Biden Releases Memo on Critical Cybersecurity Infrastructure Bill

The US president announces the creation of a new cybersecurity initiative, aiming to improve the security of critical infrastructure control systems. New performance goals will also be made, ensuring a consistent baseline for cybersecurity...

August Patch Tuesday: A Quiet Month for Microsoft

August proves to be a quieter month for Microsoft, after an eventful July. This month, there were only 44 security bulletins, part of which are three Print Spooler flaws and a further fix for PetitPotam...

ENISA says System Failure is on the Rise

The agency’s latest reports said that system failure comprises more than half of telecom incidents for 2020. Sixty-nine percent of incidents also affected the qualified trust services during the same year...

Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications

Since June 2021, we’ve been monitoring an in-development ransomware builder called Chaos, which is being offered for testing on an underground forum...

Micro Frontend Guide: Overview

How can you get the most out of your web applications? Explore why Micro Frontend is ideal for evolving organizations...

An expert discussion on XDR

Discover why industry veteran and former Gartner analyst, Greg Young, believes that XDR is the most exciting thing that has happened in cybersecurity in the last 20 years...

Optimize Your Incident Response Planning with the MITRE Framework

Threat research experts discuss the evolving landscape and how the MITRE ATT framework can help optimize incident response across your organization...

The Economics of XDR

Pulling from recent data and research, security experts discuss the value that organizations have seen from adopting extended detection and response XDR solutions...

Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising

We found a new social engineering-based malvertising campaign targeting Japan that delivered a malicious application. The malicious application abused sideloading vulnerabilities to load and start the Cinobi banking trojan...

Manage Cloud Compliance During Digital Transformation

Explore the latest compliance challenges and the top 3 issues facing security leaders in 2022 with Cristin Flynn Goodwin from Microsoft and Greg Young from Trend Micro...

This Week in Security News - August 6, 2021

This week, learn how false advertisers use spam browser notifications to gain ad revenue. Also, read about the results from Trend Micro’s first half 2021 biannual Cyber Risk Index report...

3 Major Benefits of Cloud Migration: Automation

Learn more about how automated security controls, policies, and scans can simplify security...

Supply Chain Attacks from a Managed Detection and Response Perspective

In this blog entry, we will take a look at two examples of supply chain attacks that our Managed Detection and Response MDR team encountered in the past couple of months...

Curb Your Cyber Risk

Global cyber risk is at an all-time high. Understand how you can lower yours...

The First Half of 2021 Cyber Risk Index

Learn about the current state of cyber risk organizations are facing today based on the Cyber Risk Index results for the first half of 2021...

Cybercrime: Today and the Future

Trend Micro Research experts Erin Sindelar and Rik Ferguson use current trends and data to paint a picture of cybercrime in 2021 and shine a light on what it could look like in 2030...

Automate Malware Quarantining for Workloads

Leverage automated and programmable APIs to quickly secure and quarantine workloads without interrupting downstream workflows...

Homeland Security Releases New Cybersecurity Rules

DHS's second issue requires pipeline operators to implement various cybersecurity measures to protect their operations from cyber attacks. This directive also builds upon the department's May directive following the Colonial Pipeline attack...

Reality Check: The Future is Closer Than You Think

Trend Micro Chief Marketing Officer, Leah MacMillan, discusses why this is the ideal moment to leverage the investments you are making in digital transformation to drive your business forward even faster but without adding significant new risk...

AWS Marketplace Talks Secure Digital Transformation

Spurred on by the pandemic, digital transformation continues to accelerate. Chris Grusz, director of AWS Marketplace and Control Tower, discusses how security teams can leverage this transformation to securely innovate and drive better business outcomes...

Our vision for a cybersecurity platform

Trend Micro co-founder and CEO Eva Chen discusses our latest vision, strategy, and cybersecurity platform approach at Perspectives 2021...

Browser Notification Spam Tricks Clicks for Ad Revenue

As many countries reintroduced lockdowns and restrictions, more people are once again stuck at home. Not only are people possibly bored at home, but many major sporting events are taking place. This brings fans to streaming sites to watch the games and inadvertently becoming victims of a major...

This Week in Security News - July 30, 2021

Threat Actors Exploit Apache Hadoop YARN and BlackMatter Ransomware Claims to Be Best of REvil, Darkside...

#LetsTalkSecurity: What Could Possibly Go Wrong?

Let's Talk Security: Season 02 // Episode 04: Host, Rik Ferguson, interviews the Head of Cyber Security for Moonpig, Tash Norris. Together they question, what could go wrong in the world of cyber security?...

