Perspectives Summary – What You Said

On Thursday, June 25, Trend Micro hosted our Perspectives 2-hour virtual event. As the session progressed, we asked our attendees, composed of +5000 global registrants, two key questions. This blog analyzes those answers. First, what is your current strategy for securing the cloud? Rely completel...

Principles of a Cloud Migration

Development and application teams can be the initial entry point of a cloud migration as they start looking at faster ways to accelerate value delivery. One of the main things they might use during this is “Infrastructure as Code,” where they are creating cloud resources for running their...

This Week in Security News: XORDDoS and Kaiji Botnet Malware Variants Target Exposed Docker Servers and Ripple20 Vulnerabilities Could Impact Millions of IoT Devices

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about two recently detected variants of existing Linux botnet malware types targeting exposed Docker servers. Also, read about a group...

8 Cloud Myths Debunked

Many businesses have misperceptions about cloud environments, providers, and how to secure it all. We want to help you separate fact from fiction when it comes to your cloud environment. This list debunks 8 myths to help you confidently take the next steps in the cloud. The post 8 Cloud Myths...

Healthcare Enterprises Share Risk Reduction Insight

Healthcare organizations are subject to strict regulations, including data security and privacy. Three enterprises discuss risk reduction within a sector where a data leak could prove disastrous...

Reduce the Attack Surface of Your Container Images

Follow along as Chuck Losh, Solutions Architect, walks through a new way of thinking in how to construct distroless images from Google, using an example of a multi-stage Dockerfile method...

Knowing your shared security responsibility in Microsoft Azure and avoiding misconfigurations

Trend Micro is excited to launch new Trend Micro Cloud One – Conformity capabilities that will strengthen protection for Azure resources. As with any launch, there is a lot of new information, so we decided to sit down with one of the founders of Conformity, Mike Rahmati. Mike is a technologist a...

The Fear of Vendor Lock-in Leads to Cloud Failures

Vendor lock-in has been an often-quoted risk since the mid-1990’s. Fear that by investing too much with one vendor, an organization reduces their options in the future. Was this a valid concern? Is it still today? The Risk Organizations walk a fine line with their technology vendors. Ideally, you...

Protect Cloud Workloads with Azure Sentinel

Looking for SIEM and SOAR integration for your Trend Micro Cloud One™ – Workload Security investment? Learn how you can get Azure Sentinel capabilities added to Workload Security and how this integration can create a more valuable solution...

Cloud Assurance from Infrastructure to App

In this webinar, Trend Micro and IDC explain the importance of security guardrails in Amazon Web Services AWS and Microsoft® Azure™ play in obtaining cloud operational excellence...

This Week in Security News: Intel Says ‘Tiger Lake’ Will Drown Control-Flow Malware and New Phishing Campaign Targeting Office 365 Exploits Brand Names

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how the next generation of Intel mobile processors will include malware protection built into the chip. Also, read about a new...

How to Fix Security Misconfigurations Automatically

Mistakes happen, but what happens if someone accidentally introduces a misconfiguration into your public cloud account. Explore the auto-remediation capabilities offered by Trend Micro and unburden your team from manually cleaning up the mess...

Open Doors with Cloud Security Posture Management (CSPM)

Gain insights into the importance of being well-architected during the deployment process and how to quickly remediate risks by shifting best practice checks to the earliest phase of the CI/CD pipeline...

This Week in Security News: Microsoft June Patch Tuesday Fixes 129 Flaws in Largest-Ever Update and New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about Microsoft’s largest-ever Patch Tuesday update including 129 CVEs. Also, read about a new Android Spyware dubbed ActionSpy. Read...

Trend Micro Guardian: Protecting Your Kids On-the-Go

Some smart devices are not limited to use on the home network; for instance, your child’s mobile phone or tablet. Keeping your kids safe on these on-the-go devices means extending your security policies beyond the home. Trend Micro Home Network Security HNS makes it easy with its complementary ap...

Bridging the Cloud Communication Gap. #LetsTalkCloud

The conversation between you and your Board of Directors is not always a walk in the park. With more and more cloud projects coming your way, it’s time to change the conversation to speak their language and start smoothing out the journey...

Not Just Good Security Products, But a Good Partner

The analyst firm Canalys annually produces their Cybersecurity Leadership Matrix. Whereas many third-party assessments are looking at just the security product, this one focuses on the value to channel partners. Sidebar: what is the channel? If you aren’t actively buying or selling cybersecurity...

