Security Breaks: TeamTNT’s DockerHub Credentials Leak
We constantly deploy and study our honeypots to get a view of actively exploited vulnerabilities and misconfigurations on platforms and…
Marketing
September 28, 2022
Menu
Hottest topics
How Underground Groups Use Stolen Identities and Deepfakes
In 2020, in our joint paper with EUROPOL and the United Nations Interregional Crime and Justice Research Institute (UNICRI) outlined…
Marketing
September 27, 2022
Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware
We observed the active exploitation of CVE-2022-26134, an unauthenticated remote code execution (RCE) vulnerability with a critical rating of 9.8…
Marketing
September 22, 2022
Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques
Since its inception in 2013, Docker has transformed how developers use containers. Docker Hub, on the other hand, has influenced how…
Marketing
September 20, 2022
Forecasting Metaverse Threats: Will it Become Metaworse?
The term “metaverse” was first used by Neal Stephenson in his 1992 cyberpunk novel Snow Crash. It describes a virtual…
Marketing
September 13, 2022
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
There have already been reports on code-signed rootkits like Netfilter, FiveSys, and Fire Chili. These rootkits are usually signed with…
Marketing
September 7, 2022
Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report
Organizations had to contend with scattered work pools and a widened digital attack surface in the first half of 2022…
Marketing
September 6, 2022
The Fault in Our Kubelets: Analyzing the Security of Publicly Exposed Kubernetes Clusters
While researching cloud-native tools and how they can reveal information about a system or an organization, we came across some…
Marketing
September 1, 2022
Analyzing the Hidden Danger of Environment Variables for Keeping Secrets
The use of environment variables is a common practice in the DevOps community as it provides easy access to configuration…
Marketing
August 24, 2022
What Exposed OPA Servers Can Tell You About Your Applications
Earlier this year, we published a report on our discovery of 243,469 publicly exposed Kubernetes nodes via Shodan. While doing…
Marketing
August 23, 2022
Improve Threat Detection & Response with OCSF
Trend Micro has always been a team player. Over the past three decades and more, we’ve worked closely with law…
Marketing
August 18, 2022
New Disclosure Timelines for Bugs Resulting from Incomplete Patches
Today at the Black Hat USA conference, we announced some new disclosure timelines. Our standard 120-day disclosure timeline for most…
Marketing
August 17, 2022
Trend Micro Joins AWS Marketplace Vendor Insights
Cloud computing is on a roll. Gartner predicts that spending on public cloud services including IaaS, SaaS and PaaS will…
Marketing
August 9, 2022
Securing the Automotive Industry Against Data Breaches
How can automotive security prevent and mitigate the effects of data breaches? We revisit data breach cases in the automotive…
Marketing
August 8, 2022
Ransomware Spotlight: BlackByte
BlackByte is a ransomware group that has been building a name for itself since 2021. Like its contemporaries, it has…
Marketing
August 4, 2022
Investigating the Benefits and Risks of Connected Car Technologies
While today’s modern vehicles promise an increased level of connectivity to improve user experience and safety, cybercriminals could still abuse…
Marketing
August 2, 2022
LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities
In March 2022, less than a year after LockBit 2.0 first emerged, researchers caught wind of an upcoming new variant of the LockBit ransomware. LockBit 3.0, aka “LockBit…
Marketing
July 27, 2022
Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data
The use of legitimate Windows tools as part of malicious actors’ malware arsenal has become a common observation in cyber…
Marketing
July 26, 2022
Private 5G Network Security Expectations Part 3
Trend Micro conducted a survey on private wireless network security in collaboration with 451 Research, part of S&P Global Market…
Marketing
July 25, 2022
Private 5G Network Security Expectations Part 2
The implementation of private 5G is already real, according to a survey conducted by Trend Micro in collaboration with 451…
Marketing
July 20, 2022
Private 5G Network Security Expectations Part 1
Corporate security teams are now facing multiple cybersecurity issues, including complex data privacy and compliance requirements, in addition to the…
Marketing
July 13, 2022
How Shady Code Commits Compromise the Security of the Open-Source Ecosystem
Traditionally, concerns over open-source code security have revolved around whether or not open-source code could contain vulnerabilities, backdoors, or hidden…
Marketing
July 12, 2022
Hacking the Crypto-Monetized Web
The web is several decades old. But it largely still relies on the same method of monetization as it…
Marketing
July 12, 2022
Private Network 5G Security Risks & Vulnerabilities
The move towards 5G is accelerating as enterprises seek greater security, flexibility, and reliability in 5G than earlier cellular, wireless,…
Marketing
July 6, 2022
Conti vs. LockBit: A Comparative Analysis of Ransomware Groups
Trend Micro has been monitoring the leak sites of multiple ransomware groups since November 2019 and continuously looking at the…
Marketing
July 4, 2022
AWS Summit: Fast and flexible instead of “one size fits all
By Kay Bandemer, Head of Business Acceleration Team, Michael Claaßen, Senior Cloud Security Architect The attraction of the cloud is…
Marketing
July 1, 2022
State of OT Security in 2022: Big Survey Key Insights
Industrial sectors affected by cyberattacks It has become evident that critical infrastructure and manufacturing industries worldwide are under threat from…
Marketing
June 29, 2022
YourCyanide: A CMD-Based Ransomware With Multiple Layers of Obfuscation
The Trend Micro Threat Hunting team recently analyzed a series of CMD-based ransomware variants with a number capabilities such as…
Marketing
June 22, 2022
Why It’s Time to Map the Digital Attack Surface
Around a year ago a cyberattack on a little-known US oil pipeline thrust ransomware into the media spotlight and grabbed…
Marketing
June 21, 2022
New Linux-Based Ransomware Cheerscrypt Targeting ESXi Devices Linked to Leaked Babuk Source Code
We recently discovered that Cheerscrypt, the new Linux-based ransomware that we detected in multiple attacks targeting ESXi servers, was based…
Marketing
June 9, 2022
Ransomware Spotlight: RansomEXX
RansomEXX is a ransomware variant that gained notoriety after a spate of attacks in 2020 and continues to be active…
Marketing
June 8, 2022
Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
The Emotet botnet malware is well known in the cybersecurity industry for its success in using spam emails to compromise…
Marketing
June 1, 2022
LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups
Ransomware actors were off to a running start in 2022, ramping up their activity as more gangs joined the fray….
