Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One

We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883...

Tracking CVE-2021-26084 and Other Server-Based Vulnerability Exploits via Trend Micro Cloud One and Trend Micro Vision One

We look into campaigns that exploit the following server vulnerabilities: CVE-2021-26084, CVE-2020-14882, CVE-2020-14750, and CVE-2020-14883...

Security Risks with Private 5G in Manufacturing Companies Part. 2

We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...

Private 5G Security Risks in Manufacturing Part 2

We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry...

Ransomware Operators Found Using New "Franchise" Business Model

We found a relatively new and interesting ransomware operation that takes inspiration from franchise business models. It seems that the operators are rebranding a "supplier" ransomware before deployment instead of simply distributing it under the original name...

This Week in Security News – October 15, 2021

Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...

Demo: How to Build a Container Registry from a Container

What came first the container or the container registry? Find out and learn how to build, run, and scan your very own container registry from a container itself on your laptop...

Ransomware Operators Found Using New "Franchise" Business Model

We found a relatively new and interesting ransomware operation that takes inspiration from franchise business models. It seems that the operators are rebranding a "supplier" ransomware before deployment instead of simply distributing it under the original name...

This Week in Security News – October 15, 2021

Actors target Huawei Cloud using upgraded Linux malware, 7-Eleven breached customer privacy by collecting facial imagery without consent and more...

Demo: How to Build a Container Registry from a Container

What came first the container or the container registry? Find out and learn how to build, run, and scan your very own container registry from a container itself on your laptop...

Security Risks with Private 5G in Manufacturing Companies Part. 2

We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...

Simplify Security with Open Source Code Scanning Tools

Explore how source security tools can help mitigate the risk of utilizing open source libraries, saving development effort by using open source components while ensuring your final product’s security...

Analyzing Email Services Abused for Business Email Compromise

We analyzed five major types of email channels, and the techniques in keywords and domain names BEC actors use to appear legitimate to potential victims...

Simplify Security with Open Source Code Scanning Tools

Explore how source security tools can help mitigate the risk of utilizing open source libraries, saving development effort by using open source components while ensuring your final product’s security...

Analyzing Email Services Abused for Business Email Compromise

We analyzed five major types of email channels, and the techniques in keywords and domain names BEC actors use to appear legitimate to potential victims...

October Patch Tuesday: 3 Critical Bulletins Among 71

The October Patch Tuesday maintains the relatively peaceful streak from previous months with only 3 bulletins rated as Critical among 71 new vulnerabilities...

Secure Manufacturing on Cloud, Edge and 5G (Download PDF)

This e-book provides you with insight into system changes brought on by factory production processes and explains how the cloud and 5G have transformed smart factories. You’ll also receive a look into how we map the attack scenario so you can identify the type of risks that lie throughout the...

Secure Manufacturing on Cloud, Edge and 5G (Download PDF)

This e-book provides you with insight into system changes brought on by factory production processes and explains how the cloud and 5G have transformed smart factories. You’ll also receive a look into how we map the attack scenario so you can identify the type of risks that lie throughout the...

October Patch Tuesday: 3 Critical Bulletins Among 71

The October Patch Tuesday maintains the relatively peaceful streak from previous months with only 3 bulletins rated as Critical among 71 new vulnerabilities...

New Bill to Require Cyber Attack Reporting in the US

The Cyber Incident Notification Act of 2021 would also require CISA to launch a program that would notify organizations of various vectors that malicious actors exploit...

New Bill to Require Cyber Attack Reporting in the US

The Cyber Incident Notification Act of 2021 would also require CISA to launch a program that would notify organizations of various vectors that malicious actors exploit...

Minimize SecOps Risk with Less Tools and More Security

Security leaders are seeking new ways to minimize SecOps security monitoring tools while increasing efficiency for SecOps teams. Read this article to learn more...

Minimize SecOps Risk with Less Tools and More Security

Security leaders are seeking new ways to minimize SecOps security monitoring tools while increasing efficiency for SecOps teams. Read this article to learn more...

Honda to Start Selling Smart Car Data

The auto giant is just one of many auto companies monetizing smart car data, creating a new industry set to be worth $400 billion by 2030...

Expanded Cloud Misconfiguration & IaaS Security

Cloud One – Conformity has expanded its support for multi-clouds and Terraform users to add even more configuration checks so cloud projects are built on a foundation of best practice security and compliance...

