TM Named CWS "Strong Performer" by Research Firm

Trend Micro was named a strong performer in the Forrester Wave™: Cloud Workload Security, Q1 2022, achieving the highest possible score in the market presence category. That said, Trend Micro Cloud One secures far more than workloads and containers...

5 Zero Trust Security Model DevOps Integrations

Learn how the zero trust security model can be integrated into your DevOps lifecycle without implicating the agility or speed of your application build...

Detecting Exploitation of Local Vulnerabilities Through Trend Micro Vision One™ and Cloud One™

We provide a guide to detecting Dirty Pipe, a Linux kernel vulnerability tracked as CVE-2022-0847...

An In-Depth Look at ICS Vulnerabilities Part 3

In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common ICS-affecting vulnerabilities identified in 2021...

Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload

Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses both to deliver the LockBit ransomware...

An In-Depth Look at ICS Vulnerabilities Part 2

In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels...

MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639

We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation...

MITRE Engenuity ATT&CK Tests

Trend Micro Vision One achieved a protection score of 100% in this year’s evaluation, proving once again that it is an invaluable tool that provides higher confidence detections for security operations teams...

This Week in Security News - April 1, 2022

Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’...

An In-Depth Look at ICS Vulnerabilities Part 1

In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge ATT&CK for ICS...

Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously

One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine cryptocurrency...

How CISOs can Mitigate Cryptomining Malware

Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat...

Terraform Tutorial: Drift Detection Strategies

A fundamental challenge of architecture built using tools like Terraform is configuration drift. Check out these actionable strategies and steps you can take to detect and mitigate Terraform drift and manage any drift issues you might face...

This Week in Security News - March 25, 2022

An investigation of cryptocurrency scams and schemes, and Lapsus$: Oxford teen accused of being multi-millionaire cyber-criminal...

Purple Fox Uses New Arrival Vector and Improves Malware Arsenal

Purple Fox is an old threat that has been making waves since 2018. This most recent investigation covers Purple Fox’s new arrival vector and early access loaders. Users’ machines seem to be targeted with malicious payloads masquerading as legitimate application installers...

An Investigation of Cryptocurrency Scams and Schemes

We provide an overview of the diverse range of NFT- and cryptocurrency-related scams that malicious actors use to steal assets worldwide...

Cyber Threat Intelligence: Risk Management Strategies

The ever-expanding attack surface of the cloud calls for effective cyber risk management to enable enterprises to innovate and meet business objectives. Discover how to better understand, communicate, and mitigate cyber risk across the enterprise...

Mitigate Top 5 Common Cybersecurity Vulnerabilities

Vulnerabilities in software and infrastructure are a fact of life for developers and SREs. But when you understand vulnerabilities, you can minimize their impact. Learn more about five common threats and how to mitigate them...

How to Secure AWS Serverless API(s)

Discover how to easily enhance security of your container-based AWS serverless API to protect against known and unknown vulnerabilities...

This Week in Security News - March 18, 2022

Global Cyberattacks: Navigating New Frontiers: Trend Micro 2021 Annual Cybersecurity Report, and US Has 'Significant' Cyber Vulnerabilities, But A Sweeping Russian Cyberattack Is Unlikely...

Attacks Abound in Tricky Threat Terrain: 2021 Annual Cybersecurity Report

The digital transformations that had enabled many enterprises to stay afloat amid the Covid-19 health crisis also brought about major upheavals in cybersecurity, the impact of which was still widely felt in 2021. In our annual cybersecurity report, we look back at 2021 in terms of the most...

Cyclops Blink Sets Sights on Asus Routers

This report discusses the technical capabilities of this Cyclops Blink malware variant that targets ASUS routers and includes a list of more than 150 current and historical command-and-control C&C servers of the Cyclops Blink botnet...

How to Build a Serverless API with Lambda and Node.js

Is your app server serving more stress than function? Explore this walkthrough for configuring and deploying a serverless API and discover the vast benefits of letting cloud services manage your infrastructure...

Oil/Gas Cybersecurity: Halt Critical Operation Attacks

Trend Micro has released a technical report on how the oil and gas industry can gain situational awareness across OT, IT and CT...

Utility Cybersecurity: Situational Awareness Cuts Risk

Trend Micro has released a technical report on how the electric utility industry can gain situational awareness across entire network...

10 best practices for S3 bucket security configuration

Explore the 10 best security practices for Amazon S3 and how easy it is to configure security features that can prevent these attacks...

