Energy Transformation via Cyber-Resilient Smart Grid

Learn more about smart grid vulnerabilities and how organizations can future-proof their enterprises...

Malicious AI Tool Ads Used to Deliver Redline Stealer

We’ve been observing malicious advertisement campaigns in Google’s search engine with themes that are related to AI tools such as Midjourney and ChatGPT...

Diversification drives success

Trend’s diversification of business units and geographic markets provides resilience that enables growth, anticipation and innovation...

SaaS Drove Trend’s 20% Q1 2023 Year-Over-Year Growth

Trend’s diversification of business units and geographic markets provides resilience that enables growth, anticipation and innovation...

Manage Cyber Risk with a Platform Approach

Discover how a platform approach can best assist and support security operations teams with a cyber risk management so you can be more resilient with less resources...

3 Types of Cross-Site Scripting (XSS) Attacks

Cybersecurity is a major concern online, and hackers can use multiple vectors to target your website. Learn about the three types of cross-site scripting XSS cyberattacks, how they overlap, and how to mitigate XSS vulnerabilities in your projects...

Managed XDR Investigation of Ducktail in Trend Micro Vision One™

The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers...

How to Build a Simple Application Powered by ChatGPT

OpenAI’s ChatGPT API enables applications to access and integrate ChatGPT, a large language model LLM that generates human-like responses to input. Learn how to build a web application that utilizes ChatGPT to generate useful output...

Data Exfiltration Prevention with Zero Trust

Data exposure from SaaS and cloud applications is an increasing risk factor facing businesses today. Discover how SASE capabilities can help prevent data exfiltration, achieve zero trust, and reduce cyber risk across the attack surface...

Managed XDR Investigation of Ducktail in Trend Vision One™

The Trend Micro Managed XDR team investigated several Ducktail-related web browser credential dumping incidents involving different customers...

Key Trends and Insights from RSAC 2023

Unpacking the Future of Cybersecurity...

Inside the 2022 Email Cyber Threat Landscape

Key trends and predictions you should know about...

To fight cyber extortion and ransomware, shift left

How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm...

Achieving Cloud Compliance Throughout Your Migration

Part of a secure cloud migration strategy is ensuring compliance of all the moving pieces. Just like your cloud journey, cloud compliance isn’t all about the final destination. Discover how to leverage cloud security tools to ensure compliance is met along the way...

Attack on Security Titans: Earth Longzhi Returns With New Tricks

After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat APT group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat...

Global Cyber Risk Lowers to Moderate Level in 2H' 2022

Trend’s seventh edition of the Cyber Risk Index CRI reveals an in-depth analysis of cyber threat and vulnerabilities...

To Keep Up With Cybersecurity Laws, Go 'Federal First'

With new cybersecurity laws and regulations rolling out, the best way to maintain broad compliance is to align with the most stringent frameworks. In the U.S., that means taking a ‘federal first’ approach—conforming to the highest security requirements of the United States federal government...

Rapture, a Ransomware Family With Similarities to Paradise

In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how quickly they managed to carry out the ransomware attac...

SSL vs. TLS: Which should you be using?

You may wonder if you should choose SSL or TLS to secure your network. Explore the differences between the two communications protocols, use cases where you should choose one or the other, and best practices for using SSL and TLS...

Update Now: PaperCut Vulnerability CVE-2023-27350 Under Active Exploitation

Two vulnerabilities in PaperCut have been found, and one of them is being actively exploited in the wild. This blog entry provides a summary of the vulnerabilities, and includes security guidance for IT and SOC professionals...

Attackers Use Containers for Profit via TrafficStealer

We found TrafficStealer abusing open container APIs in order to redirect traffic to specific websites and manipulate engagement with ads...

Security Benefits of Enhanced Cloud Visibility

On the fence about migrating to the cloud because security seems complex and abstract? Let go of your on-premises point products and discover how a platform with enhanced cloud visibility can help smooth out your cloud journey...

Achieving Cloud Compliance Throughout Your Migration

Part of a secure cloud migration strategy is ensuring compliance of all the moving pieces. Just like your cloud journey, cloud compliance isn’t all about the final destination. Discover how to leverage cloud security tools to ensure compliance is met along the way...

Attack Surface Management Strategies

As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. We explore how proactive cyber risk management can help harden your defenses and reduce the likelihood of an attack or breach...

ViperSoftX Updates Encryption, Steals Data

We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious. We also noted more sophisticated encryption and basic anti-analysis...