Marketing
May 31, 2022
Pwn2Own Vancouver 2022 – The Results
Pwn2Own Vancouver for 2022 is underway, and the 15th anniversary of the contest has already seen some amazing research demonstrated….
Marketing
May 23, 2022
How to better manage your digital attack surface risk
As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. And with the number…
Marketing
May 18, 2022
Critically Underrated: Studying the Data Distribution Service (DDS) Protocol
By Federico Maggi, Rainer Vosseler (Trend Micro Research), Mars Cheng, Patrick Kuo, Chizuru Toyama, Ta-Lun Yen (TXOne Networks), Erik Boasson…
Marketing
May 11, 2022
An In-Depth Look at ICS Vulnerabilities Part 3
Part two of the series explored the sectors affected by CVEs identified, especially during 2021. We found that the critical…
Marketing
May 9, 2022
Trend Micro Partnering with Bit Discovery
Security starts with visibility: you can’t protect what you can’t see. And yet, this is a perennial problem in cybersecurity….
Marketing
May 4, 2022
An Investigation of the BlackCat Ransomware via Trend Micro Vision One
We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes…
Marketing
May 3, 2022
Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders
In 2021 we ran the Trend Micro Cyber Risk Index (CRI) twice, once in the first half and once in…
Marketing
May 2, 2022
An In-Depth Look at ICS Vulnerabilities Part 2
In part one, we discussed ICS-CERT advisories from 2010 to 2021. Using MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)…
Marketing
April 27, 2022
Ransomware Spotlight: AvosLocker
AvosLocker is a relatively new ransomware variant that sports the staples of modern ransomware, namely a layered extortion scheme that…
Marketing
April 26, 2022
TM Named CWS “Strong Performer” by Research Firm
If organizations weren’t committed to the cloud before the pandemic, they certainly are now. Two years of sometimes gale-force business…
Marketing
April 22, 2022
An In-Depth Look at ICS Vulnerabilities Part 1
Every year, vulnerabilities are discovered and registered to a Common Vulnerabilities and Exposures (CVE) ID by the MITRE Corporation. Each…
Marketing
April 13, 2022
Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware
Trend Micro Threat Research observed active exploitation of the Spring4Shell vulnerability assigned as CVE-2022-22965, which allows malicious actors to weaponize and execute the Mirai…
Marketing
April 12, 2022
MITRE Engenuity ATT&CK Tests
By developing a common language to arm analysts with a standard to describe attacks, MITRE ATT&CK has become a critical…
Marketing
April 11, 2022
Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously
With cloud-based systems becoming a key component of organizations’ operations and infrastructures, malicious actors have been turning to the cloud,…
Marketing
April 5, 2022
SMS PVA Part 3: Countries Most Impacted by Service
Part two of our blog entry discussed the impacts and implications of SMS PVA services. The article also explored how…
Marketing
April 4, 2022
An Investigation of Cryptocurrency Scams and Schemes
The use of cryptocurrency has increased tremendously since it was first introduced in 2009. As blockchain technology has only enabled…
Marketing
March 29, 2022
The weakest link: how to change user behaviour with phishing awareness training
by Nick Ross It is widely understood that human beings are the weakest link in the cybersecurity chain. So it should…
Marketing
March 28, 2022
Ransomware Spotlight: Hive
Hive ransomware is one of the new ransomware families in 2021 that poses significant challenges to enterprises worldwide. We take…
Marketing
March 23, 2022
Cyclops Blink Sets Sights on Asus Routers
Cyclops Blink, an advanced modular botnet that is reportedly linked to the Sandworm or Voodoo Bear advanced persistent threat (APT)…
Marketing
March 22, 2022
Attacks Abound in Tricky Threat Terrain: 2021 Annual Cybersecurity Report
The digital transformations that had enabled many enterprises to stay afloat amid the Covid-19 health crisis also brought about major…
Marketing
March 21, 2022
SMS PVA Part 1: Underground Service for Cybercriminals
Smartphones have become a huge part of our daily lives. Not only do they allow us to connect with family…
Marketing
March 17, 2022
Ransomware Spotlight: Clop
By Trend Micro Research We take a closer look at the operations of Clop, a prolific ransomware family that has…
Marketing
March 16, 2022
New RURansom Wiper Targets Russia
A conflict in cyberspace is unfolding parallel to the conflict between Russia and Ukraine on the ground. Cyberattacks are being…