An Expert Discussion on Zero Trust

The future has grown to be uncertain, so has the security of your critical data. Trend Micro experts discuss how the Zero Trust strategy was born of organizations’ growing need for better risk insight...

DevSecOps Training - Data Center Attack: The Game

See what it’s like as a security decision maker in Data Center Attack: The Game. Will your decisions help save lives?...

Risks in Telecommunications IT

We summarize the characteristics, threats, and recommendations to improve the security posture of enterprises' and telecommunications companies' IT infrastructure...

Protection from Malware and AWS Bucket Leaks

You can’t control the weather. But you can safeguard your downstream infrastructure investment...

Newark Releases Latest Global IoT Trends Report

The latest trend report also said that security concerns negatively impact the adoption of IoT technologies and the growth of Industry 4.0...

New Collaboration with Adobe and MAPP

Collaboration with industry partners is helping secure the digital world by distributing Trend Micro vulnerability information to security vendors more quickly so they can enhance protection for their customers...

Threat Actors Exploit Misconfigured Apache Hadoop YARN

We look into how threat actors are exploiting Apache Hadoop YARN, a part of the Hadoop framework that is responsible for executing tasks on the cluster. This analysis covers the payloads deployed, the tactics used in the attacks, and basic recommendations for strengthening cloud security...

#LetsTalkSecurity: The New Digital Normal

Let's Talk Security: Season 02 // Episode 03: Host, Rik Ferguson, interviews Founder & CEO of MyConnectedHealth, Tyler Cohen Wood. Together they discuss the new digital normal...

5GAA & Global Certification Forum Connect on New Cert.

The Global Certification Forum GCF and the 5G Automotive Association 5GAA announced their collaboration on a new program that will support the drive for interoperability, reliability, and safety of up and coming C-V2X systems...

A Cloud Migration Strategy with Security Embedded

Learn how to build a cloud migration strategy that keeps security in mind...

This Week in Security News - July 23, 2021

StrongPity APT Group Deploys Android Malware for the First Time and STIX Cyberthreat Sharing Standards Approved...

Respect in Security: Anti-Harrassment Initiative

Respect in Security aims to make a concrete difference to the levels of abuse and harassment that are unfortunately all too common in our industry...

Updated XCSSET Malware Targets Telegram, Other Apps

In our last update on the XCSSET campaign, we updated some of its features targeting latest macOS 11 Big Sur. Since then, the campaign added more features to its toolset, which we have continually monitored. We have also discovered the mechanism used to steal information from various apps, a...

Safeguarding against cryptomining attacks

A look at popular coinmining attacks and how Trend Micro can help protect you...

Reduce Instances of Covid-19 Phishing Email Attacks

The Covid-19 pandemic has created an unlimited supply of news and topics for cybercriminals to utilize in their attacks, as well as major organizations to spoof. Learn what your organization can do to combat these timely threats...

StrongPity APT Group Deploys Android Malware for the First Time

We recently conducted an investigation into a malicious Android malware sample, which we believe can be attributed to the StrongPity APT group, that was posted on the Syrian e-Gov website. To the best of our knowledge, this is the first time that the group has been publicly observed using malicio...

Secure Your Images with AWS Lambda Serverless Functions

NEW on AWS Lambda: Learn how to package up your serverless functions as container images...

TeamTNT Campaigns Emphasize Importance of Addressing Cloud Security Gaps

Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research that encompasses the malicious actor group’s campaigns, tools, and techniques in 2020 and early 2021...

Prevent Cyber Risk as a Managed Service Provider (MSP)

MSPs – Say no to the next Ransomware! Protect your Business 24x7 with Trend Micro’s security analysts...

This Week in Security News - July 16, 2021

Trends and Shifts in the Underground N-Day Exploit Market and Scams Make Getting Verified on Social Media a Minefield...

5 #TrendTips for Open Source Security

You use many application development tools to create your next masterpiece, but you also need to ensure you're not bringing open source security risks into the equation. Find out how in this article...

Main Considerations for Securing Enterprise 5G Networks

5G brings countless benefits to enterprises through its scalability, speed, and connectivity. However, these very same features might actually amplify the damage caused by threats if they do infiltrate systems. Security should be a prime concern for enterprises that use 5G networks...

Tesla “Recalls” Vehicles in China due to Safety Glitch

The recall affects over 200,000 Models 3 and Y vehicles...

With 5G coming, it’s time to plug security gaps

With 5G introducing new risks, many are finding they don’t have the visibility, tooling or resources to manage such networks securely...

Shifting Security Left with Trend Micro and Snyk

Explore how to foster a DevSecOps culture by securing open source code in the early stage of the DevOps process...

The Underground Exploit Market and the Importance of Virtual Patching

Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground...