2303 matches found
Tesla “Recalls” Vehicles in China due to Safety Glitch
The recall affects over 200,000 Models 3 and Y vehicles...
With 5G coming, it’s time to plug security gaps
With 5G introducing new risks, many are finding they don’t have the visibility, tooling or resources to manage such networks securely...
The Underground Exploit Market and the Importance of Virtual Patching
Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life cycle of exploits, the kinds of buyers and sellers who transact, and the business models that are in effect in the underground...
Shifting Security Left with Trend Micro and Snyk
Explore how to foster a DevSecOps culture by securing open source code in the early stage of the DevOps process...
July Patch Tuesday: DNS Server, Exchange Server Vulnerabilities Cause Problems
After two relatively quiet months, July has proven to be another busy month for Microsoft security bulletins. A total of 117 bulletins were issued for various security vulnerabilities fixed in the July Patch Tuesday cycle...
Survey: Phishing & Ransomware Attacks are Top Concerns
Ransomware and phishing attacks will continue to be utilized and will likely see increases in their usage by malicious actors in targeting their victims. Learnings and recommendations from report to improve your prevention and response to these threats...
ETSI Publishes IoT Testing Specs for MQTT, COAP
On June 25, 2021, ETSI released its new IoT Testing Specifications completed by the organization’s committee on Methods for Testing and Specifications. The documents contain seven standards addressing the testing of the IoT MQ Telemetry Transport MQTT and Constrained Application Protocol CoAP...
#NoFilter: Exposing the Tactics of Instagram Account Hackers
What tactics do Instagram account hackers use? What do these cybercriminals do with stolen accounts? How can users protect their accounts? We look into Instagram account hacking incidents from a security researcher’s perspective and share recommendations for users of Instagram and other social...
This Week in Security News - July 9, 2021
Kaseya hit with ransomware attack and top 3 mobile threat takeaways from MWC...
BIOPASS RAT: New Malware Sniffs Victims via Live Streaming
We discovered a new malware that targets online gambling companies in China via a watering hole attack, in which visitors are tricked into downloading a malware loader disguised as a legitimate installer for well-known apps such as Adobe Flash Player or Microsoft Silverlight...
Summer of Cybercrime Continues: What To Do
We recently coined this as the Summer of Cybercrime. Major ransomware attacks continue to hit companies globally. The attacks can cause significant damage, from a financial, reputation and productivity standpoint...
Security for AWS Lambda Serverless Applications
Serverless computing is another beautiful cloud-based advancement for developers. But, like all applications, proper security is required to maximize the benefits. Learn more in this article...
How to navigate open source licensing risks
Vulnerabilities aren't the only risk that comes with open source software use. Learn how you can best mitigate licensing risks to ensure your team is meeting all legal requirements while building with open source code...
Threats Ride on the Covid-19 Vaccination Wave
We continue monitoring cybercriminals and threats that abuse the pandemic. In this update, we detail trends in malicious activities and deployments that exploit vaccination developments and processes worldwide...
Tracking Cobalt Strike: A Trend Micro Vision One Investigation
Cobalt Strike is a well-known beacon or post-exploitation tool that has been linked to several ransomware campaigns. This report focuses on the process of uncovering its tracks in order to fully contain and remove a malware infection...
IT Management Platform Kaseya Hit With Sodinokibi/REvil Ransomware Attack
Kaseya has been hit with a REvil aka Sodinokibi ransomware attack at the dawn of the Fourth of July weekend. The attack was geared toward their on-premises VSA product...
This Week in Security News July 2, 2021
Nefilim ransomware attack through a MITRE Att lens and PoC exploit circulating for critical Windows Print Spooler bug, and more...
Why SecOps Need A Cybersecurity Platform
Our global study polled more than 2,300 IT security decision makers to discover how to best assist and support SecOps teams so you can be more resilient...
XDR Security : More Security. More Savings.
You don’t have to sacrifice security for savings. Discover the business, security, and financial benefits of the XDR capabilities of Trend Micro Vision One in the ESG Economic Validation report...
PurpleFox Using WPAD to Target Indonesian Users
The PurpleFox Exploit Kit is now being distributed via WPAD attacks targeting Indonesian users...
Software composition analysis 101
Open source is everywhere. Learn how software composition analysis can automate open source management to secure your applications...
Top Countries With ICS Endpoint Malware Detections
The Trend Micro research paper, "2020 Report on Threats Affecting ICS Endpoints,” presents findings on ICS endpoints and the threats that plague them. From these findings, we rounded up the list of the top ten countries with the most malware and grayware detections...
Best Practices for Social Media Security
Social media is a double-edged sword, and as we celebrate SocialMediaDay, let’s remember to use best security practices to keep us safe from malicious actors who abuse the platforms...