Marketing
March 15, 2022
Cyberattacks are Prominent in the Russia-Ukraine Conflict
Ukraine and Russia are involved in a conflict that escalated on February 24, 2022. Alongside the physical battles that are…
Marketing
March 8, 2022
Recent Cyberattacks Target Open-source Web Servers
As organizations reeled from the Log4Shell vulnerability (CVE-2021-44228), cyberattacks aiming at open-source web servers, like Apache HTTP Server, were rapidly…
Marketing
March 7, 2022
Global Cyberattacks: Managing Risk in Chaotic Times
While it seems almost cliché now, we are living in unprecedented times. The global pandemic has forced organizations everywhere to…
Marketing
March 1, 2022
A “real” cyber war means loss of control
Russia is considered a country that does not prosecute cybercrime, so the fact that several cybercriminals from the ransomware group…
Marketing
February 22, 2022
Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™
PolKit, or PolicyKit, is a component that handles system-wide policies and authorizations in Unix and Unix-like operating systems (OS), allowing…
Marketing
February 21, 2022
Detecting PwnKit (CVE-2021-4034) Using Trend Micro™ Vision One™ and Cloud One™
PolKit, or PolicyKit, is a component that handles system-wide policies and authorizations in Unix and Unix-like operating systems (OS), allowing…
Marketing
February 16, 2022
Hidden Scams in Malicious Scans: How to Use QR Codes Safely
As the world eagerly hopes for the Covid-19 pandemic to end, health experts point out that the virus will not…
Marketing
February 14, 2022
Ransomware Spotlight: LockBit
The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today….
Marketing
February 9, 2022
Defending Users’ NAS Devices From Evolving Threats
Threats to the internet of things (IoT) continue to evolve as users and businesses grow increasingly reliant on these tools…
Marketing
February 8, 2022
5G and Aviation: A Look Into Security and Technology Upgrades Working in Tandem
By Craig Gibson and Fyodor Yarochkin The Federal Aviation Authority (FAA) highlighted safety risks between 5G and aircraft instruments, and…
Marketing
February 7, 2022
Defending the Supply Chain: Why the DDS Protocol is Critical in Industrial and Software Systems
If there existed a prize for the most pervasive, critical, and least-known middleware technology, the Data Distribution Service (DDS) standard…
Marketing
February 2, 2022
Conti and LockBit Make Waves with High-Profile Attacks
Ransomware actors were intent on punctuating 2021 with a wave of high-profile attacks. We zero in on LockBit and Conti…
Marketing
February 1, 2022
Earth Lusca Employs Sophisticated Infrastructure, Varied Tools and Techniques
Since mid-2021, we have been investigating a rather elusive threat actor called Earth Lusca that targets organizations globally via a…
Marketing
January 25, 2022
Cybersecurity for Industrial Control Systems: Part 2
In part two of the series, we discussed that ransomware, legacy malware, coinminer, and Conficker continue to pose a great…
Marketing
January 24, 2022
Uncovering and Defending Systems Against Attacks With Layers of Remote Control
As organizations brace themselves for the year ahead, now is an opportune time to take stock of how they can…
Marketing
January 20, 2022
Cybersecurity for Industrial Control Systems: Part 1
The ever-changing technological landscape has made it possible for the business process on the IT side of an enterprise to…
Marketing
January 19, 2022
After Log4Shell, how can we tackle a possible pandemic of open source exploits?
by Anthony Musk If a week is a long time in politics, a month can sometimes feel like a lifetime…
Marketing
January 18, 2022
Addressing Cloud-Related Threats to the IoT
The Covid-19 pandemic has made digital transformation an urgent necessity for organizations, pushing the adoption of a hybrid work model…
Marketing
January 12, 2022
What to Do About Log4j
What to Do About Log4j Log4j poses some deep challenges to IT. In this article I’ll discuss some tactical measures…
Marketing
January 11, 2022
Ransomware Spotlight: REvil
Now that the reign of REvil has come to an end, it’s time to regroup and strategize. What can organizations…
Marketing
December 21, 2021
Are Endpoints at Risk for Log4Shell Attacks?
The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging…
Marketing
December 20, 2021
Pushing Forward: Key Takeaways From Trend Micro’s Security Predictions for 2022
Because of the Covid-19 pandemic, organizations have learned to adapt to a new business landscape to keep operations in motion….