This Week in Security News: Google Faces Privacy Lawsuit Over Tracking Users in Incognito Mode and TrickBot Adds Enterprise-grade Module to Malware Arsenal

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about a new module for the infamous trojan known as TrickBot that has been deployed. Also, read about Google’s $5 billion class-action...

Message from Eva Chen – as a human being, not a CEO: We need to speak out and act against racism

I would like to express my outrage over the brutal killings of George Floyd, Breonna Taylor, and Ahmaud Arbery – not as the CEO of an international company, but as a human being and a citizen of the world. It makes me very sad, but also intensely frustrated and angry to realize how little is bein...

This Week in Security News: How the Cybercriminal Underground Has Changed in 5 Years and the NSA Warns of New Sandworm Attacks on Email Servers

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn about how, over the past five years, the cybercriminal underground has seen a major shift to new platforms, communications channels,...

Exploring Common Threats to Cloud Security

The adoption of cloud services helps drive agility, differentiation, and progress. But like any technological progress, cyber risks are attached. IT leaders need to embrace a more holistic, simpler way to manage security...

Principles of a Cloud Migration – Security W5H – The HOW

“How about… ya!” Security needs to be treated much like DevOps in evolving organizations; everyone in the company has a responsibility to make sure it is implemented. It is not just a part of operations, but a cultural shift in doing things right the first time – Security by default. Here are a f...

Securing the Connected World with Support for The Shadowserver Foundation

If the first few months of 2020 have taught us anything, it’s the importance of collaboration and partnership to tackle a common enemy. This is true of efforts to fight the current pandemic, and it’s also true of the fight against cybercrime. That’s why Trend Micro has, over the years, struck...

21 Tips to Stay Secure, Private, and Productive as You Work from Home on Your Mac

Nowadays, Macs are part of the work-from-home workforce during the COVID-19 pandemic. If you’ve brought a Mac from the office to home, it’s likely your IT department has already set it up to meet your company’s security policies. But what if you’re enlisting a Mac already at home to do duty for...

Is Cloud Computing Any Safer From Malicious Hackers?

Cloud computing has revolutionized the IT world, making it easier for companies to deploy infrastructure and applications and deliver their services to the public. The idea of not spending millions of dollars on equipment and facilities to host an on-premises data center is a very attractive...

How the Cybercriminal Underground Has Changed in 5 Years

The cybercrime economy is one of the runaway success stories of the 21st century — at least, for those who participate in it. Estimates claim it could be worth over $1 trillion annually, more than the GDP of many countries. Part of that success is due to its ability to evolve and shift as the...

This Week in Security News: New Bluetooth Vulnerability Exposes Billions of Devices to Hackers and Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a new security vulnerability in Bluetooth that could potentially allow an attacker to spoof a remotely paired device. Also, learn...

Integrate Security Into DevOps and IaC

This article provides recommendations on implementing security into your CI/CD and infrastructure as code pipeline, and most importantly, how to enable both security and DevOps to start speaking each other’s languages...

This Week in Security News: How Researchers Used an App Store to Demonstrate Hacks on a Factory and Microsoft Again Surpasses 100 Vulnerabilities on Patch Tuesday

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how researchers at Trend Micro used an app store to demonstrate hacks on a manufacturing facility. Also, learn about this month’s...

From Bugs to Zoombombing: How to Stay Safe in Online Meetings

The COVID-19 pandemic, along with social distancing, has done many things to alter our lives. But in one respect it has merely accelerated a process begun many years ago. We were all spending more and more time online before the virus struck. But now, forced to work, study and socialize at home,...

Protect Your Cloud Workloads using IaC

Get step-by-step instructions on how to perform an automated security deployment utilizing Terraform by Hashicorp, an Azure Custom-Script Extension, and a Trend Micro Cloud One™ deployment script stored in an Azure Key Vault...

Securing Smart Manufacturing

“Alexa, turn on the TV.” ”Get it yourself.” This nightmare scenario could play out millions of times unless people take steps to protect their IoT devices. The situation is even worse in industrial settings. Smart manufacturing, that is, Industry 4.0, relies on tight integration between IT system...

Protect Your Container Images and CI/CD Pipeline

Ever wonder if the container images you provide to customers have been checked for vulnerabilities, malware, and other malicious threats? Read this article on how to easily and quickly set up protection for your container images and CI/CD pipeline...

Principles of a Cloud Migration – Security W5H – The WHERE

“Wherever I go, there I am” -Security I recently had a discussion with a large organization that had a few workloads in multiple clouds while assembling a cloud security focused team to build out their security policy moving forward. It’s one of my favorite conversations to have since I’m not jus...