Still Leading In Endpoint And Cloud Workload Security
Cloud workload security and endpoint protection are key to managing security risk. Two new independent IDC reports help CISOs consider their strategic partner options...
3 Major Benefits of Cloud Migration: Cloud Compliance
Part of a secure cloud migration strategy is ensuring compliance of all the moving pieces. Just like your cloud journey, compliance isn’t a final destination. Discover how to leverage cloud security tools to ensure compliance is met along the way...
How DevOps can meet HIPAA compliance standards
Meet business compliance needs without interrupting your workflow...
Secure Secrets: Managing Authentication Credentials
Secret management plays an important role in keeping essential information secure and out of threat actors’ reach. We discuss what secrets are and how to store them securely...
MITRE Engenuity™ ATT&CK Evaluations & Framework
With the MITRE ATT Framework, you can simplify security communications across your organization while providing visibility to your security teams...
#LetsTalkSecurity: Adapt or Die
Let's Talk Security: Season 02 // Episode 02: Host, Rik Ferguson, interviews Forrester Analyst, Allie Mellen. Together they discuss to adapt or die...
Nefilim Ransomware Attack Through a MITRE Att&ck Lens
Follow the story of Company X as they suffer an attack from the notorious modern ransomware family, Nefilim, and their affiliates, to learn how you can better mitigate against the common tactic and techniques used in these attacks...
This Week in Security News June 25, 2021
Fake DarkSide campaign targets energy and food sectors and Tulsa police-citation data leaked by Conti Gang...
Build a Complete Cloud Visibility Strategy
Trend Micro Cloud One + New Relic come together to offer complete cloud visibility...
Protecting Against Recent Ransomware Attacks
Modern ransomware attacks targeting large enterprises continue to evolve from double to triple or even quadruple extortion tactics. Discover how to stay one step ahead with our case study of the ransomware family, Nefilim...
Cloud-Native Security: More Security Observability
Explore observability vs. visibility, how they differ, how they are intertwined, and why they should be incorporated into your security strategy...
NIST Guidelines for Containerized Application Security
Learn how to secure containers and protect against breaches...
The Importance of Being the Leader in Public Vulnerability Research
You can't stop what you don't know about. See how our leadership in vulnerability disclosures can protect you faster...
Are Tax Breaks Encouraging Ransom Payments?
Why tax deductions for ransom payments send the wrong signals to threat actors and their victims...
NukeSped Copies Fileless Code From Bundlore, Leaves It Unused
While investigating samples of NukeSped, a remote access trojan RAT, Trend Micro came across several Bundlore adware samples using the same fileless routine that was spotted in NukeSped...
Consolidate For A Secure Digital Transformation
The expedited move to digital transformation has been a lifeline for organizations during the pandemic. Now that these investments have been made, what’s next to continue to drive operational improvements?...
Security Resources Now on AWS CloudFormation Templates
Trend Micro is helping customers natively deploy Infrastructure as Code IaC resources for security the same way as cloud native infrastructure in collaboration with AWS CloudFormation...
Fake DarkSide Campaign Targets Energy and Food Sectors
Threat actors behind a recent campaign pose as DarkSide in a bid to deceive targets into paying ransom...
This Week in Security News June 18, 2021
Bash ransomware targets Linux Distributions and Trend Micro touts zero trust risk insights...
Employee Excellence within Trend Micro
The team behind a company is the reason for its success. At Trend Micro, we are proud to have a team filled with intelligent individuals who foster innovation to solve tomorrow's challenges to secure our digital world today...
Prove PCI DSS Compliance with Automation
Meet PCI DSS compliance needs without interrupting your workflow...
Amazon Prime Day: Big Sales, Big Scams
For many people, major online shopping events such as the annual Amazon Prime day — which falls on June 21 this year — presents a unique opportunity to purchase goods at heavily discounted prices. However, shoppers are not the only ones looking to benefit — cybercriminals are also looking to prey...
Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions
We investigate how certain hacking tools are used to move laterally on victims’ networks to deploy ransomware. These tools contain reconnaissance/spreader scripts, exploits for Red Hat and CentOS, binary injectors, and more. In this blog, we focus on analyzing the worm and ransomware script...
Is this the “Summer of Cybercrime”?
Summer is just around the corner, and malicious actors don’t seem to be planning a vacation as cybercrime continues to ramp up. Learn some security recommendation you can implement to help minimize the risk of compromise...
Increase visibility for on-premise and cloud workloads
Ensure each of your cloud workloads are properly managed, protected, and patched - without the slow down...
An Expert Discussion on Zero Trust
Zero Trust is the key strategy moving forward to secure the always changing hybrid workplace. Listen in as two of our industry experts discuss how risk insights are key component of Zero Trust security...
This Week in Security News June 11, 2021
The post-pandemic security landscape and the banning of ransomware payments could create new crisis situations...