Developing Story: Information on Attacks Involving 3CX Desktop App

In late March 2023, security researchers revealed that threat actors were actively abusing a popular business communication software from 3CX...

New OpcJacker Malware Distributed via Fake VPN Malvertising

We discovered a new malware, which we named “OpcJacker” due to its opcode configuration design and its cryptocurrency hijacking ability, that has been distributed in the wild since the second half of 2022...

Azure Serverless Security Risks Exposed by New Study

Simulation uncovers hidden features and urges greater user awareness...

ICS/OT Cybersecurity 2022 TXOne Annual Report Insights

This article gives an in-depth overview of TXOne’s insight report on ICS/OT cyber incidents...

Best Practices for Secure Remote Development

Discover the best practices for cybersecurity that developers can implement when working remotely. These will secure your system against security breaches and threats like malware, phishing, data theft, ransomware, and spyware...

Bay Area Bank Collapse and the Cybersecurity Impact

Greg Young, VP of Cybersecurity and CorpDev, discusses what the second-largest bank collapse in U.S. history means for cybersecurity...

Secure Cloud Migration 101

Cloud migration is a journey, not a destination. Learn the basics of security for making the gradual switch, so you can get the most out of what the cloud has to offer...

Earth Preta’s Cyberespionage Campaign Hits Over 200

We present a case study of the cyberespionage efforts by Earth Preta. This study on an active campaign delves into the structure, goals, and requirements of the organizations involved, and provides an opportunity to conduct wider intelligence analysis and insights in the development of effective...

Making the digital world safer, one Tesla at a time

Contestants gather at Pwn2Own Vancouver to showcase their skills and uncover vulnerabilities...

Prevent Ransomware with Cybersecurity Monitoring

Misconfigured cloud and IT assets open the door to a wide range of cyber risks. Automated, continuous cybersecurity monitoring lets organizations watch accounts and systems for exposures in real time and maintain strong attack surface risk management...

Pack it Secretly: Earth Preta’s Updated Stealthy Strategies

After months of investigation, we found that several undisclosed malware and interesting tools used for exfiltration purposes were being used by Earth Preta. We also observed that the threat actors were actively changing their tools, tactics, and procedures TTPs to bypass security solutions. In...

4 Tips for Better AWS Cloud Workload Security

Discover the challenges of AWS cloud workload security and the various technologies that can alleviate them...

AWS Graviton Use Cases

Discover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton...

How Your Cybersecurity Strategy Enables Better Business

84% of respondents in a Trend Micro global survey said cyber policies negatively impact employees’ abilities to do jobs in the office. Discover how an effective cybersecurity strategy can enable better business, instead of slowing it down...

Patch CVE-2023-23397 Immediately: What You Need To Know and Do

We break down the basic information of CVE-2023-23397, the zero-day, zero-touch vulnerability that was rated 9.8 on the Common Vulnerability Scoring System CVSS scale...

S4x23 Review Part 3: Healthcare Cybersecurity Sessions

This article focuses on the healthcare sector. Over the past two years, the healthcare sector has been in a constant state of emergency due to the COVID-19 pandemic, and as widely reported in the media, it has also been threatened by cyberattacks such as ransomware...

Making the digital world safer, one Tesla at a time

Contestants gather at Pwn2Own Vancouver to showcase their skills and uncover vulnerabilities...

3 Ways to Evolve Your Cybersecurity Operations

To meet the expectations of today’s digital enterprises, cybersecurity operations need to modernize in three key ways: by optimizing extended detection and response XDR, adopting proactive cyber risk management, and moving to a unified security platform...

Policy as Code vs Compliance as Code

Learn how policy as code and compliance as code differ and how they can help prevent policy and compliance issues. Investigate the critical area of compliance where automation is playing an increasingly important role in IT management...

ZTNA vs VPN: Secure Remote Work and Access

Explore the drivers behind switching from VPN to Zero Trust Network Access ZTNA for any device access from anywhere...

Emotet Returns, Now Adopts Binary Padding for Evasion

Following a three-month hiatus, Emotet spam activities resumed in March 2023, when a botnet known as Epoch 4 began delivering malicious documents embedded in Zip files that were attached to the emails...

S4x23 Review Part 2: Evolving Energy Cybersecurity

In this second report on S4x23 held last February, this article introduces the discussion on cyber security in the energy industry, which was one of the topics that attracted attention...