Guide to Better Threat Detection and Response (XDR)

50% of security teams in a Trend Micro global study said they’re overwhelmed by the number of alerts surfaced by disconnected point products and SIEMs. Discover how XDR can enhance threat detection and response to improve a SecOps team’s efficiency and outcomes...

Cyber Threat Intelligence: The Power of Data

Discover how cybersecurity leaders and decision makers can leverage cyber threat intelligence to increase security posture and reduce risk...

Top 5 Infrastructure as Code Security Challenges

Learn how to counteract the top five challenges of infrastructure as code IaC and discover how these obstacles pose a threat to security and gain valuable insight in how to mitigate these risks...

Trend Achieves AWS Level 1 MSSP Competency Status

Trend offers 24x7 fully managed security services uniquely designed in collaboration with AWS security experts to protect, monitor, and respond to security events of AWS environments...

5 Types of Cyber Crime Groups

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy...

5 Types of Cyber Crime Groups

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy...

Security Benefits of Cloud Automation

Learn more about how cloud automation can simplify security controls, policies, and scans...

Security Benefits of Cloud Automation

Learn more about how cloud automation can simplify security controls, policies, and scans...

An Analysis of the BabLock (aka Rorschach) Ransomware

This blog post analyzes a stealthy and expeditious ransomware called BabLock aka Rorschach, which shares many characteristics with LockBit...

CIEM vs CWPP vs CSPM Use Cases

Discover the differences between CIEM, CWPP, and CSPM and how to use them individually or in conjunction...

Choosing a Hybrid Cloud Security Solution 101

Explore helpful tips for choosing the right hybrid cloud security solution to address cybersecurity challenges of today and tomorrow...

Choosing a Hybrid Cloud Security Solution 101

Explore helpful tips for choosing the right hybrid cloud security solution to address cybersecurity challenges of today and tomorrow...

Inside the 2022 Email Cyber Threat Landscape

Key trends and predictions you should know about...

Reduce SaaS App Risks with Cloud Security Broker & Zero Trust

Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to maintain data control with Cloud Application Security Broker CASB technology and a zero trust strategy...

Why Chaos Engineering is a Good Stress Test Strategy

Learn about chaos engineering, a method of resilience testing that intentionally introduces “chaos” into a system to discover vulnerabilities and weaknesses that can be exploited by attackers...

Future Proof Your Business from Cybersecurity Threats

A recent global Trend Micro survey found that 53% of respondents said it’s impossible to future-proof cybersecurity due to evolving threats. Respectfully, we disagree. Discover best practices to shifting security left and future proofing your business against cybersecurity threats...

Cyber Insurance Coverage FAQ with DataStream CEO

To help organizations simplify the cyber insurance process and understand the must-have security controls involved, Trend Micro Cyber Risk Specialist, Vince Kearns, and Data Stream CEO and Co-Founder, Andy Anderson, examine cyber insurance coverage along with approaches to strengthening...

Improve Post-Quantum Cryptography Security with CSPM

Gain valuable insight into the emerging world of post-quantum computing and how a security posture management CSPM can bolster your post quantum cryptography defenses...

Unpacking the Structure of Modern Cybercrime Organizations

We examine three differently sized criminal groups to know how they compare to similarly sized legitimate businesses in terms of how they are organized. We also discuss how threat researchers can use their knowledge of the size and structure of a target criminal organization to aid their...

Stay Ahead of Cyber Threats

Going further and faster with high-performance network security...

S4x23 Review Part 4: Cybersecurity for Industrial IoT

In this fourth article, I introduce the discussion related to Industrial IoT, that is involved challenges to adopt cybersecurity strategy into modernizing environment...

Mac Malware MacStealer Spreads as Fake P2E Apps

We detected Mac malware MacStealer spreading via websites, social media, and messaging platforms Twitter, Discord, and Telegram. Cybercriminals lure victims to download it by plagiarizing legitimate play-to-earn P2E apps’ images and offering jobs as beta testers...

3 Shifts in the Cyber Threat Landscape

The threat landscape is always changing and these three major shifts are already underway. Learn to recognize them to protect your organization from cyber threats...

Fighting mercenaries with the Cybersecurity Tech Accord

Trend Micro co-Authors Cyber Mercenary Principles to help guide the technology industry and others in dealing with the growing market of cyber mercenaries...

Preventing and Detecting Attacks Involving 3CX Desktop App

In this blog entry, we provide technical details and analysis on the 3CX attacks as they happen. We also discuss available solutions which security teams can maximize for early detection and mitigate the impact of 3CX attacks...