Will Russian Oil Ban Spur Increased Cyber-Attacks

President Biden banned the sale of Russian oil to the United States to deprive the Putin regime of the economic resources needed to wage war. But this may put US companies in the firing line of cyber-attacks from the east...

New Nokoyawa Ransomware Possibly Related to Hive

In March 2022, we came across evidence that another, relatively unknown, ransomware known as Nokoyawa is likely connected with Hive, as the two families share some striking similarities in their attack chain, from the tools used to the order in which they execute various steps...

New RURansom Wiper Targets Russia

We analyze RURansom, a malware variant discovered to be targeting Russia. Originally suspected to be a ransomware because of its name, analysis reveals RURansom to be a wiper...

This Week in Security News March 4, 2022

Global Cyberattacks: How to manage risk in times of chaos, and Ukraine-Russia cyber warzone splits cyber underground...

SMS PVA Part 3: Countries Most Impacted by Service

In this final part, we discuss the countries most affected by SMS PVA services as well as lay out several recommendations to mitigate the risks of such threats...

Cyberattacks are Prominent in the Russia-Ukraine Conflict

As Russia invaded Ukraine, our researchers have also observed a number of alleged cyberattacks perpetrated by different groups. Our research teams have verified and validated internal data and external reports to provide accurate information that can be used to strengthen defenses against these...

SMS PVA Part 3: Countries Most Impacted by Service

In this final part, we discuss the countries most affected by SMS PVA services as well as lay out several recommendations to mitigate the risks of such threats...

5 Cloud Native Security Platform Must-haves

Discover 5 key security components to review and how to leverage a cloud native security platform with Mick McCluney Trend Micro and Kelly Griffin AWS...

Why IaC Security Should Matter to CISOs

Explore how secure infrastructure-as-code IaC enables security leaders to help DevOps teams quickly deliver more business value...

SMS PVA Part 2: Underground Service for Cybercriminals

In part two of this blog entry, we further investigate the innings of smspva.net and discuss the impact and implications of such services...

SMS PVA Part 2: Underground Service for Cybercriminals

In part two of this blog entry, we further investigate the innings of smspva.net and discuss the impact and implications of such services...

This Week in Security News - February 25, 2022

Recent cyberattacks increasingly target open-source web servers, and US officials tell businesses to watch for potential ransomware attacks after Biden announces Russia sanctions...

Global Cyberattacks: Managing Risk in Chaotic Times

As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience...

Global Cyberattacks Tied to the Russian Invasion of Ukraine

Cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices to manage your cyber risk...

Ukraine Cyberattack 2022: Geopolitical Cybersecurity

As geopolitical tensions rise, so does pressure to enhance corporate cyber-resilience...

Global Cyberattacks: Managing Risk in Chaotic Times

As global tension rises, cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices are presented to manage your cyber risk...

Global Cyberattacks Tied to the Russian Invasion of Ukraine

Cyber-risk management and security fundamentals are the key to cyber-resilience. 5 best practices to manage your cyber risk...

SMS PVA Part 1: Underground Service for Cybercriminals

In this three-part blog entry, our team explored SMS PVA, a service built on top of a global bot network that compromises smartphone cybersecurity as we know it...

7 Container Security Best Practices For Better Apps

Explore how to implement 7 container security best practices within a CI/CD pipeline built with tools from Amazon Web Services AWS...

Recent Cyberattacks Target Open-source Web Servers

Malicious actors take advantage of people’s reliance on web servers to perform attacks like remote code execution, access control bypass, denial of service, or even cyberjacking the victim servers to mine cryptocurrencies...

Latest Mac Coinminer Utilizes Open-Source Binaries and the I2P Network

A Mac coinminer has been spotted using open-source components in its routine and the I2P Network to hide its traffic. We dive into old iterations of this malware, and also analyze the newest version...

This Week in Security News - February 18, 2022

SMS PVA services' use of infected Android phones reveals flaws in SMS verification, and 'Russian state-sponsored cyber actors' cited in hacks of U.S. defense contractors...

Ukraine Cyberattack 2022: Geopolitical Cybersecurity

As geopolitical tensions rise, so does pressure to enhance corporate cyber-resilience...

A Guide to the Well-Architected Framework

Discover the six pillars of the Amazon Web Services AWS and Azure Well-Architected Framework, examining best practices and design principles to leverage the cloud in a more efficient, secure, and cost-effective manner...