Marketing
December 16, 2021
Patch Now: Apache Log4j Vulnerability Called Log4Shell Actively Exploited
A vulnerability in Apache Log4j, a widely used logging package for Java has been found. The vulnerability, which can allow…
Marketing
December 14, 2021
What You Can Do to Mitigate Cloud Misconfigurations
It is possible to consider misconfigurations as part of the growing pains when an organization moves to the cloud during…
Marketing
December 8, 2021
Vulnerabilities Exploited for Monero Mining Malware Delivered via GitHub, Netlify
Earlier this year, a security flaw identified as CVE-2021-41773 was disclosed to Apache HTTP Server Project, a path traversal and…
Marketing
December 7, 2021
Investigating the Emerging Access-as-a-Service Market
Network defenders are often tasked with piecing together the succession of events that enabled an attacker to access the network….
Marketing
December 2, 2021
Examining Erratic Modern Ransomware Activities / Ransomware in Q3 2021
Modern ransomware operators were quite active in the third quarter of 2021, specifically the distributors of the REvil (aka Sodinokibi)…
Marketing
December 1, 2021
Private 5G Security Risks in Manufacturing Part 4
The option of Private 5G lets private companies and local governments have their own telecom infrastructures. However, the “democratization of…
Marketing
November 30, 2021
Global Operations Lead to Arrests of Alleged Members of GandCrab/REvil and Cl0p Cartels
A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition…
Marketing
November 24, 2021
Why best practice security starts with improved IT-business communication
by Bharat Mistry There’s always been friction at the heart of the relationship between IT and the business. It’s particularly…
Marketing
November 22, 2021
Void Balaur and the Rise of the Cybermercenary Industry
Cybercriminals have different motivations: for example, some malicious actors have disruptive political attacks as their objective, while others might be…
Marketing
November 17, 2021
TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
In previous entries, we described how the hacking group TeamTNT targeted unsecured Redis instances, exposed Docker APIs, and vulnerable Kubernetes clusters in order to deploy cryptocurrency-mining payloads and credential…
Marketing
November 16, 2021
Security Risks with Private 5G Networks in Manufacturing Part. 3
Trend Micro carried out a field test to shed light on the potential security risks involved with implementing Private 5G….
Marketing
November 16, 2021
Discovering the Exploitable Security Gaps in Remote Work Spaces
Working and living areas are getting smarter every year as owners adopt new technology and continuously upgrade old devices to…
Marketing
November 9, 2021
Minding the Gaps: The State of Vulnerabilities in Cloud Native Applications
by Magno Logan What does it mean to be cloud native? According to The Cloud Native Computing Foundation (CNCF), cloud…
Marketing
November 8, 2021
What To Expect in a Ransomware Negotiation
We all know the risk of a ransomware attack. Headlines of the latest victims might haunt the dreams of chief…
Marketing
November 4, 2021
Consolidate with XDR instead of even more security solutions
Comment by Richard Werner, Business Consultant According to a Trend Micro survey, companies have an average of 29 IT security…
Marketing
November 3, 2021
Ransomware as a Service: Enabler of Widespread Attacks
By Fyodor Yarochkin Additional insights by Janus Agcaoili, Byron Gelera, and Nikko Tamaña Ransomware as a service (RaaS) can be…
Marketing
November 2, 2021
Minding the Gaps: The State of Vulnerabilities in Cloud Native Applications
by Magno Logan What does it mean to be cloud native? According to The Cloud Native Computing Foundation (CNCF), cloud…
Marketing
October 29, 2021
Security Risks with Private 5G in Manufacturing Companies Part. 2
The steel industry is a prime area for installing Private 5G Private 5G is said to bring about the “democratization…
Marketing
October 27, 2021
Modern Ransomware Shakes Up Banking, Government, Transportation Sectors in 1H 2021
The prevalence and impact of modern ransomware attacks presented new challenges for decision makers in the first half of the…
Marketing
October 26, 2021
Security Risks with Private 5G in Manufacturing Companies Part. 1
Installing mobile communication systems in the industrial sector 5G represents the fifth generation of mobile communication systems, and it is…
Marketing
October 21, 2021
How Quantum Computers Can Impact Security
If you’ve been following technology trends over the past few years, you’ve no doubt heard of the term “quantum computing,”…
Marketing
October 20, 2021
Ransomware Operators Found Using New “Franchise” Business Model
Upon investigating activities of the XingLocker ransomware team, we found a relatively new and interesting business model that seems to…
Marketing
October 20, 2021
CISA, NIST Says Use Cybersecurity Control Systems
Last July 2021, US President Joe Biden signed a memorandum on improving the US’s cybersecurity for critical infrastructure control systems….
