Visibility and Efficiency Barriers

Learn the common OT and IT visibility and efficiency barriers, as well as how to get around them...

What Can Generative AI do for Hybrid Cloud Security?

As enterprise security operations centers absorb cloud security functions, they face new challenges and require new skills. Generative AI can help by laying a secure cloud foundation and empowering SOC teams to respond effectively when threats arise...

INTERPOL + Trend to Fight African Cybercrime Networks

Global threat intelligence helps to disrupt thousands of African cyber crimes networks...

Profile Stealers Spread via LLM-themed Facebook Ads

In this entry, we discuss how a threat actor abuses paid Facebook promotions featuring LLMs to spread malicious code, with the goal of installing a malicious browser add-on and stealing victims’ credentials...

Ex-USSS CISO Explains Agencies' Struggle with Biden EO

Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden's cybersecurity executive order...

Ex-USSS CISO Explains Agencies' Struggle with Biden EO

Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden's cybersecurity executive order...

The Current Security State of Private 5G Networks

Private 5G networks offer businesses enhanced security, reliability, and scalability. Learn more about why private 5G could be the future of secure networking...

5 Types of Cyber Crime Groups

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy...

Top 10 AI Security Risks According to OWASP

The unveiling of the first-ever Open Worldwide Application Security Project OWASP risk list for large language model AI chatbots was yet another sign of generative AI’s rush into the mainstream—and a crucial step toward protecting enterprises from AI-related threats...

How to Build a Simple Application Powered by ChatGPT

OpenAI’s ChatGPT API enables applications to access and integrate ChatGPT, a large language model LLM that generates human-like responses to input. Learn how to build a web application that utilizes ChatGPT to generate useful output...

Top 10 AI Security Risks According to OWASP

The unveiling of the first-ever Open Worldwide Application Security Project OWASP risk list for large language model AI chatbots was yet another sign of generative AI’s rush into the mainstream—and a crucial step toward protecting enterprises from AI-related threats...

Monti Ransomware Unleashes a New Encryptor for Linux

The Monti ransomware collective has restarted their operations, focusing on institutions in the legal and governmental fields. Simultaneously, a new variant of Monti, based on the Linux platform, has surfaced, demonstrating notable differences from its previous Linux-based versions...

ChatGPT Highlights a Flaw in the Educational System

Rethinking learning metrics and fostering critical thinking in the era of generative AI and LLMs...

OT Security is Less Mature but Progressing Rapidly

The latest study said that OT security is less mature in several capabilities than IT security, but most organizations are improving it...

The Journey to Zero Trust with Industry Frameworks

Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model...

An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector

In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain...

Zero Trust Frameworks for Industry

Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model...

The Journey to Zero Trust with Industry Frameworks

Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model...

Zero Trust Frameworks for Industry

Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model...

Cybersecurity Threat 1H 2023 Brief with Generative AI

How generative AI influenced threat trends in 1H 2023...

Lower Data Breach Insurance Costs with These Tips

The changing attack landscape has resulted in the hardening of the data breach insurance market. Gain insight into how implementing security controls can reduce the mean time to detect and control the costliness of an attack...

Leverage the AWS Sustainability Pillar to Minimize Environmental Impact

One of the key pillars of the AWS Well-Architected Framework WAF is sustainability: the idea that cloud applications should be designed to minimize their environmental impact. Gain insight into the WAF sustainability pillar and discover best practices for architecting your cloud applications to...