Cybersecurity Awareness Month 2022: 3 Actionable Tips

Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface...

The Risk of Ransomware Supply Chain Attacks

Over the years, ransomware has become a major threat and it can put supply chains in deep trouble...

Security Risks in Logistics APIs Used by E-Commerce Platforms

Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and...

Red Teaming to Reduce Cyber Risk

Discover how red teaming can help reduce cyber risk across your ever-expanding digital attack surface...

Top 5 CNAPP-Solved Security Challenges

Cloud-native application security solutions consist of various tools, each with its own objective - learn what security challenges CNAPP solves...

A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities

This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints...

Pros and Cons of 5G

As private 5G networks continue to roll-out, CISOs and security leaders need to fully aware of the security implications to minimize cyber risk. Explore pros and cons as well as security tips for implementing private 5G...

Security Breaks: TeamTNT’s DockerHub Credentials Leak

One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in...

How Malicious Actors Abuse Native Linux Tools in Attacks

Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on how to minimize their impact...

Biden Cybersecurity Executive Order: Ex-USSS Reflects

Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, reflects on the effectiveness of Biden’s executive order and what organizations of all sizes can learn from it...

CIEM vs CWPP vs CSPM

This article will explore three solutions, CIEM, CWPP, and CSPM, detail a sample case for each, and help you to determine when and how to use them—whether individually or in conjunction with one another...

Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques

We analyzed the Distroless technique for reducing the size of container images and explored its capabilities to address security concerns. We provide an alternative approach to Distroless that reduces the attack surface for malicious actors targeting cloud-native applications while optimizing clo...

3 Hybrid Cloud Security Challenges & Solutions

Explore hybrid cloud security challenges, components, and tips to minimize your cyber risk...

Hybrid Cloud Security Challenges & Solutions

Explore hybrid cloud security challenges, components, and tips to minimize your cyber risk...

Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa

Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them indicate that Play, like Nokoyawa, are operated by the same people...

Play Ransomware's Attack Playbook Unmasks it as Another Hive Affiliate like Nokoyawa

Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them indicate that Play, like Nokoyawa, may be a Hive affiliate...

Top 5 Cloud Security Trends from AWS re:Inforce 2022

With the industry changing so rapidly, it is often hard to keep up with what is new in cloud security, so we thought we would put together a list of the top five cloud security trends we found during AWS re:Inforce 2022...

Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm

In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. However, in our recent investigations, we have discovered a controller application that expands its capabilities...

Metaverse Broadband Infrastructure Security

The metaverse is coming—but what does that mean for network infrastructure? We explore expected changes, network challenges, and tips for enhancing network security to minimize cyber risk across the attack surface...

Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report

This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.”...

Cyber Security Managed Services 101

MSP partnerships are growing in line with rapid cloud migration and the evolving threat landscape. Discover how an MSP can help your business and tips for making an informed partner decision...

ZTNA vs VPN: Secure Remote Work & Access - SASE Part 2

Explore the drivers behind switching from VPN to Zero Trust Network Access ZTNA for any device access from anywhere...

Unlocking Serverless with AWS Lambda and IAM

Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that can be expanded on as you grow and explore the many services on AWS...

New Golang Ransomware Agenda Customizes Attacks

A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and Africa. This ransomware is called Agenda and is customized per victim...

Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus

We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware...

4 Cybersecurity Budget Management Tips

Learn how CISOs can strategically manage their cybersecurity budget to run more productive cybersecurity teams amid a skills shortage...

Business Email Compromise Attack Tactics

Is BEC more damaging than ransomware? What tactics are BEC actors using? How can organizations bolster their defenses? Jon Clay, VP of threat intelligence, tackles these pertinent questions and more to help reduce cyber risk...

Protecting S3 from Malware: The Cold Hard Truth

Cloud object storage is a core component of any modern application, but most cloud file storage security is insufficient...

Analyzing the Hidden Danger of Environment Variables for Keeping Secrets

While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows...

Detect Threats with Runtime Security

With the increasing use of multi-cloud infrastructure services security has become more complex. You need simplified security for your cloud-native applications with advanced container image scanning, policy-based admission control, and container runtime protection...

Top Five Patch Management & Process Best Practices

Explore the top patch management best practices to mitigate the growing threat of vulnerability exploits in your organization...

What Exposed OPA Servers Can Tell You About Your Applications

This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security...

Oil and Gas Cybersecurity: Recommendations Part 3

In the final part of our series, we look at the APT33 case study and several recommendations from our expert team...

Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users

We found APT group Iron Tiger's malware compromising chat application Mimi’s servers in a supply chain attack...

Event-Driven Architectures & the Security Implications

This article explores event-driven architecture EDA with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best practices for mitigating security concerns...

Oil and Gas Cybersecurity: Threats Part 2

In part two of our oil and gas series, we look at more threats that can expose the industry to cyberattacks...

Cyber Insurance Coverage Checklist: 5 Security Items

Explore 5 security considerations in-line with cyber insurance requirements to renew or obtain a policy while reducing your cyber risk...

CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies

We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension...

Improve Threat Detection & Response with OCSF

New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier...

A Secure Access Service Edge (SASE) Guide for Leaders

Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface...

A Secure Access Service Edge (SASE ) Guide for Leaders

Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface...

Forecasting Metaverse Threats: Will it Become Metaworse?

This report shares threat predictions concerning a rapidly evolving area of the physical and digital word – the metaverse. We refine our definition of the metaverse, while identifying threats against it and inside it...

Facebook's Metaverse is Expanding the Attack Surface

Understand the cybersecurity risks in the Metaverse...

Oil and Gas Cybersecurity: Industry Overview Part 1

With geopolitical tensions running high, oil and gas companies may be more susceptible to cyberattacks...

Cyber Insurance Market 2022: FAQs & Updates with iBynd

iBynd VP of Insurance, Tim Logan, and Trend Micro’s Cyber Risk Specialist Vince Kearns provide insights on cyber insurance must-haves, pricing, services, and how the industry is changing in the face of ransomware attacks, cryptocurrency, and emerging cybersecurity technologies...

Well-Architected Framework: Sustainability

One of the key pillars of the AWS Well-Architected Framework WAF is sustainability: the idea that cloud applications should be designed to minimize their environmental impact. Gain insight into the WAF sustainability pillar and discover best practices for architecting your cloud applications to...

Lessons from the Russian Cyber Warfare Attacks

Trend Micro experts discuss how the prominence of cyberwarfare in a hyper-connected world is a call for enhanced cyber risk management...

SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant

This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be planning to expand its operations through these fraudulent apps and its recruitment of...

Examining New DawDropper Banking Dropper and DaaS on the Dark Web

In this blog post, we discuss the technical details of a new banking dropper that we have dubbed DawDropper, give a brief history of banking trojans released in early 2022 that use malicious droppers, and elaborate on cybercriminal activities related to DaaS in the deep web...

Transport Layer Security (TLS): Issues & Protocol

Although Transport layer security TLS provides enhanced security, cybercriminals have become increasingly savvy, finding ways to circumvent many of these protections. Learn how malicious actors exploit vulnerabilities within TLS to introduce new forms of malware...