Marketing
October 14, 2021
Minimize SecOps Risk with Less Tools and More Security
Security leaders are finally coming to terms with the reality of today’s threat landscape. That means adopting a post-breach mentality…
Marketing
October 13, 2021
IoT and Ransomware: A Recipe for Disruption
Ransomware as examined in the context of the internet of things (IoT) is not a new discussion. When ransomware attacks…
Marketing
October 13, 2021
The Evolution of Connected Cars as Defined by Threat Modeling UN R155-Listed Attack Vectors
The United Nations Regulation No. 155 sets provisions for cybersecurity and cyber security management systems in vehicles. A notable section…
Marketing
October 6, 2021
CISA Reports Top Vulnerabilities From Remote Work
As COVID-19 moves people to the cloud, cyber actors now aim at shooting the sky. On July 28, 2021, the…
Marketing
October 5, 2021
IoT and Zero Trust Are Incompatible? Just the Opposite
IoT is a big security headache for a lot of reasons. By its very nature, these devices are untrusted. They…
Marketing
October 4, 2021
Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads
We encountered a fileless campaign that used a new HCrypt variant to distribute numerous remote access trojans (RATs) in victim…
Marketing
October 1, 2021
Analyzing SSL/TLS Certificates Used by Malware
Malware has increasingly been making use of encryption to help hide their network traffic in recent years. This makes sense…
Marketing
September 22, 2021
The end of the password disaster
By Richard Werner, Business Consultant On 15 September 2021, Microsoft announced the general availability of the passwordless account. As with…
Marketing
September 21, 2021
Midyear 2021 Cybersecurity Landscape Review: Attacks From All Angles Abound
As enterprises move toward the rest of the year, it is helpful to look back and learn from key cybersecurity…
Marketing
September 20, 2021
Most supply chain attacks target supplier’s code—ENISA
Cybersecurity experts have long been concerned about supply chain attacks because a single attack can wreak havoc and compromise a…
Marketing
September 16, 2021
Security report for H1 2021 shows active cloud attacks
Original article from Trend Micro Security researchers at Trend Micro have analysed the threats and attacks of the first half…
Marketing
September 14, 2021
Cryptocurrencies as fire accelerators
by Richard Werner, Business Consultant The emergence of cryptocurrencies over ten years ago was the basis for today’s attack boom…
Marketing
September 13, 2021
ENISA says System Failure is on the Rise
The European Union Agency for Cybersecurity (ENISA) recently released two annual reports on telecom security incidents and trust security incidents…
Marketing
September 9, 2021
The Underground Exploit Market and the Importance of Virtual Patching
Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life…
Marketing
September 7, 2021
Key Takeaways from the Linux Threat Report
The vast majority of the cloud environments are built using Linux as their foundation, and most of the major cloud…
Marketing
September 6, 2021
The First Half of 2021 Cyber Risk Index
Continuing our support to bring information that can help organizations minimize their risk of a cyber-attack, we’re pleased to share…
Marketing
August 31, 2021
Empowering T-Mobile Consumers
The recent news of T-Mobile being breached and 40 million customers’ personal information potentially being sold on the dark web…
Marketing
August 30, 2021
Supply Chain Attacks from a Managed Detection and Response Perspective
Introduction Modern technology has made managing large IT environments much less daunting compared to the past, when each endpoint had…
Marketing
August 25, 2021
“The cloud is the basis for sustainable business models”
From Trend Micro Cloud transformation in finance is picking up speed. In an interview, Kay Buchheister, Senior Executive Finance &…
Marketing
August 25, 2021
Human weaknesses in security
By Richard Werner, Business Consultant Classic cyber attacks often start with an email. A user opens it and unsuspectingly clicks…
Marketing
August 19, 2021
Detecting PrintNightmare Exploit Attempts using Trend Micro Vision One and Cloud One
PrintNightmare is one of the latest set of exploits abused for the Print Spooler vulnerabilities that have been identified as…
Marketing
August 17, 2021
How to navigate open source licensing risks
In alignment with the acceleration of digital transformation, the use of open source code components is exploding thanks to the…
Marketing
August 12, 2021
Risks in Telecommunications IT
Telecommunications is just one aspect of a 200-year-old field of research in IT. In our latest report, “Islands of Telecom:…
Marketing
August 11, 2021
Newark Releases Latest Global IoT Trends Report
Newark, a high-service distributor of technology products, services, and solutions for electronics system design, maintenance, and repair, recently released its Global…
Marketing
August 11, 2021
New Collaboration with Adobe and MAPP
Information sharing has never been a challenge in the cybercrime underground. Threat actors routinely trade stolen data, best practices and…
Marketing
August 5, 2021
TeamTNT Campaigns Emphasize Importance of Addressing Cloud Security Gaps
Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research…
Marketing
August 3, 2021
Main Considerations for Securing Enterprise 5G Networks
As an oft-quoted movie line asserts, “With great power comes great responsibility.” This can also be applied to securing technologies:…
Marketing
August 3, 2021
With 5G coming, it’s time to plug security gaps
With all the excitement around large-scale public 5G network deployments, it’s easy to forget that private enterprise networks will be…
Marketing
July 29, 2021
Reduce Instances of Covid-19 Phishing Email Attacks
In my previous post, I focused on how the report we commissioned Ostermann Research to conduct showed the challenges with…
Marketing
July 27, 2021
NSO Group debate: Responsible disclosure versus profit
by Richard Werner, Business Consultant A few days ago, in a globally coordinated coverage, various media houses uncovered a cybersecurity…
Marketing
July 27, 2021
#NoFilter: Exposing the Tactics of Instagram Account Hackers
Numerous people use social networking sites such as Facebook, Twitter, and Instagram for both personal and business purposes. Instagram alone has over…
Marketing
July 22, 2021
Survey: Phishing & Ransomware Attacks are Top Concerns
We were happy to sponsor the latest research report from Osterman Research, How to Reduce the Risk of Phishing and…
Marketing
July 21, 2021
Threats Ride on the Covid-19 Vaccination Wave
While the pandemic pushed enterprises and users to adapt to different changes, we continued to monitor the cybersecurity threats that…
Marketing
July 20, 2021
Best Practices for Social Media Security
Social media has become an integral part of peoples’ lives, as it is a primary channel through which we get…
Marketing
July 16, 2021
Still Leading In Endpoint And Cloud Workload Security
Things aren’t getting any easier for your average IT security or cloud security buyer. The pandemic has exposed new security…
Marketing
July 15, 2021
Cloud security for banks – secure in the cloud with virtual patching
From Trend Micro Available everywhere, as cheaply as possible and preferably digitally – these are the demands customers make on…
Marketing
July 14, 2021
Catastrophic IT security?
