2303 matches found
How to Implement a Secure API Gateway
As you rely more on APIs to connect microservices in modern applications, these APIs become a lucrative target for bad actors. Learn how an API gateway provides an extra layer of security, helping protect your systems and data from unauthorized access...
How to Write a Cybersecurity Policy for Generative AI
Just months after hitting the scene, generative AI already seems like it will become a permanent addition to the enterprise IT toolbox. For CISOs, the pressure is on to roll out AI security policies and technologies that can mitigate very real and present risks...
Gaps in Azure Service Fabric’s Security Call for User Vigilance
In this blog post, we discuss different configuration scenarios that may lead to security issues with Azure Service Fabric, a distributed platform for deploying, managing, and scaling microservices and container applications...
MOVEit Vulnerability Breaches Targeted Fed Agencies
Jon Clay and Ed Cabrera talk about the MOVEit breaches and more in the video series TrendTalksBizSec...
GraphQL vs gRPC: Which One Creates More Secure APIs?
Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API frameworks and how to prevent them...
SeroXen Mechanisms: Exploring Distribution, Risks, and Impact
This is the third installment of a three-part technical analysis of the fully undetectable FUD obfuscation engine BatCloak and SeroXen malware. In this entry, we document the techniques used to spread and abuse SeroXen, as well as the security risks, impact, implications of, and insights into...
Generative AI Assistant Makes Hunting Threats Faster
Learn how analysts can search for threats with greater accuracy, speed, and effectiveness...
Decrypting Cyber Risk Quantification
Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization...
Insight on Vulnerabilities in MOVEit Transfer
Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back...
Insights on the MOVEit File Transfer Vulnerability
Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back...
Attack Surface Management Strategies
As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. We explore how proactive cyber risk management can help harden your defenses and reduce the likelihood of an attack or breach...
To Fight Cyber Extortion and Ransomware, Shift Left
How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm...
Your New AI Assistant: Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential...
Use PCI DSS Checklist with Automation
Meet requirements and compliance levels without interrupting your workflow...
Using Kubernetes ConfigMaps for Proper Secret Management
Kubernetes ConfigMaps and Secrets have transformed how you manage containerized applications securely. Read on to learn how ConfigMaps have revolutionized application lifecycle processes by reducing hardcoding efforts and enhancing portability...
Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion
Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential...
SeroXen Incorporates Latest BatCloak Engine Iteration
We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable FUD .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion...
Behind the Scenes: Unveiling the Hidden Workings of Earth Preta
This blog entry discusses the more technical details on the most recent tools, techniques, and procedures TTPs leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor...
Ransomware Insurance: Security Strategies to Obtain Coverage
Ransomware accounts for 75% of all cyber insurance claims, yet 40% of business currently lack the coverage needed. Discover security strategies to help you meet ransomware insurance requirements...
Building a seamless and secure cloud environment with AWS
Elevate cloud capabilities and stay ahead in today's dynamic cloud landscape...
SRE vs DevOps: Differences & Similarities
SRE vs DevOps: which approach should you use? Explore shared goals and distinctions between their functions and responsibilities...
Analyzing the FUD Malware Obfuscation Engine BatCloak
We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable FUD capabilities...
Guide to Serverless Architecture Design Patterns
Discover the power of serverless architecture design patterns for scalable and efficient application development. Explore EDA, pub-sub, fan-out/fan-in, strangler, and saga patterns. Learn how to select, implement, and optimize them for your needs...
Essential Cybersecurity Compliance Standards
With the continued expansion of your attack surface, cybersecurity compliance has become more important than ever. Gain an overview of the most popular compliance standards, including HIPAA, NIST, ISO, and PCI DSS, to safeguard your business against potential risks...
Impulse Team’s Massive Years-Long Mostly-Undetected Cryptocurrency Scam
We have been able to uncover a massive cryptocurrency scam involving more than a thousand websites handled by different affiliates linked to a program called Impulse Project, run by a threat actor named Impulse Team...
What is Secure Web Gateway’s (SWG) Role in Zero Trust?
Explore why secure web gateway SWG is important to effectively secure cloud resources and reduce cyber risk across the attack surface and the role a zero trust strategy can play...
