2303 matches found
Trend Micro and JC3 Study on Fraud, Phishing Targeting Japanese Users
This blog details the aspects of two major phishing fraud groups identified from the research and analysis. This study was also announced via separate press releases from Trend Micro Incorporated and JC3...
How Enterprises can Deflect Million-Dollar Ransomware Demands
Blue-chip businesses are not the only ones that have been hit hard by the recent ransomware strikes. We outline some best practices and countermeasures to avert any shakedowns at the hands of cybercriminals...
3 Major Benefits of Cloud Migration: Visibility
On the fence about migrating to the cloud because security seems complex and abstract? Let go of your on-premises point products and discover how using a platform with enhanced visibility can help smooth the security for your cloud journey...
#LetsTalkSecurity: Transformational Security
Let's Talk Security: Season 02 // Episode 01: Host, Rik Ferguson, interviews Business Information Security Officer from S Global Ratings, Alyssa Miller. Together they discuss transformational security...
The U.S. EO on Ransomware: What Does it Mean? – Part 2
The White House is urging companies to do more to stem the tide of ransomware attacks now that they are starting to impact critical infrastructure and supply chains. It is a good start, but what will be the implication of this to U.S. businesses?...
June Patch Tuesday: Internet Explorer Finally Laid to Rest
The June 2021 Patch Tuesday cycle offers good news to both IT and website administrators...
5 #TrendTips To Build Better in the Cloud
You have multiple cloud service provider accounts and you want to make sure that you are deploying everything in a well-architected fashion to avoid future security headaches. Here's where to begin...
Looking Ahead: The Post-Pandemic Security Landscape
One year into the pandemic, our team at Trend Micro discussed the lasting impact that Covid-19 will have on people’s way of life and what a post-pandemic “new normal” might look like...
This Week in Security News June 4, 2021
Cyberattack hits JBS meat works in Australia, North America and DarkSide Targets Virtual Machines...
Network Policies to Help Reduce Risk and Improve Security
Cloud workloads frequently require internet access, and as we know, anything accessing the internet can be breached. This article explores simple tactics such as access level restriction and overlaying threat intelligence to enhance your security posture...
CVE-2021-30724: CVMServer Vulnerability in macOS and iOS
We discovered a vulnerability in macOS, iOS, and iPadOS rooted in the CVMServer. The vulnerability, labeled CVE-2021-30724, can allow threat actors to escalate their privilege if exploited...
Preventing Multi-layered Cybersecurity Threats
It’s 2021, and this rapidly evolving threat landscape requires partnership with a trusted cybersecurity expert, who can provide protection across distributed endpoints, networks, cloud infrastructure, and hybrid environments...
5 #TrendTips For Better File Storage Security
Here are 5 TrendTips to secure valuable files and objects stored in the cloud via services like Amazon S3...
DarkSide on Linux: Virtual Machines Targeted
We focus on the behavior of the DarkSide variant that targets Linux. We discuss how it targets virtual machine-related files on VMware ESXI servers, parses its embedded configuration, kills virtual machines VMs, encrypts files on the infected machine, collects system information, and sends it to...
This Week in Security News - May 28, 2021
Nearly 50,000 IPs Compromised in Worm-like TeamTNT Attack and Misconfigurations are the Biggest Threat to Cloud Security...
Manage Open Source Code Security Risks
Open source code is in the vast majority of commercial softwares today. Learn best practices to mitigate the unique risks that accompany its use...
Threats From a Compromised 4G/5G Campus Network
5G acts as a catalyst for change for industrial environments. One part of its deployment is the 4G/5G campus network for some organizations. In our research we delve into the security risks and implications of this technology...
Simple Application Security Integrations for DevOps
Explore why application security matters and how you can integrate it into your build process without added stress or interruption...
Personal & Professional Challenges Facing SecOps Teams
On the frontline: revealing the personal and professional challenges facing SecOps teams. New research shows that security teams are struggling with overwhelming workloads, and organizations are lacking the solution...
TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack
We have found and confirmed close to 50,000 IPs compromised by this attack perpetrated by TeamTNT across multiple clusters. Several IPs were repeatedly exploited during the timeframe of the episode, occurring between March and May...
SecOps: Tips for reducing open source vulnerabilities
Check out this infographic to gain insight on enabling a strong DevSecOps culture by ensuring open source code is secure, allowing developers to build quickly and meet business objectives...
How to improve security for Amazon S3 buckets
Avoid post-deployment headaches by increasing the security of your Amazon S3 buckets and the objects stored within during the early phases of development...
This Week in Security News May 21, 2021
ZDI Tops Omdia Vulnerability Disclosures Again and Robots May Take Over Cybercrime by 2030...