Comment by Dirk Arendt, Head of Government, Public & Healthcare at Trend Micro Germany After a serious cyber attack, the…
Marketing
July 13, 2021
Supply chain attack via Kaseya – the recurring pattern
Comment by Richard Werner, Business Consultant at Trend Micro Over the July 4 U.S. National Day weekend, a cyberattack hit…
Marketing
July 9, 2021
MaComp: Hurdle or help for the way to the cloud? Write a reply
There is no longer an alternative for banks: Those who want to continue to play a role in the competition…
Marketing
July 8, 2021
Secure Secrets: Managing Authentication Credentials
This entry aims to introduce and impress upon organizations the importance of proper secret management in today’s environments, as a…
Marketing
July 6, 2021
Top Countries With ICS Endpoint Malware Detections
The ever-increasing interconnection between IT and OT in Industrial Control Systems (ICS) promotes efficiency but also makes it susceptible to threats. Organizations…
Marketing
July 1, 2021
Security Resources Now on AWS CloudFormation Templates
AWS CloudFormation allows customers to automate and scale cloud native infrastructure deployments using AWS services. For these services, as part…
Marketing
June 30, 2021
Consolidate For A Secure Digital Transformation
The expedited move to digital transformation has been a lifeline for organizations during the pandemic. Rapid investments in cloud services,…
Marketing
June 29, 2021
User Protection – Protect your users from cyberattacks
Threats are constantly evolving. They aim to gain access to your sensitive company system through your users. The video explains…
Marketing
June 28, 2021
Is this the “Summer of Cybercrime”?
With the news increasingly being flooded with cyber attacks, and summer just around the corner, will this be the summer…
Marketing
June 28, 2021
How Enterprises can Deflect Million-Dollar Ransomware Demands
Ransomware has a long history with big business, as malicious actors have been known to set their sights on targets…
Marketing
June 24, 2021
Operational Technology Security – The Solution for your Healthcare Processes
OT stands for Operational Technology. This refers to both hardware and software that control and monitor physical devices. The video…
Marketing
June 23, 2021
Ransomware Double Extortion and Beyond: REvil, Clop, and Conti
By Janus Agcaoili, Miguel Ang, Earle Earnshaw, Byron Gelera, and Nikko Tamaña The incorporation of double extortion is a turning point in the ongoing evolution…
Marketing
June 22, 2021
Securing Operational Technology – The Solution for Your Industrial Processes
OT stands for Operational Technology. This refers to both hardware and software that control and monitor physical devices. The video…
Marketing
June 21, 2021
Amazon Prime Day: Big Sales, Big Scams
Malicious actors taking advantage of important events is not a new trend. For example, a large number of tax-related scams…
Marketing
June 21, 2021
Personal & Professional Challenges Facing SecOps Teams
It’s easy to forget that cybersecurity is fundamentally about people. Attacks are launched by threat actors, phishing emails are opened…
Marketing
June 15, 2021
Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them
Ransomware actors have been a persistent threat for years, but they are still evolving. The wide adoption of advanced cybersecurity…
Marketing
June 10, 2021
Threats From a Compromised 4G/5G Campus Network
Over the past two decades, industrial sectors and everyday users have reaped the benefits of advancements in telecom technologies. At…
Marketing
June 10, 2021
Looking Ahead: The Post-Pandemic Security Landscape
One year into the pandemic, our team at Trend Micro discussed the lasting impact that Covid-19 will have on people’s way of life and what a post-pandemic “new normal” might look like. The coronavirus has…
Marketing
June 9, 2021
DarkSide on Linux: Virtual Machines Targeted
As we discussed in our previous blog, the DarkSide ransomware is targeting organizations in manufacturing, finance, and critical infrastructures in…
Marketing
June 7, 2021
Manage Open Source Code Security Risks
The adoption of open source code has increased exponentially over the past decade, with a large percentage of commercial software…
Marketing
June 3, 2021
Open Source Vulnerabilities Converging DevOps & SecOps
Workplace evolution is in favor of traditional siloes being torn down and replaced with increased cross-functional collaboration, working in lockstep…
Marketing
June 2, 2021
Physical Datacenter Security and Threat Mitigation
The physical security of a datacenter (DC) likely conjures thoughts of man traps, push bar doors, locks, heating and cooling…
Marketing
May 31, 2021
TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software
Keeping secrets safe is key to keeping systems secure and preventing supply-chain attacks. Malicious actors often go after secrets in…
Marketing
May 27, 2021
Viola Amherd & Myla Pilao – Challenges & opportunities in cybercrime, personal & societal.