Event-Driven Architecture & the Security Implications
This article explores the benefits of event-driven architecture for developers and best practices for mitigating security concerns...
Xollam, the Latest Face of TargetCompany
This blog talks about the latest TargetCompany ransomware variant, Xollam, and the new initial access technique it uses. We also investigate previous variants' behaviors and the ransomware family's extortion scheme...
Amazon Security Lake Partners with Trend
Trend Micro is proud to be a launch partner for Amazon Security Lake, which puts the customer in control, making critical data available to them from third-party security and analytics solutions of their choice...
Trend is a Launch Partner for Amazon Security Lake
Trend Micro is proud to be a launch partner for Amazon Security Lake, which puts the customer in control, making critical data available to them from third-party security and analytics solutions of their choice...
Generative AI: What Every CISO Needs to Know
New technologies always change the security landscape, but few are likely to have the transformative power of generative AI. As platforms like ChatGPT continue to catch on, CISOs need to understand the unprecedented cybersecurity risks they bring—and what to do about them...
Investigating BlackSuit Ransomware’s Similarities to Royal
In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware...
Worldwide 2022 Email Phishing Statistics and Examples
Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2022...
Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals
Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu's motives seem to have...
When is it time for a cyber hygiene audit?
Cyber hygiene is crucial for keeping your organization safe by limiting security breaches, threats against your IT infrastructure, and more. Read on to learn more about what makes up cyber hygiene, and how to audit its effectiveness...
New Info Stealer Bandit Stealer Targets Browsers, Wallets
This is an analysis of Bandit Stealer, a new Go-based information-stealing malware capable of evading detection as it targets multiple browsers and cryptocurrency wallets...
Abusing Web Services Using Automated CAPTCHA-Breaking Services and Residential Proxies
This blog entry features three case studies that show how malicious actors evade the antispam, antibot, and antiabuse measures of online web services via residential proxies and CAPTCHA-breaking services...
Moore's Law, Latent Demand, and the Slowing of Cloud Computing
A growing chorus of organizations are slowing their cloud computing and migration. William Malik, Trend Micro’s VP of Infrastructure Strategies, discusses why this is happening, and what it will mean for organizations’ long-term plans...
Understanding XPath Injection Vulnerabilities
The ability to trigger XPath queries with user-supplied information introduces the risk of XPath injection attacks. Read on to explore how these attacks work and discover how to keep your XPath queries secure...
Health Industry Cybersecurity Best Practices 2023
This blog explains the new resources of health industry cybersecurity practices and landscape analysis which the HHS U.S. Department of Health and Human Services released in Apr 2023...
Against the Clock: Cyber Incident Response Plan
Conventional wisdom says most organizations will experience a cybersecurity breach at some point—if they haven’t already. That makes having a ready-to-launch incident response process crucial when an attack is detected, as this fictionalized scenario shows...
How Connected Car Cyber Risk will Evolve
Learn how connected car cyber risk will evolve in the coming years...
Info Stealer Abusing Codespaces Puts Discord Users at Risk
In this entry, we detail our research findings on how an info stealer is able to achieve persistence on a victim’s machine by modifying the victim’s Discord client...
Future Exploitation Vector: File Extensions as Top-Level Domains
In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains TLDs while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards...
BlackCat Ransomware Deploys New Signed Kernel Driver
In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase...
Healthcare cybersecurity updated in HIMSS23
This update reports on the current state of cybersecurity in the healthcare industry from the CISA’s keynote in Cybersecurity forum of HIMSS23...
Azure vs. AWS Developer Tools Guide
Azure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision...
Rust-Based Info Stealers Abuse GitHub Codespaces
This is the first part of our security analysis of an information stealer targeting GitHub Codespaces CS that discusses how attackers can abuse these cloud services for a variety of malicious activities...
Healthcare cybersecurity updated in HIMSS23
This update reports on the current state of cybersecurity in the healthcare industry from the CISA’s keynote in Cybersecurity forum of HIMSS23...
Accelerating Security Risk Management
In response to the expanding attack surface, Mike Milner, Trend Micro VP of Cloud Technology, explores the role security risk management plays in this new era of cybersecurity and how IT leaders are accelerating innovation...