This Week in Security News: 7 Tips for Security Pros Patching in a Pandemic and Coinminer, DDoS Bot Attack Docker Daemon Ports

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a malicious cryptocurrency miner and Distributed Denial of Service DDoS bot that targets open Docker daemon ports. Also, learn...

Teaming up with INTERPOL to combat COVID-19 threats

If the past couple of months have taught us anything, it’s that partnerships matter in times of crisis. We’re better, stronger and more resilient when we work together. Specifically, public-private partnerships matter in cybersecurity, which is why Trend Micro is always happy to reach out across...

Secure Your Azure Active Directory Domain Controllers

Working from home has become the new norm. In this article, we dive into why it is time to part ways with your on-premises domain controllers, get your devices registered to the Microsoft® Azure®, and enable a secure work from home environment...

This Week in Security News: Shade Ransomware Shuts Down, Releases Decryption Keys and WebMonitor RAT Bundled with Zoom Installer

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about how the operators of the Shade Troldesh ransomware have shut down and released more than 750,000 decryption keys. Also, learn abo...

Principles of a Cloud Migration – Security W5H – The When

If you have to ask yourself when to implement security, you probably need a time machine! Security is as important to your migration as the actual workload you are moving to the cloud. Read that again. It is essential to be planning and integrating security at every single layer of both...

Why Organizations Need to Simplify Cybersecurity

The emergent adoption of cloud services helps organizations drive agility, differentiation, and progress. But like with any technological progress, the cyber risks attached grow right alongside it. This exemplifies that the need for IT leaders to adopt a more holistic, simpler way to manage...

How to Secure Applications Using Security as Code

Follow along as Chuck Losh, Solutions Architect, uses Azure App Service, Visual Studio Code, GitHub, and PHP to run an experiment on how to secure applications using security as code from Trend Micro Cloud One™ – Application Security...

CISOs Are Demanding Detection and Response Everywhere

As digital transformation increases the corporate attack surface, IT leaders require enhanced visibility, detection, and response—not just at the endpoint, but across all key IT layers...

Trend Micro’s Top Ten MITRE Evaluation Considerations

The introduction of the MITRE ATT&CK evaluations is a welcomed addition to the third-party testing arena. The ATT&CK framework, and the evaluations in particular, have gone such a long way in helping advance the security industry as a whole, and the individual security products serving the market...

#LetsTalkCloud: The Unicorn Project Principles

Let's Talk Cloud: Season 02 // Episode 06: Host, Mark Nunnikhoven, interviews Trend Micro Developer, Madeline Van Der Paelt. Together they dive into the core principles enumerated in Gene Kim's book, The Unicorn Project...

Principles of a Cloud Migration – Security, The W5H – Episode WHAT?

Teaching you to be a Natural Born Pillar! Last week, we took you through the “WHO” of securing a cloud migration here, detailing each of the roles involved with implementing a successful security practice during a cloud migration. Read: everyone. This week, I will be touching on the “WHAT” of...

This Week in Security News: Security Researcher Discloses Four IBM Zero-Days After Company Refused to Patch and Trend Micro Integrates with Amazon AppFlow

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, read about a security researcher who has published details about four zero-day vulnerabilities impacting an IBM security product after the...

Getting ATT&CKed By A Cozy Bear And Being Really Happy About It: What MITRE Evaluations Are, and How To Read Them

Full disclosure: I am a security product testing nerd. I’ve been following the MITRE ATT&CK Framework for a while, and this week the results were released of the most recent evaluation using APT29 otherwise known as COZY BEAR. First, here’s a snapshot of the Trend eval results as I understand the...

Trend Micro Integrates with Amazon AppFlow

The acceleration of in-house development enabled by public cloud and Software-as-a-Service SaaS platform adoption in the last few years has given us new levels of visibility and access to data. Putting all of that data together to generate insights and action, however, can substitute one challeng...

“We Need COBOL Programmers!” No, You Probably Don’t

Editor's note: While this topic isn't entirely security-specific, Trend Micro leader William Malik, has career expertise on the trending topic and shared his perspective. ---- There was a provocative report recently that the Governor of New Jersey told reporters that the state of New Jersey neede...

How to Create Serverless File Sharing with Azure Files

Did you happen to leave some of those pesky Windows® file servers on-premises in your journey to the cloud? Follow along as we explore Azure Files and how it can help you complete your cloud journey...