2022 Cybersecurity Trends for DevSecOps

Trying to adopt DevSecOps culture? Or already in the thick of it? Trend Research explores the cybersecurity trends for 2022 to enhance your security strategy and get the most out of DevSecOps...

Are Endpoints at Risk for Log4Shell Attacks?

We created a free assessment tool for scanning devices to know whether it is at risk for Log4Shell attacks...

This Week in Security News - December 17, 2021

This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability that has the potential to cause ‘incalculable’ damage...

Oracle WebLogic Detection and Mitigation

We review 2020 and 2021 Oracle WebLogic vulnerabilities and how using a unified SaaS platform can help you detect and mitigate these sophisticated risks...

Staging a Quack: Reverse Analyzing a Fileless QAKBOT Stager

We analyzed a fileless QAKBOT stager possibly connected to the recently reported Squirrelwaffle campaign...

Volatile and Adaptable: Tracking the Movements of Modern Ransomware

Trend Micro's tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private users...

Volatile and Adaptable: Tracking the Movements of Modern Ransomware

Trend Micro's tracking of modern ransomware, as well as of older families, shows which attacks are gaining momentum and which families are particularly dangerous for enterprises and private users...

Collecting In the Dark: Tropic Trooper Targets Transportation and Government

Our long-term monitoring of the cyberespionage group Earth Centaur aka Tropic Trooper shows that the threat actors are equipped with new tools and techniques. The group seems to be targeting transportation companies and government agencies related to transportation...

Why you need XDR in today's threat landscape

Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to enabling more resilience...

Why You Need XDR in Today's Threat Landscape

Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to enabling more resilience...

Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited

Log4Shell., also known as CVE-2021-44228, was first reported privately to Apache on November 24 and was patched with version 2.15.0 of Log4j on December 9. It affects Apache Struts, Apache Solr, Apache Druid, Elasticsearch, Apache Dubbo, and VMware vCenter...

Why XDR security in today's threat landscape

Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to enabling more resilience...

A Look Into Purple Fox’s Server Infrastructure

By examining Purple Fox’s routines and activities, both with our initial research and the subject matter we cover in this blog post, we hope to help incident responders, security operation centers SOCs, and security researchers find and weed out Purple Fox infections in their network...

New Yanluowang Ransomware Found to be Code-Signed, Terminates Database-Related Processes

We analyzed new samples of the Yanluowang ransomware. One interesting aspect of these samples is that the files are code-signed. They also terminate various processes which are related to database and backup management...

This Week in Security News - December 10, 2021

This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure...

How Zero Trust and XDR Work Together

As the Zero Trust approach gains momentum, more organizations are looking to apply it to their security strategy. Learn how XDR and Zero Trust work together to enhance your security posture...

The Evolution of IoT Linux Malware Based on MITRE ATT&CK TTPs

In our study, we relied on the tactics, techniques, and procedures of MITRE ATT&CK to define the malware capabilities and characteristics of IoT Linux malware. We describe our findings and how IoT malware has been evolving...

Top 10 Azure Cloud Configuration Mistakes

Trend Micro Research determined the top 10 Azure services with the highest configuration rates...

Cybersecurity Trends for 2022

Explore Trend Micro Research’s security insights and predictions for 2022 to enable more informed and proactive decision-making...

Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022

In this entry, we discuss several of our predictions that security professionals and decision-makers should know about to help them make informed decisions on various security fronts in the coming year...

Virtual Patching 101

Get the lowdown on virtual patching: a simplified, automated solution to shielding vulnerabilities from exploits...

This Week in Security News - December 3, 2021

This week, learn about how Squirrelwaffle utilized ProxyLogon and ProxyShell to hack email chains. Also, read on a recent data breach of the Los Angeles Planned Parenthood Network...

Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify

We looked into exploitation attempts we observed in the wild and the abuse of legitimate platforms Netlify and GitHub as repositories for malware...

What to do at AWS re:Invent 2021 - Day 3

Welcome to your complete guide to AWS re:Invent 2021 Day 3, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually...

Analyzing How TeamTNT Used Compromised Docker Hub Accounts

Following our previous disclosure of compromised Docker hub accounts delivering cryptocurrency miners, we analyze these accounts and discover more malicious actions that you need to be aware of...

Top 10 AWS Security Misconfiguration

Misconfigurations pose the biggest threat to cloud security. We compiled the top 10 AWS services with the highest misconfiguration rates...