Expanded Cloud Misconfiguration & IaaS Security

Cloud One – Conformity has expanded its support for multi-clouds and Terraform users to add even more configuration checks so cloud projects are built on a foundation of best practice security and compliance...

How Quantum Computers Can Impact Security

While it might be too early to completely overhaul security protocols to prepare for quantum computing — not to mention that there is currently no post-quantum cryptographic standard existing at the moment — it would be a good idea for organizations to start planning for the future...

How Quantum Computers Can Impact Security

While it might be too early to completely overhaul security protocols to prepare for quantum computing — not to mention that there is currently no post-quantum cryptographic standard existing at the moment — it would be a good idea for organizations to start planning for the future...

Honda to Start Selling Smart Car Data

The auto giant is just one of many auto companies monetizing smart car data, creating a new industry set to be worth $400 billion by 2030...

Demo: A Guide to Virtual Machine App Security

Enhance your virtual machine VM application security from vulnerabilities in your Spring Framework Java application by reviewing these guidelines...

Actors Target Huawei Cloud Using Upgraded Linux Malware

In this article, we discuss a new Linux malware trend in which malicious actors deploy code that removes applications and services present mainly in Huawei Cloud...

Actors Target Huawei Cloud Using Upgraded Linux Malware

In this article, we discuss a new Linux malware trend in which malicious actors deploy code that removes applications and services present mainly in Huawei Cloud...

Demo: A Guide to Virtual Machine App Security

Enhance your virtual machine VM application security from vulnerabilities in your Spring Framework Java application by reviewing these guidelines...

Security Risks with Private 5G in Manufacturing Companies Part. 1

We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...

Security Risks with Private 5G in Manufacturing Companies Part. 1

We can see signs of increased activity in areas of business that use 5G around the world. 5G technology will usher in new personal services through smartphones, and it will also play a large part in industry. The option of Private 5G lets private companies and local governments have their own...

CISA, NIST Says Use Cybersecurity Control Systems

The agencies conducted a crosswalk of existing cybersecurity documents and identified nine categories to be used as the foundation for preliminary control systems cybersecurity performance goals...

CISA, NIST Says Use Cybersecurity Control Systems

The agencies conducted a crosswalk of existing cybersecurity documents and identified nine categories to be used as the foundation for preliminary control systems cybersecurity performance goals...

Enhance Network Security for AWS Transit Gateway

Increase security and visibility for lateral and outbound network-loads using the look-aside inspection architecture...

Enhance Network Security for AWS Transit Gateway

Increase security and visibility for lateral and outbound network-loads using the look-aside inspection architecture...

This Week in Security News – October 1, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about Zloader, a notable recent ZBOT variant. Also, read on a recently introduced bill that would mandate ransom payment reporting...

This Week in Security News – October 1, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about Zloader, a notable recent ZBOT variant. Also, read on a recently introduced bill that would mandate ransom payment reporting...

A Kubernetes Pod Security Policy Alternative

A quick look at the deprecation of Kubernetes Pod Security Policy and how to ensure your clusters are protected going forward...

Mac Users Targeted by Trojanized iTerm2 App

We go into more detail about a fake version of the iTerm2 app that downloads and runs malware, detected by Trend Micro as TrojanSpy.Python.ZURU.A, which collects private data from a victim’s machine...

FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal

Trend Micro detected a new campaign using a recent version of the known FormBook infostealer. Newer FormBook variants used the recent Office 365 zero-day vulnerability, CVE-2021-40444...

IoT and Zero Trust Are Incompatible? Just the Opposite

IoT is a big security headache for a lot of reasons. So how can these be part of a Zero Trust architecture?...

Fake Installers Drop Malware and Open Doors for Opportunistic Attackers

We recently spotted fake installers of popular software being used to deliver bundles of malware onto victims’ devices. These installers are widely used lures that trick users into opening malicious documents or installing unwanted applications...

This Week in Security News - September 24, 1021

Water Basilik Uses New HCrypt Variant to Flood Victims With RAT Payloads & Biden Administration Issues Sanctions To Counter Ransomware...

Examining the Cring Ransomware Techniques

In this entry, we look at the techniques typically employed by the Cring ransomware, as well as the most affected regions and industries...

Virtual Event: Google Cloud Next | October 12 – 14

Level-up your skills and uncover what’s next for cloud by registering for the virtual Google Cloud Next conference starting Oct. 12, 2021...

Cyberattacks from all Angles: 2021 Midyear Report

We look at the most pertinent cybersecurity issues organizations across the globe faced in the first half of 2021...