Secure Cloud Migration 101
Cloud migration is a journey not a destination. Learn the basics of security for making the gradual switch so you can get the most out of what the cloud has to offer...
Open Source Vulnerabilities Converging DevOps & SecOps
Open Source Vulnerabilities can be challenging to the already strained DevOps and SecOps relationship. Learn how increased visibility from the right can help prevent and close the long-standing cultural gap between the teams...
The creation and success of a documentation site
Gain a better understanding of why collaboration between developers and writers is necessary to create a successful documentation site...
ZDI Tops Omdia Vulnerability Disclosures Again
The Trend Micro Zero Day Initiative ZDI again dominated the number of disclosed vulnerabilities for the 13th year in a row based on Omdia’s research into the vulnerability disclosure market. Read More...
Container Security First Steps: Image and Registry Scanning
Learn to secure your containers with image and registry scanning. This article explores key container vulnerabilities, and how to guard against them with cloud security tools like policy-based deployment control...
TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software
We found new evidence that the cybercriminal group TeamTNT has extended its credential harvesting capabilities to include multiple cloud and non-cloud services...
Stop Ransomware Groups Who Weaponize Legitimate Tools
The ongoing game of cat and mouse – cybercriminals vs security teams – continues with the latest evolution in ransomware...
This Week in Security News May 14, 2021
May Patch Tuesday Offers Relative Respite and What We Know About DarkSide Ransomware and the US Pipeline Attack...
The Cybersecurity Executive Order: What does it mean?
While much of the EO may not be new or bold concepts, the potential for long term impact to federal cybersecurity is high and immediate...
What We Know About the DarkSide Ransomware and the US Pipeline Attack
Trend Micro Research found dozens of DarkSide ransomware samples in the wild and investigated how the ransomware group operates and what organizations it typically targets...
Protect Kubernetes Clusters with Admission Controller
Discover the power of admission controllers. Container security can be challenging, but this article will teach you how to guard your Kubernetes clusters against threats by screening containers before they even initialize...
May Patch Tuesday Offers Relative Respite
Compared to the previous months of 2021, this month’s Patch Tuesday cycle is a slight lull. Only 55 vulnerabilities were fixed this month, with only four of these classified as Critical...
DevOps Teams can meet NIST compliance standards with automation
Meet business compliance needs without interrupting your workflow...
Tips to avoid the new wave of ransomware attacks
There have been a lot of changes in ransomware over time. We want to help you protect your organization from this growing attack trend...
Open source protection that security teams will love
Open source code is the gateway to quick application deployment – see how Trend Micro and Snyk have partnered up to create developer-friendly security for your open source components...
Open source protection that security teams will love
Open source code is the gateway to quick application deployment – see how Trend Micro and Snyk have partnered up to create developer-friendly security for your open source components...
Physical Datacenter Security and Threat Mitigation
Physical security may have more of an impact on cloud operations than you think...
This Week in Security News May 7, 2021
New Panda Stealer Targets Cryptocurrency Wallets and Apple Releases Urgent Security Patches for Zero-Day Bugs...
Shift Left: Moving Container Security into the Dev, Test, and Build Process
Learn how you can use a DevOps methodology that optimizes application deployments and provides greater security for containers. This article explains how to move security into the container creation process in the DevOps workflow...
Proxylogon: A Coinminer, a Ransomware, and a Botnet Join the Party
Our telemetry showed three malware families taking advantage of the ProxyLogon vulnerability beginning in March: the coinminer LemonDuck was sighted first, quickly followed by the ransomware BlackKingdom, then the Prometei botnet...
Mutated Scams: How to Protect Yourself from Pandemic-Fueled Cyberfraud
Scammers took advantage of the surge in online activity during the pandemic, targeting businesses and buyers that were settling into new ways of transacting...
New Panda Stealer Targets Cryptocurrency Wallets
In early April, we observed a new information stealer called Panda Stealer being delivered via spam emails. Based on Trend Micro's telemetry, United States, Australia, Japan, and Germany were among the most affected countries during a recent spam wave...
MITRE ATT&CK for Containers: Why It Matters
The complexity of containers demands something to make sense of it all. Builders, operations teams and security teams need a single language to understand the risk associated with containers...
How Cybercriminals Abuse OpenBullet for Credential Stuffing
In this blog, we detail how cybercriminals exploit OpenBullet, a legitimate web-testing software, to brute-force their way into targeted accounts...
This Week in Security News - April 30, 2021
Hacktivism’s reemergence explained and Hello ransomware uses updated China Chopper web shell...
5 #TrendTips for Lifecycle Security for Containers
Learn how to manage all of the moving parts when implementing pre-runtime and runtime container security...
Weaponized Deepfakes Are Getting Closer to Reality
The first malicious use of video deepfakes may have been observed, making one of Trend Micro’s long-standing predictions a looming reality...