Establishing a Proactive Cybersecurity Plan

To help organizations shift security left, Greg Young, Vice President of Cybersecurity and CorpDev at Trend Micro and Andy Anderson, DataStream CEO and Co-Founder, discuss how IT decision makers can educate the board with a proactive cybersecurity plan...

How to Avoid LDAP Injection Attacks

Discover how to implement preventative measures to avoid dangerous LDAP injection vulnerabilities...

Examining Ransomware Payments From a Data-Science Lens

In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups' ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.”...

Security Patch Management Strengthens Ransomware Defense

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...

Expanding Attack Blueprints: 2022 Annual Cybersecurity Report

In this blog entry, we shine a spotlight on some of the most critical cybersecurity concerns of 2022, which we discuss in full in our annual cybersecurity report, “Rethinking Tactics: 2022 Annual Security Report.”...

Zero Day Threat Protection for Your Network

Explore the world of zero day threats and gain valuable insight into the importance of proactive detection and remediation...

Security Patch Management Strengthens Ransomware Defense

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management...

S4x23 Review Part 1: What's New in OT Security

This blog introduces discussions from S4x23, the ICS security conference in Miami over several posts. The first installment will cover two topics from the academic interviews...

Leveraging Data Science to Minimize the Blast Radius of Ransomware Attacks

In this blog entry, we present a case study that illustrates how data-science techniques can be used to gain valuable insights about ransomware groups' targeting patterns as detailed in our research paper, “What Decision-Makers Need to Know About Ransomware Risk.”...

Phishing as a Service Stimulates Cybercrime

With phishing attacks at an all-time high, phishing as a service PhaaS is turning this once-skilled practice into a pay-to-play industry. Understanding the latest attack tactics is critical to improving your email security strategy...

Managed XDR Exposes Spear-Phishing Campaign Targeting Hospitality Industry Using RedLine Stealer

Find out how the Managed XDR team uncovered RedLine Stealer’s evasive spear-phishing campaign that targets the hospitality industry...

PCI Compliance Requirements Guide

There are many challenges that accompany implementing PCI compliance within your organization. Discover how Trend Micro Cloud One™ – Network Security helps you overcome the complexities of maintaining PCI compliance and audit readiness...

Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting

We detail the update that advanced persistent threat APT group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems...

Decrypting Cyber Risk Quantification

Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization...

Understanding Jamstack Security

Learn how Jamstack has emerged as a new architectural paradigm for delivering websites and web-based applications with the promise of improved performance, scalability, and security over the traditional server-driven approach to web development...

A Deep Dive into the Evolution of Ransomware Part 3

This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends...

Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool

Trend Micro’s Managed Extended Detection and Response MxDR team discovered that a file called x32dbg.exe was used to sideload a malicious DLL we identified as a variant of PlugX...

2022 Review: Trend Transforms to SaaS Cybersecurity

Transformation to a SaaS-based cybersecurity vendor...

Amplifying Power to Customer Through Ecosystem Integrations

Transformation to a SaaS-based cybersecurity vendor...

A Deep Dive into the Evolution of Ransomware Part 2

This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends...

Advantages of the AWS Security Maturity Model

In an era of constant web security threats, learn how the AWS Security Maturity Model can help you enhance your organization’s cloud security. This article outlines tips to apply the model according to your organization’s stage of security maturity...

A Secure Access Service Edge (SASE) Guide for Leaders

Discover the benefits of SASE, a network architecture built on zero trust principles, in adopting modern security architectures to reduce cyber risk across the attack surface...

A Deep Dive into the Evolution of Ransomware Part 1

This 3-part blog series takes an in-depth look at the evolution of ransomware business models, from the early stages to current trends...

Common Cloud Configuration Errors & Fixes

Cloud configuration errors are a major concern for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them...

Fight Ransomware with a Cybersecurity Audit

An advanced cybersecurity audit helps identify overlooked IP addresses, forgotten devices, and misconfigured infrastructure that can expose organizations to ransomware and other cyber threats. Find out how to strengthen attack surface risk management...

In Review: What GPT-3 Taught ChatGPT in a Year

Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3...

Royal Ransomware expands attacks by targeting Linux ESXi servers

Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog...

Royal Ransomware Expands Attacks by Targeting Linux ESXi Servers

Ransomware actors have been observed to expand their targets by increasingly developing Linux-based versions. Royal ransomware is following in the same path, a new variant targeting Linux systems emerged and we will provide a technical analysis on this variant in this blog...