A Necessary Digital Odyssey of RPA and AI/ML at HUD

Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations...

A Necessary Digital Odyssey of RPA and AI/ML at HUD

Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations...

CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign

In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative ZDI observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-2024-21412...

AI Auctions: Collectibles, Taylor Swift, Jordan Bots

Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia...

Unveiling Earth Kapre aka RedCurl’s Cyberespionage Tactics With Trend Micro MDR, Threat Intelligence

This blog entry will examine Trend Micro MDR team's investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged threat intelligence to attribute the extracted evidence to the cyberespionage threat group...

AI Auctions: Collectibles, Taylor Swift, Jordan Bots

Discover the fascinating world of AI, ML, and RPA and their real-world applications including the creation of a custom RPA bot for collecting rare sports memorabilia...

Multistage RA World Ransomware Uses Anti-AV Tactics, Exploits GPO

The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact...

Managing Cyber Risk for Under-Pressure CISOs

Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managing cyber risk effectively...

Threat Actor Groups, Including Black Basta, are Exploiting Recent ScreenConnect Vulnerabilities

This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, that are actively exploiting CVE-2024-1708 and CVE-2024-1709 based on our telemetry...

Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections

During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets...

LockBit Attempts to Stay Afloat With a New Version

This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulting in the undermining of its operations...

Exploring Changing SOC Landscapes

The landscape of cybersecurity is continuously evolving, with new threats emerging and the roles and responsibilities of security professionals constantly adapting...

Decoding Digital Transformation: AI, ML, and RPA in the Modern Era

Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies...

Decoding Digital Transformation: AI, ML, and RPA in the Modern Era

Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies...

Trend Micro and INTERPOL Join Forces Again for Operation Synergia

Trend and other private entities recently contributed to INTERPOL’s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to phishing, banking malware, and ransomware activity...

Earth Preta Campaign Uses DOPLUGS to Target Asia

In this blog entry, we focus on Earth Preta's campaign that employed a variant of the DOPLUGS malware to target Asian countries...

Cyber Risk Management: Bring Security to the Boardroom

Discover how to strategically present security controls to the board to better manage cyber risk...

CVE-2024-21412: Water Hydra Targets Traders with Microsoft Defender SmartScreen Zero-Day

The APT group Water Hydra has been exploiting the zero-day Microsoft Defender SmartScreen vulnerability CVE-2024-21412 in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day...

Global Cybersecurity Trends: AI, Geopolitical Risks, and Zero Trust

Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024...

CVE-2024-21412: Water Hydra Targets Traders With Microsoft Defender SmartScreen Zero-Day

The APT group Water Hydra has been exploiting the Microsoft Defender SmartScreen vulnerability CVE-2024-21412 in its campaigns targeting financial market traders. This vulnerability, which has now been patched by Microsoft, was discovered and disclosed by the Trend Micro Zero Day Initiative...

Global Cybersecurity Trends: AI, Geopolitical Risks, and Zero Trust

Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024...

SmartScreen Vulnerability: CVE-2024-21412 Facts and Fixes

This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability...

What Generative AI Means for Cybersecurity in 2024

After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks - learn what generative AI means for cybersecurity in 2024...

What Generative AI Means for Cybersecurity in 2024

After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks - learn what generative AI means for cybersecurity in 2024...

A Deepfake Scammed a Bank out of $25M — Now What?

A finance worker in Hong Kong was tricked by a deepfake video conference. The future of defending against deepfakes is as much as human challenge as a technological one...

Unveiling Atlassian Confluence Vulnerability CVE-2023-22527: Understanding and Mitigating Remote Code Execution Risks

In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution...

Unifying Cloud Security Beyond Siloes

Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management...

Unifying Cloud Security Beyond Siloes

Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the cloud—for more proactive risk management...

Pawn Storm Uses Brute Force and Stealth Against High-Value Targets

Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of targets and variations in the government departments that it targeted...

Smarter, Meaner, Sneakier: Security Trends for 2024

Learn how hackers are getting smarter, ruder, meaner, and sneakier and what to do about it with this overview of cybersecurity trends in 2024...

Prevent BEC with AI-Powered Email and Collaboration

Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments...

Kasseika Ransomware Deploys BYOVD Attacks, Abuses PsExec and Exploits Martini Driver

In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious BlackMatter ransomware...

18X a Leader in Gartner Magic Quadrant for EPP

Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms...

18X a Leader in Gartner Magic Quadrant for EPP

Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms...

Reduce Business Email Compromise with Collaboration

Here's the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space...

Protecting Your Network Security from Ivanti Zero-Day Threat

The overlooked vulnerability with real impacts...

Embracing a risk-based cybersecurity approach with ASRM

Explore how a risk-based cybersecurity approach is critical to proactively stop dynamic, ever-evolving threats...

Modernize Federal Cybersecurity Strategy with FedRAMP

Detection and response will be critical for the U.S. Government to modernize security operations and stay ahead of cyber-attacks...

CVE-2023-36025 Exploited for Defense Evasion in Phemedrone Stealer Campaign

This blog delves into the Phemedrone Stealer campaign's exploitation of CVE-2023-36025, the Windows Defender SmartScreen Bypass vulnerability, for its defense evasion and investigates the malware's payload...

Build Cyber Resilience with Distributed Energy Systems

...

Trend Micro Defends FIFA World Cup from Cyber Threats

Trend Micro collaborates with INTERPOL to defend FIFA World Cup by preventing attacks & mitigating risks to fight against the rising threat of cybercrime...

Accelerating into 2024 with NEOM McLaren Formula E Team

Learn more about how Trend is engineering innovation and resiliency with NEOM McLaren Formula E Team in 2024 and beyond...

Accelerating into 2024 with NEOM McLaren Formula E Team

...

Black Basta-Affiliated Water Curupira’s Pikabot Spam Campaign

...

Securing Application Staging & Production Environments

...

Cyber insurance requirements: What’s in store for 2024

As the threat landscape evolves and the cost of data breaches increase, so will cyber insurance requirements from carriers. Cyber Risk Specialist Vince Kearns shares his 4 predictions for 2024...

Trend Micro’s Bug Bounty Program ZDI 2023 Performance

...

3 Strategic Insights from Cybersecurity Leader Study

Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges...

Decoding CVE-2023-50164: Unveiling the Apache Struts File Upload Exploit

In this blog entry, we discuss the technical details of CVE-2023-50164, a critical vulnerability that affects Apache Struts 2 and enables unauthorized path traversal...

Modern Attack Surface Management (ASM) for SecOps

Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management ASM and what SecOps need to look for in an ASM solution...