2303 matches found
The Journey to Zero Trust with Industry Frameworks
Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model...
Zero Trust Frameworks for Industry
Discover the core principles and frameworks of Zero Trust, NIST 800-207 guidelines, and best practices when implementing CISA’s Zero Trust Maturity Model...
Cybersecurity Threat 1H 2023 Brief with Generative AI
How generative AI influenced threat trends in 1H 2023...
Leverage the AWS Sustainability Pillar to Minimize Environmental Impact
One of the key pillars of the AWS Well-Architected Framework WAF is sustainability: the idea that cloud applications should be designed to minimize their environmental impact. Gain insight into the WAF sustainability pillar and discover best practices for architecting your cloud applications to...
Lower Data Breach Insurance Costs with These Tips
The changing attack landscape has resulted in the hardening of the data breach insurance market. Gain insight into how implementing security controls can reduce the mean time to detect and control the costliness of an attack...
TargetCompany Ransomware Abuses FUD Obfuscator Packers
In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable FUD obfuscator engine BatCloak to infect vulnerable systems...
Latest Batloader Campaigns Use Pyarmor Pro for Evasion
In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries...
Break IT/OT Silos by Expanding SOC Responsibilities
The latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks...
7 Container Security Best Practices For Better Apps
Explore how to implement 7 container security best practices within a CI/CD pipeline built with tools from Amazon Web Services AWS...
New SEC Cybersecurity Rules: What You Need to Know
The US Securities and Exchange Commission SEC recently adopted rules regarding mandatory cybersecurity disclosure. Explore what this announcement means for you and your organization...
New SEC Cybersecurity Rules: What You Need to Know
The US Securities and Exchange Commission SEC recently adopted rules regarding mandatory cybersecurity disclosure. Explore what this announcement means for you and your organization...
Tech Consolidation – How and When?
Streamlining IT for business optimal business performance...
A Better Way to Secure Servers & Cloud Workloads
Why endpoint security falls short in the complexity of modern IT infrastructure...
4 Generative AI Security Benefits
It may be some time before generative AI security can autonomously mitigate cyber threats, but we’re already seeing early examples of how AI models can strengthen enterprise cybersecurity in powerful and transformative ways...
How to Leverage the AWS Cost Optimization Pillar
Explore the Cost Optimization pillar of the AWS Well-Architected Framework and gain best practices for designing processes that make it possible to go to market and optimize costs early on...
Related CherryBlos and FakeTrade Android Malware Involved in Scam Campaigns
Trend Micro’s Mobile Application Reputation Service MARS team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users...
How a Cyber Security Platform Addresses the 3 “S”
Explore how a security platform can help organizations address the 3 "S" impacting cybersecurity: stealth, sustainability, and shortage...
4 Cybersecurity Budget Management Tips
Learn how CISOs and security leaders can strategically manage their cybersecurity budget to run more productive security teams amid a recession and skills shortage...
How to Leverage AWS Performance Efficiency Pillar
Explore the Performance Efficiency pillar of the AWS Well-Architected Framework and discover how to create performance efficiency in the compute, storage, database, and network elements of cloud infrastructures...
Trend Vision One™ - A Cybersecurity Consolidation Path
A single-platform approach delivers value greater than the sum of its parts...
Security Patch Management Strengthens Ransomware Defense
With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...
AWS Reliability Pillar: Consistent Cloud Architecture
Gain insight into the Reliability pillar of the AWS Well-Architected Framework and best practices for cloud-based operations, including change management and disaster recovery...
The XDR Payoff: Better Security Posture
As the extended detection and response XDR market grows and evolves, it’s a great opportunity to learn about the positive outcomes like better security posture experienced by organizations that have invested in these capabilities...
Taking the Fight to the Cyber-Criminals
Trend Micro and INTERPOL collaborate to create a safer digital world...
Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad
We recently found that an MSI installer built by the National Information Technology Board NITB, a Pakistani government entity, delivered a Shadowpad sample, suggesting a possible supply-chain attack...
Possible Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad
We recently found that a modified installer of the E-Office app used by the Pakistani government delivered a Shadowpad sample, suggesting a possible supply-chain attack...
