GraphQL vs gRPC: Which One Creates More Secure APIs?

Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API frameworks and how to prevent them...

Generative AI Assistant Makes Hunting Threats Faster

Learn how analysts can search for threats with greater accuracy, speed, and effectiveness...

Decrypting Cyber Risk Quantification

Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization...

Insight on Vulnerabilities in MOVEit Transfer

Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back...

Insights on the MOVEit File Transfer Vulnerability

Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back...

SeroXen Incorporates Latest BatCloak Engine Iteration

We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable FUD .bat loader. This is the second part of a three-part series documenting the abuse of BatCloak’s evasion...

To Fight Cyber Extortion and Ransomware, Shift Left

How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm...

Attack Surface Management Strategies

As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. We explore how proactive cyber risk management can help harden your defenses and reduce the likelihood of an attack or breach...

Using Kubernetes ConfigMaps for Proper Secret Management

Kubernetes ConfigMaps and Secrets have transformed how you manage containerized applications securely. Read on to learn how ConfigMaps have revolutionized application lifecycle processes by reducing hardcoding efforts and enhancing portability...

Use PCI DSS Checklist with Automation

Meet requirements and compliance levels without interrupting your workflow...

Your New AI Assistant: Trend Vision One™ – Companion

Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential...

Meet Your New AI Assistant: Introducing Trend Vision One™ – Companion

Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential...

Behind the Scenes: Unveiling the Hidden Workings of Earth Preta

This blog entry discusses the more technical details on the most recent tools, techniques, and procedures TTPs leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor...

Building a seamless and secure cloud environment with AWS

Elevate cloud capabilities and stay ahead in today's dynamic cloud landscape...

Ransomware Insurance: Security Strategies to Obtain Coverage

Ransomware accounts for 75% of all cyber insurance claims, yet 40% of business currently lack the coverage needed. Discover security strategies to help you meet ransomware insurance requirements...

SRE vs DevOps: Differences & Similarities

SRE vs DevOps: which approach should you use? Explore shared goals and distinctions between their functions and responsibilities...

Analyzing the FUD Malware Obfuscation Engine BatCloak

We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable FUD capabilities...

Guide to Serverless Architecture Design Patterns

Discover the power of serverless architecture design patterns for scalable and efficient application development. Explore EDA, pub-sub, fan-out/fan-in, strangler, and saga patterns. Learn how to select, implement, and optimize them for your needs...

Essential Cybersecurity Compliance Standards

With the continued expansion of your attack surface, cybersecurity compliance has become more important than ever. Gain an overview of the most popular compliance standards, including HIPAA, NIST, ISO, and PCI DSS, to safeguard your business against potential risks...

Event-Driven Architecture & the Security Implications

This article explores the benefits of event-driven architecture for developers and best practices for mitigating security concerns...

Impulse Team’s Massive Years-Long Mostly-Undetected Cryptocurrency Scam

We have been able to uncover a massive cryptocurrency scam involving more than a thousand websites handled by different affiliates linked to a program called Impulse Project, run by a threat actor named Impulse Team...

Xollam, the Latest Face of TargetCompany

This blog talks about the latest TargetCompany ransomware variant, Xollam, and the new initial access technique it uses. We also investigate previous variants' behaviors and the ransomware family's extortion scheme...

What is Secure Web Gateway’s (SWG) Role in Zero Trust?

Explore why secure web gateway SWG is important to effectively secure cloud resources and reduce cyber risk across the attack surface and the role a zero trust strategy can play...

Amazon Security Lake Partners with Trend

Trend Micro is proud to be a launch partner for Amazon Security Lake, which puts the customer in control, making critical data available to them from third-party security and analytics solutions of their choice...

Trend is a Launch Partner for Amazon Security Lake

Trend Micro is proud to be a launch partner for Amazon Security Lake, which puts the customer in control, making critical data available to them from third-party security and analytics solutions of their choice...

Generative AI: What Every CISO Needs to Know

New technologies always change the security landscape, but few are likely to have the transformative power of generative AI. As platforms like ChatGPT continue to catch on, CISOs need to understand the unprecedented cybersecurity risks they bring—and what to do about them...

Investigating BlackSuit Ransomware’s Similarities to Royal

In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware...

