SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification

Certain SMS PVA services allow their customers to create disposable user profiles or register multiple accounts on many popular online platforms. These services can be abused by criminals to conduct fraud or other malicious activities...

SMS PVA Services' Use of Infected Android Phones Reveals Flaws in SMS Verification

Certain SMS PVA services allow their customers to create disposable user profiles or register multiple accounts on many popular online platforms. These services can be abused by criminals to conduct fraud or other malicious activities...

Security Automation with Vision One & Palo Alto

Trend Micro Vision One™ integrates with Palo Alto Networks Cortex™ XSOAR to drive automated response to incidents uncovered by Vision One...

Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™

This blog discusses how CVE-2021-4034 can be detected and blocked using Trend Micro™ Vision One™ and Trend Micro Cloud One™...

This Week in Security News - February 11, 2022

Hidden scams in malicious scans, and feds arrest couple who allegedly laundered $1 Billion in stolen bitcoins...

3 cybersecurity trends & mitigation strategies for CISOs

Explore 3 cyber security trends and how to strategically mitigate future risks with Trend Micro’s Jon Clay, VP of threat intelligence and Ed Cabrera, chief cybersecurity officer...

What is a cloud native application protection platform (CNAPP)?

We explore CNAPP, the latest industry acronym coined by the Gartner report Innovation Insight for Cloud-Native Application Protection Platforms, and why devs need to know about it...

A Cloud Native Application Protection Platform Guide

In this article we explore CNAPP, the latest industry acronym coined by Gartner, and why devs need to know about it...

Why Cyber Change Outpaces Boardroom Engagement

Organizations must avoid the mistakes of the past and build a security-by-design culture that permeates enterprise-wide...

This Week in Security News - February 4, 2022

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. Learn about the Samba vulnerability discovered by Trend Micro the White House’s warning of Russian hacks as tensions with Ukraine grow...

Cryptojacking Attacks Target Alibaba ECS Instances

Discover how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero...

Codex Exposed: Helping Hackers in Training?

How useful is the Codex code generator as a potential training tool?...

IaC: Azure Resource Manager Templates vs. Terraform

Dive into a hands-on comparison of Azure Resource Manager templates and Terraform. This article highlights the primary features of each solution, comparing and contrasting their capabilities and performance...

The Samba Vulnerability: What is CVE-2021-44142 and How to Fix It

Information on the latest Samba vulnerability and how to protect systems against the threats that can exploit it...

How to Use Zero Trust Security for the Hybrid Cloud

Securing the hybrid cloud can be complex. Explore how CISOs can use the zero trust security approach for more proactive protection...

This Week in Security News - January 28th, 2022

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read the third installment of Trend Micro’s Codex series. Also, read about the White House’s latest zero-trust approach to its cybersecurity...

3 Remote Work Security Tips for CISOs

How can CISOs manage remote work security? Explore 3 tips to secure networks, endpoints, and users...

What is Cloud Native?

You’ve most likely heard the term “cloud native,” but what does it really mean? This article explores the five requirements of a true cloud native application...

Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems

In 2021, a team of researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service DDS standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022...

How to detect Apache Log4j vulnerabilities

Explore how to detect Apache Log4j Log4Shell vulnerabilities using cloud-native security tools...

TianySpy Malware Uses Smishing Disguised as Message From Telco

Trend Micro confirmed a new mobile malware infection chain targeting both Android and iPhone devices. The malware might have been designed to steal credentials associated with membership websites of major Japanese telecommunication services...

Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant

LockBit ransomware's operators announced the release of its first Linux and ESXi variant in October. With samples also spotted in the wild, we discuss the impact and analysis of this variant...

Investigating APT36 or Earth Karkaddan’s Attack Chain and Malware Arsenal

We investigated the most recent activities of APT36, also known as Earth Karkaddan, a politically motivated advanced persistent threat APT group, and discuss its use of CapraRAT, an Android RAT with clear similarities in design to the group’s favored Windows malware, Crimson RAT...

Codex Exposed: Task Automation and Response Consistency

Being able to automate tasks or programmatically execute them unsupervised is an essential part of both regular and malicious computer usage, so we wondered if a tool like Codex was reliable enough to be scripted and left to run unsupervised, generating the required code...

This Week in Security News - January 21, 2022

This week, read about various cybersecurity threats that affect industrial control and the Cybersecurity and Infrastructure Security Agency CISA’s latest cyberattack warnings...

Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware

We found waves of Emotet spam campaigns using unconventional IP addresses to evade detection...