Intrusion Detection & Prevention Systems Guide
IDPS, IDS, IPS… what’s the difference? Discover key differences between intrusion detection and prevention systems as well as 9 technical and non-technical questions to ask when evaluating vendors...
Platform Approach to Cybersecurity: The New Paradigm
Embracing platform approach as the path to enhanced security and resilience...
AI Coding Companions: Comparing AWS, GitHub, & Google
Top cloud vendors and software companies are rolling out AI coding companions that use generative AI to speed up and streamline DevOps. In this blog, we take a look at what some of these new tools have in common, where they differ, and what they mean for cybersecurity...
Detecting BPFDoor Backdoor Variants Abusing BPF Filters
An analysis of advanced persistent threat APT group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021...
Intrusion Detection & Prevention Systems Guide
IDPS, IDS, IPS… what’s the difference? Discover key differences between intrusion detection and prevention systems as well as 9 technical and non-technical questions to ask when evaluating vendors...
AWS Security Pillar: A Well-Architected Cloud Environment
Explore the Security pillar of the AWS Well-Architected Framework and be guided through the fundamental security controls that should be addressed when designing, transitioning to, and operating in a cloud environment...
The AWS Well-Architected Framework Guide
Discover the six Amazon Web Services AWS Well-Architected Framework pillars by examining best practices and design principles to leverage the cloud in a more efficient, secure, and cost-effective manner...
Guide to Operationalizing Zero Trust
Zero Trust is no longer a buzzword but an essential element in enterprise security architecture. Operating on the 'never trust, always verify' principle, Zero Trust plays a vital role in protecting enterprise assets and data. However, operationalizing Zero Trust can be challenging for businesses...
Hunting for A New Stealthy Universal Rootkit Loader
In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module...
Tailing Big Head Ransomware’s Variants, Tactics, and Impact
We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware...
Mitigate Top 5 Common Cybersecurity Vulnerabilities
Cybersecurity vulnerabilities in software and infrastructure are a fact of life for developers and SREs. But when you understand vulnerabilities, you can minimize their impact. Learn more about five common threats and how to mitigate them...
Cybersecurity Awareness Training to Fight Ransomware
Advanced technologies allow organizations to discover, assess and mitigate cyber threats like ransomware. But truly strong cybersecurity also requires a threat-aware workforce—prompting more and more enterprises to focus on cybersecurity awareness training and testing...
Four Must-haves to Strengthen Your Endpoint Security
To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security...
ChatGPT Shared Links and Information Protection: Risks and Measures Organizations Must Understand
Since its initial release in late 2022, the AI-powered text generation tool known as ChatGPT has been experiencing rapid adoption rates from both organizations and individual users. However, its latest feature, known as Shared Links, comes with the potential risk of unintentional disclosure of...
How to Achieve AWS Operational Excellence in Your Cloud Workload
Explore the Operational Excellence pillar of the AWS Well-Architected Framework and examine best practices and design principles for cloud-based security operations, including CI/CD and risk management...
Deliver ISO Compliance with Automation
Learn the ISO security and cloud compliance as well as the automated mechanisms to ensure those standards...
Malvertising Used as Entry Vector for BlackCat, Actors Also Leverage SpyBoy Terminator
We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this activity led t...
Meet NIST Compliance Standards Using Automation
Achieve NIST compliance for your business without slowing down your team...
Human vs Machine Identity Risk Management
In today's business world's dynamic and ever-changing digital landscape, organizations encounter escalating security challenges that demand a more business-friendly and pertinent approach...
The Well-Architected Framework Guide
Discover the six Amazon Web Services AWS pillars by examining best practices and design principles to leverage the cloud in a more efficient, secure, and cost-effective manner...
How Zero Trust Can Help Your Organization: Strengthening Security and Supply Chain Assurance
In this article, we will explore how Zero Trust can benefit your organization, focusing on its ability to enhance security, secure supply chains, and align with international regulatory frameworks...
How to Reach Compliance with HIPAA
Explore how to fulfil HIPAA compliance standards without friction...
How to Deploy Generative AI Safely and Responsibly
New uses for generative AI are being introduced every day—but so are new risks...
An Overview of the Different Versions of the Trigona Ransomware
The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been continuously updating their ransomware binaries...