Worldwide 2022 Email Phishing Statistics and Examples

Explore the need for going beyond built-in Microsoft 365 and Google Workspace™ security based on email threats detected in 2022...

Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals

Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor in recent attacks shows how Void Rabisu's motives seem to have...

When is it time for a cyber hygiene audit?

Cyber hygiene is crucial for keeping your organization safe by limiting security breaches, threats against your IT infrastructure, and more. Read on to learn more about what makes up cyber hygiene, and how to audit its effectiveness...

New Info Stealer Bandit Stealer Targets Browsers, Wallets

This is an analysis of Bandit Stealer, a new Go-based information-stealing malware capable of evading detection as it targets multiple browsers and cryptocurrency wallets...

Understanding XPath Injection Vulnerabilities

The ability to trigger XPath queries with user-supplied information introduces the risk of XPath injection attacks. Read on to explore how these attacks work and discover how to keep your XPath queries secure...

Abusing Web Services Using Automated CAPTCHA-Breaking Services and Residential Proxies

This blog entry features three case studies that show how malicious actors evade the antispam, antibot, and antiabuse measures of online web services via residential proxies and CAPTCHA-breaking services...

Moore's Law, Latent Demand, and the Slowing of Cloud Computing

A growing chorus of organizations are slowing their cloud computing and migration. William Malik, Trend Micro’s VP of Infrastructure Strategies, discusses why this is happening, and what it will mean for organizations’ long-term plans...

Health Industry Cybersecurity Best Practices 2023

This blog explains the new resources of health industry cybersecurity practices and landscape analysis which the HHS U.S. Department of Health and Human Services released in Apr 2023...

Against the Clock: Cyber Incident Response Plan

Conventional wisdom says most organizations will experience a cybersecurity breach at some point—if they haven’t already. That makes having a ready-to-launch incident response process crucial when an attack is detected, as this fictionalized scenario shows...

Info Stealer Abusing Codespaces Puts Discord Users at Risk

In this entry, we detail our research findings on how an info stealer is able to achieve persistence on a victim’s machine by modifying the victim’s Discord client...

Future Exploitation Vector: File Extensions as Top-Level Domains

In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains TLDs while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards...

How Connected Car Cyber Risk will Evolve

Learn how connected car cyber risk will evolve in the coming years...

BlackCat Ransomware Deploys New Signed Kernel Driver

In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase...

Healthcare cybersecurity updated in HIMSS23

This update reports on the current state of cybersecurity in the healthcare industry from the CISA’s keynote in Cybersecurity forum of HIMSS23...

Azure vs. AWS Developer Tools Guide

Azure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision...

Rust-Based Info Stealers Abuse GitHub Codespaces

This is the first part of our security analysis of an information stealer targeting GitHub Codespaces CS that discusses how attackers can abuse these cloud services for a variety of malicious activities...

Healthcare cybersecurity updated in HIMSS23

This update reports on the current state of cybersecurity in the healthcare industry from the CISA’s keynote in Cybersecurity forum of HIMSS23...

Accelerating Security Risk Management

In response to the expanding attack surface, Mike Milner, Trend Micro VP of Cloud Technology, explores the role security risk management plays in this new era of cybersecurity and how IT leaders are accelerating innovation...

Lemon Group’s Cybercriminal Businesses Built on Preinfected Devices

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things IoT devices. This research was presented in full at the Black Hat Asia 2023 Conference in Singapore in May 2023...

Security Vulnerabilities of ChatGPT-Generated Code

Discover the cybersecurity risks of AI-generated code, learn how to protect your applications, and understand how the rise of ChatGPT is impacting software development...

8220 Gang Evolves With New Strategies

We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability...

Cyber Risk Management in 2023: The People Element

Explore the latest findings from Trend Micro’s Cyber Risk Index 2H’2022 and discover how to enhance cybersecurity risk management across the digital attack surface...

Water Orthrus's New Campaigns Deliver Rootkit and Phishing Modules

Water Orthrus has been active recently with two new campaigns. CopperStealth uses a rootkit to install malware on infected systems, while CopperPhish steals credit card information. This blog will provide the structure of the campaign and how they work...