ESG Economic Value Validation of XDR

Hear leading analyst firm ESG and Chase Renes, system administrator at Vision Bank, discuss the operational, business, and financial value of Trend Micro’s industry-leading XDR solution...

What You Can Do to Mitigate Cloud Misconfigurations

Cloud misconfigurations can become opportunities for cyberattacks or lead to data breaches. Organizations must mitigate them before incurring significant and costly consequences...

AWS re:Invent 2021 Guide: Checklist & Key Sessions

Welcome to your complete guide to AWS re:Invent 2021, where you will find tips on how to get the most out of your conference experience both in Las Vegas and virtually...

Trend Micro Cloud One Network Security-as-a-Service

Trend Micro, alongside Amazon Web Services, provides the latest in cloud-native deployment options. We have simplified network security, protecting customers across Virtual Private Clouds VPCs without needing agents to be installed on instances...

Campaign Abusing Legitimate Remote Administrator Tools Uses Fake Cryptocurrency Websites

We have been tracking a campaign involving the SpyAgent malware that abuses well-known remote access tools RATs for some time now. While previous versions of the malware have been covered by other researchers, our blog entry focuses on the malicious actor’s latest attacks...

Reduce Friction Between IT Leaders and C-suite

As we creep toward a post-pandemic world, organizations need to plan accordingly. Explore Trend Micro’s latest cyber risk research to enable your business to maximize its growth and potential...

A Complete Guide to Cloud-Native Application Security

Explore this comprehensive guide to application security, which provides an overview of the importance of embedding runtime application security controls in the application build workflow to protect cloud-native web applications and APIs...

Defend Against Cyber Espionage Attacks

Explore Trend Micro’s latest research into Void Balaur, a prolific cybermercenary group, to learn how to defend against attacks launched by this growing group of threat actors...

COP26 Backs Electric Vehicles to Reduce Climate Change

The 26 United Nations Climate Change Conference pushes for countries of parties to adopt more widespread EV use in order to reduce the looming threats of climate change...

BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors

We observed BazarLoader adding two new arrival mechanisms to their current roster of malware delivery techniques...

N-Day Exploit Protection Strategies

Over two years, Trend Micro Research scoured the underground forums for insight into the N-day exploit market. Discover their findings and how you can secure your organization against exploits...

Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains

Squirrelwaffle is known for using the tactic of sending malicious spam as replies to existing email chains. We look into how by investigating its exploit of Microsoft Exchange Server vulnerabilities, ProxyLogon and ProxyShell...

Ransomware as a Service 101

To help you enhance your defense against ransomware, Trend Micro Research shares key insights on how ransomware as a service RaaS operators work...

This Week in Security News - November 19, 2021

This week, learn about how the QAKBOT Loader malware has evolved its techniques and strategies over time. Also, read about the most recent initiative by the legislation to further cybersecurity protection...

A Guide to Ransomware: Prevention and Response

This article will provide guidelines aimed at helping readers understand how to detect and prevent ransomware and limit its effect...

Application Security 101

Everything DevOps teams need to know about web application security risks and best practices...

Analyzing ProxyShell-related Incidents via Trend Micro Managed XDR

In this blog entry, we will take a look at the ProxyShell vulnerabilities that were being exploited in these events, and dive deeper into the notable post-exploitation routines that were used in four separate incidents involving these web shell attacks...

Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels

A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition across five continents involving law enforcement and private partners, including Trend Micro, sought to crack down on big ransomware operators...

Post-pandemic growth starts with understanding risk

The digital transformations that accompanied the pandemic are here to stay. To succeed in the post-pandemic era, organizations must come to a shared understanding about cybersecurity as a critical element of business risk...

Groups Target Alibaba ECS Instances for Cryptojacking

We looked at how some malicious groups disable features in Alibaba Cloud ECS instances for illicit mining of Monero...

QAKBOT Loader Returns With New Techniques and Tools

QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware attacks. Our report shares some insight into the new techniques and tools this threat is using...

This Week in Security News - November 12, 2021

This week, learn about the prolific cybermercenaries, Void Balaur, and their recent attacks. Also, read on the 80-country agreement to mobilize safeguards against cyberattacks...

Private 5G Security Risks in Manufacturing Part 4

We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry...

QAKBOT Loader Returns With New Techniques and Tools

QAKBOT operators resumed email spam operations towards the end of September after an almost three-month hiatus. QAKBOT detection has become a precursor to many critical and widespread ransomware attacks. Our report shares some insight into the new techniques and tools this threat is using...