Cybersecurity for Industrial Control Systems: Part 2

To cap off the series, we’ll discuss malware detection and distribution in various countries. Our team also rounds up several insights to help strengthen ICS cybersecurity and mitigate malware attacks...

Defending Users’ NAS Devices From Evolving Threats

In our latest research, we analyze the threats targeting well-known brands of network-attached storage NAS devices...

Microservice Security: How to Proactively Protect Apps

Microservices are growing in popularity—how can development teams embed seamless security into the entire pipeline? Fernando Cardoso, solutions architect at Trend Micro, breaks it down for you...

New Ransomware Spotted: White Rabbit and Its Evasion Tactics

We analyze the ransomware White Rabbit and bring into focus the familiar evasion tactics employed by this newcomer...

Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques

Our technical brief provides an in-depth look at Earth Lusca’s activities, the tools it employs in attacks, and the infrastructure it uses...

Cybersecurity for Industrial Control Systems: Part 1

In this two-part series, we look into various cybersecurity threats that affected industrial control systems endpoints. We also discuss several insights and recommendations to mitigate such threats...

Analyzing an Old Bug and Discovering CVE-2021-30995

A vulnerability found in 2021 has been patched and re-patched in the months since it was reported. We analyze the bug and outline the process that led to the discovery of CVE-2021-30995...

Analyzing DevSecOps vs. DevOps

Learn the difference between DevSecOps and DevOps and get tips to smoothly embed security throughout the entire build lifecycle...

Codex Exposed: How Low Is Too Low When We Generate Code?

In a series of blog posts, we explore different aspects of Codex and assess its capabilities with a focus on the security aspects that affect not only regular developers but also malicious users. This is the second part of the series...

This Week in Security News - January 14, 2022

This week, read about how crucial it is for security teams to adopt an integrated approach to threat detection, such as remote control, and Congress’s plan to update the Federal Information Security Management Act FISMA for the first time in eight years...

LoRaWAN's Protocol Stacks: The Forgotten Targets at Risk

This report is the fourth part of our LoRaWAN security series, and highlights an attack vector that, so far, has not attracted much attention: the LoRaWAN stack. The stack is the root of LoRaWAN implementation and security. We hope to help users secure it and make LoRaWAN communication resistant ...

Uncovering and Defending Systems Against Attacks With Layers of Remote Control

The Trend Micro™ Managed XDR team addressed a stealthy multilayered attack that progressed from an exploited endpoint vulnerability to the use of legitimate remote access tools including Remote Desktop Protocol RDP as its final means of intrusion...

Codex Exposed: Exploring the Capabilities and Risks of OpenAI’s Code Generator

The first of a series of blog posts examines the security risks of Codex, a code generator powered by the GPT-3 engine...

This Week in Security News - January 7th, 2022

This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones...

This Week in Security News - January 7, 2022

This week, read about Log4j vulnerabilities in connected cars and charging stations and how iOS malware can fake iPhone shutdowns to snoop on cameras and microphones...

Organized Cybercrime Cases: What CISOs Need to Know

Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service AaaS, an emerging business model selling all-access passes to other malicious actors...

Workshop: Building Modern Applications with DevOps Security

In this workshop, you’ll learn how to leverage DevOps Security with your serverless applications running on AWS Lambda or containerized applications running on AWS Fargate. Learn how to make cloud security more efficient, proactive, and gain visibility...

Apache Log4j: Mitigation for DevOps

What can DevOps teams do to mitigate Apache Log4j risks? Explore how to secure your apps for today and against future vulnerabilities...

Top 5 DevOps Resource Center Articles of 2021

We look back on the 5 most popular DevOps Resource Center articles in 2021 to help you build at your best in 2022...

Apache Log4j: Mitigating risks

Explore tactical measures and strategic guidance to mitigate ongoing risks caused by Apache Log4j Log4Shell...

Examining Log4j Vulnerabilities in Connected Cars and Charging Stations

In this entry we look into how Log4j vulnerabilities affect devices or properties embedded in or used for connected cars, specifically chargers, in-vehicle infotainment systems, and digital remotes for opening cars...

The Log4j story, and how it has impacted our customers

Read about the Log4j story, an analysis of the impact and what to do next...

How to detect Apache HTTP Server Exploitation

With recent news of the critical, zero-day vulnerability Apache Log4Shell, we explore how to detect and protect your Apache HTTP servers...

What to Do About Log4j

Learn more about some tactical measures people are already taking, and some strategic guidance for what to do after the immediate crisis abates...