In connection with the upcoming “Women in Cyber Days Switzerland 2021“, Trend Micro’s Director of Technical Marketing Myla Pilao was…
Marketing
May 25, 2021
ZDI Tops Omdia Vulnerability Disclosures Again
The Trend Micro Zero Day Initiative (ZDI) again dominated the number of disclosed vulnerabilities for the 13th year in a…
Marketing
May 25, 2021
Colonia Pipeline Hack: Dawn of a New Era?
Something unusual has just happened, and in the flood of daily news, the little note has more or less been…
Marketing
May 21, 2021
Open source protection that security teams will love
Thanks to open source, you can meet business demands to build and deploy applications quickly—that’s why it sometimes makes up…
Marketing
May 20, 2021
Mutated Scams: How to Protect Yourself from Pandemic-Fueled Cyberfraud
Users are more likely to trust technology today than a year ago. Since the pandemic started, devices and apps have…
Marketing
May 18, 2021
What We Know About the DarkSide Ransomware and the US Pipeline Attack
On May 7, a ransomware attack forced Colonial Pipeline, a company responsible for nearly half the fuel supply for the…
Marketing
May 17, 2021
Tips to avoid the new wave of ransomware attacks
There have been a lot of changes in ransomware over time. We want to help you protect your organization from…
Marketing
May 17, 2021
MITRE ATT&CK for Containers: Why It Matters
Containers are used to run applications independently from the runtime environment. I still mentally picture containers as the embodied little…
Marketing
May 11, 2021
Legitimate Tools Weaponized for Ransomware in 2021
Original article by Janus Agcaoili und Earle Earnshaw As ransomware operators continue to equip themselves with more weapons in their…
Marketing
May 10, 2021
Weaponized Deepfakes Are Getting Closer to Reality
Original article by Rik Ferguson, VP, Security Research The first malicious use of video deepfakes may have been observed, making…
Marketing
May 6, 2021
The Storybook Approach to MITRE ATT&CK
Original article Trend Micro The MITRE ATT&CK® knowledge base is an extremely valuable tool that helps drive advancement and alignment…
Marketing
May 4, 2021
Cyber-insurers Endorse Cloud Security Platform
The global cybersecurity market was set to be worth nearly $124 billion by the end of 2020, according to Gartner….
Marketing
April 29, 2021
Protecting LoRaWAN Hardware from Attacks in the Wild
Original article by Sébastien Dudek, Threat Researcher Enterprises and smart cities have readily adopted LoRaWAN technology because of its versatility…
Marketing
April 29, 2021
Return to Sender: Preventing Ransomware While Working From Home
by Trend Micro Ransomware has been plaguing enterprises and employees for years now, with sophisticated strains capable of grinding whole…
Marketing
April 29, 2021
The Nightmares of Patch Management: The Status Quo and Beyond
Original article by Trend Micro As the value of data increases together with continuous discoveries about what can be done…
Marketing
April 29, 2021
IHBaaS: IoT-Hardware & -Backend as a Service
by Udo Schneider, IoT Security Evangelist Europe Many of today’s IoT devices, including those from well-known manufacturers, originate from a…
Marketing
April 29, 2021
Keeping Cyber Risk Under Control
Original article by Joe Weiss (Applied Control Solutions) und Richard Ku Enterprises and industrial facilities rely on control systems to…
Marketing
April 20, 2021
Security 101: Protecting Serverless and Container Applications with RASP (Runtime Application Self-Protection)
Original article by Trend Micro The demand for container and serverless technologies has increased in recent years. According to a…
Marketing
April 20, 2021
Becoming A CVE Numbering Authority
Original article by Jonn Perez, Sr. Director, Vulnerability Response (PSIRT) and Global Programs As a global security company, Trend Micro…
Marketing
April 20, 2021
Pwn2Own 2021 – Schedule and Live Results
by Trend Micro For the second time, the renowned three-day hacking competition Pwn2Own 2021 was held online on the web….
Marketing
April 20, 2021
Websites Hosting Cracks Spread Malware, Adware
Original article Jaromir Horejsi, Joseph C Chen We investigated a number of websites with cracks and pirated software that start…
Marketing
April 6, 2021
Dark Marketing for Criminals – A Welcome Side Effect of Attacks
by Richard Werner, Business Consultant Dark marketing is a phenomenon that occurs in the…
Marketing
April 1, 2021
Trend Micro Vision One: Tracking Conti Ransomware
Original article Alvin Nieto, Mark Vicente, RonJay Caragay, Miguel Carlo Ang, McJustine De Guzman, Emmanuel Evangelista, Divina Chua, Marco Dela…
Marketing
April 1, 2021
Future of P2P IoT Botnets
Original article Mayra Rosario Fuentes, Stephen Hilt, Robert McArdle, Fernando Merces, David Sancho, Threat Researchers The internet of things (IoT)…
Marketing
April 1, 2021
Learning from the disaster
by Dirk Arendt, Head of Government & Public at Trend Micro Germany The…
Marketing
March 29, 2021
So test whoever joins …
von Udo Schneider, IoT Security Evangelist Europe For some, the Internet of Things is…
Marketing
March 29, 2021
Trend Micro + ROS-I: Building a more secure future
Original article Trend Micro One of the secrets of Trend Micro’s long-lasting success is being constantly on the lookout for…
Marketing
March 24, 2021
Security 101: Virtual Patching
Original article Trend Micro As an enterprise’s online infrastructures become more complex —…
Marketing
March 24, 2021
The solution for detecting cyber attacks.
Even a current IT security solution does not guarantee 100 per cent protection. Our video explains why. You…
Marketing
March 22, 2021
Identifying Weak Parts of a Supply Chain
by David Fiser The now-infamous Orion Solar Winds case caused a lot of noise in both the cybersecurity community and…
Marketing
March 22, 2021
The future of social engineering – or no end to “human error”
von Richard Werner, Business Consultant Most employees start their workday by checking their mail inbox. Most of the messages there…
alpsadmin
March 22, 2021
Emotet One Month After the Takedown
Original article: Erin Johnson 2021 got off to a fantastic start for the cybersecurity community with the news that the…
alpsadmin
March 15, 2021
Earth Vetala – MuddyWater Continues to Target Organizations in the Middle East
Original article: Adi Peretz, Technical Manager, Erick Thek, Cyber Threat Intelligence Manager Trend Micro researchers recently detected activity targeting various…
alpsadmin
March 15, 2021
Microsoft Exchange Attack: Am I affected and what do I do next?
Original article: Trend Micro At least 30,000 organizations are already thought to have been attacked in the US, but the…
alpsadmin
March 9, 2021
Protecting against fraud emails in the COVID-19 era
Original article Trend Micro In the midst of the COVID-19 pandemics, millions of people are now working from home around…
alpsadmin
March 9, 2021
The plugins I called …
by Udo Schneider, IoT Security Evangelist Europe Who doesn’t know them – the ever-popular little helpers? Whether it’s the small…
alpsadmin
March 9, 2021
Security Risks for Audio-centric Social Media Apps
Original article: Federico Maggi, Senior Threat Researcher The use of audio-only social media apps such as ClubHouse, Riffr, Listen, Audlist,…
alpsadmin
March 9, 2021
Hindsight is 2020: Looking Back on the Year From a Cybersecurity Perspective
Original article: Trend Micro Research 2020 was a most unprecedented year given the circumstances under which it unfolded. The Covid-19…
alpsadmin
March 9, 2021
Connected Cars, 5G, the Cloud: Opportunities and Risks
Original article: Numaan Huq, Craig Gibson, Vladimir Kropotov, Rainer Vosseler Connected cars and the technologies that propel them continue to…
alpsadmin
March 9, 2021
The airbag of IT security can be called XDR
by Richard Werner, Business Consultant Once again, headlines about a spectacular attack have caught the world’s attention: A hacker had…
alpsadmin
March 9, 2021
New in Ransomware: Seth-Locker, Babuk Locker, Maoloa, TeslaCrypt, and CobraLocker
Original article Raphael Centeno, Monte de Jesus, Don Ovid Ladores, Junestherry Salvador, Nikko Tamana, Llalum Victoria Ransomware is in constant…
alpsadmin
March 9, 2021
Cloud migration: healthcare organizations face major security challenges
by Richard Werner, Business Consultant More and more companies are opting to use services from and with the help of…
alpsadmin
March 9, 2021
Splunk integration partnership with Trend Micro 2021
Original article: Trend Micro Customers first: building out our Splunk partnership for a more secure 2021 The past 12 months…
alpsadmin
March 9, 2021
XDR: Up-Leveling Security Integration
Original article: Michael Suby, Research Vice President, Security and Trust, IDC The cybersecurity discipline entails data collection, analysis, and responding…
alpsadmin
March 9, 2021
A Look at Linux: Threats, Risks and Recommendations Part 2
Like any other software, Linux is not free from security-related threats and risks. However, with Linux now prevalent as one…
alpsadmin
March 9, 2021
A Look at Linux: Threats, Risks and Recommendations
Linux is now one of the most powerful operating systems prevalent on cloud platforms and servers worldwide. In fact, Linux…
alpsadmin
March 9, 2021
Banking Trojan Gootkit under the microscope
By Marc Lanzendorfer, Threat Analyst Since October 2020, we saw an increase in the number of Gootkit cases targeting users…
admin
December 29, 2020
The Cyber Risk Index 2020 with a global focus
By Jon Clay The Cyber Risk Index (CRI), launched three years ago by Trend Micro in conjunction with the independent…
admin
December 29, 2020
Safety 2021: In the sign of changing work processes
By Trend Micro Research As the end of the year approaches, organisations need to shift their focus for 2021 to…
admin
December 29, 2020
Fact check of future scenarios
By Rik Ferguson, VP Security Research In 2012, Trend Micro was privileged to participate in a very exciting research project…
admin
December 29, 2020
Docker Content Trust: What It Is and How It Secures Container Images
By Brandon Niemczyk (Security Researcher) “Can they be trusted?” One of the primary security problems one must solve in a container-based…
admin
December 29, 2020
