Trend Micro has always been a team player. Over the past three decades and more, we’ve worked closely with law…

How can automotive security prevent and mitigate the effects of data breaches? We revisit data breach cases in the automotive…

While today’s modern vehicles promise an increased level of connectivity to improve user experience and safety, cybercriminals could still abuse…

The use of legitimate Windows tools as part of malicious actors’ malware arsenal has become a common observation in cyber…

The move towards 5G is accelerating as enterprises seek greater security, flexibility, and reliability in 5G than earlier cellular, wireless,…

We recently discovered that Cheerscrypt, the new Linux-based ransomware that we detected in multiple attacks targeting ESXi servers, was based…

RansomEXX is a ransomware variant that gained notoriety after a spate of attacks in 2020 and continues to be active…

Part two of the series explored the sectors affected by CVEs identified, especially during 2021. We found that the critical…

We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes…

In part one, we discussed ICS-CERT advisories from 2010 to 2021. Using MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK)…

AvosLocker is a relatively new ransomware variant that sports the staples of modern ransomware, namely a layered extortion scheme that…

Every year, vulnerabilities are discovered and registered to a Common Vulnerabilities and Exposures (CVE) ID by the MITRE Corporation. Each…

Trend Micro Threat Research observed active exploitation of the Spring4Shell vulnerability assigned as CVE-2022-22965, which allows malicious actors to weaponize and execute the Mirai…

Part two of our blog entry discussed the impacts and implications of SMS PVA services. The article also explored how…

The use of cryptocurrency has increased tremendously since it was first introduced in 2009. As blockchain technology has only enabled…

Hive ransomware is one of the new ransomware families in 2021 that poses significant challenges to enterprises worldwide. We take…

Cyclops Blink, an advanced modular botnet that is reportedly linked to the Sandworm or Voodoo Bear advanced persistent threat (APT)…

A conflict in cyberspace is unfolding parallel to the conflict between Russia and Ukraine on the ground. Cyberattacks are being…

Ukraine and Russia are involved in a conflict that escalated on February 24, 2022. Alongside the physical battles that are…

While it seems almost cliché now, we are living in unprecedented times. The global pandemic has forced organizations everywhere to…

PolKit, or PolicyKit, is a component that handles system-wide policies and authorizations in Unix and Unix-like operating systems (OS), allowing…

The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today….

Since mid-2021, we have been investigating a rather elusive threat actor called Earth Lusca that targets organizations globally via a…

What to Do About Log4j  Log4j poses some deep challenges to IT. In this article I’ll discuss some tactical measures…

Now that the reign of REvil has come to an end, it’s time to regroup and strategize. What can organizations…

The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging…

A vulnerability in Apache Log4j, a widely used logging package for Java has been found. The vulnerability, which can allow…

It is possible to consider misconfigurations as part of the growing pains when an organization moves to the cloud during…

Earlier this year, a security flaw identified as CVE-2021-41773 was disclosed to Apache HTTP Server Project, a path traversal and…

A total of 13 suspects believed to be members of two prolific cybercrime rings were arrested as a global coalition…

Cybercriminals have different motivations: for example, some malicious actors have disruptive political attacks as their objective, while others might be…

Trend Micro carried out a field test to shed light on the potential security risks involved with implementing Private 5G….

We all know the risk of a ransomware attack. Headlines of the latest victims might haunt the dreams of chief…

By Fyodor Yarochkin Additional insights by Janus Agcaoili, Byron Gelera, and Nikko Tamaña Ransomware as a service (RaaS) can be…

The prevalence and impact of modern ransomware attacks presented new challenges for decision makers in the first half of the…

Upon investigating activities of the XingLocker ransomware team, we found a relatively new and interesting business model that seems to…

Last July 2021, US President Joe Biden signed a memorandum on improving the US’s cybersecurity for critical infrastructure control systems….

Security leaders are finally coming to terms with the reality of today’s threat landscape. That means adopting a post-breach mentality…

IoT is a big security headache for a lot of reasons. By its very nature, these devices are untrusted. They…

Malware has increasingly been making use of encryption to help hide their network traffic in recent years. This makes sense…

By Richard Werner, Business Consultant On 15 September 2021, Microsoft announced the general availability of the passwordless account. As with…

As enterprises move toward the rest of the year, it is helpful to look back and learn from key cybersecurity…

Over the past two calendar years, we conducted research on the underground exploit market to learn more about the life…

The vast majority of the cloud environments are built using Linux as their foundation, and most of the major cloud…

Continuing our support to bring information that can help organizations minimize their risk of a cyber-attack, we’re pleased to share…

Introduction Modern technology has made managing large IT environments much less daunting compared to the past, when each endpoint had…

PrintNightmare is one of the latest set of exploits abused for the Print Spooler vulnerabilities that have been identified as…

In alignment with the acceleration of digital transformation, the use of open source code components is exploding thanks to the…

Information sharing has never been a challenge in the cybercrime underground. Threat actors routinely trade stolen data, best practices and…

Having covered TeamTNT in several of our blog entries over the past couple of years, we embarked on a research…

As an oft-quoted movie line asserts, “With great power comes great responsibility.” This can also be applied to securing technologies:…

Things aren’t getting any easier for your average IT security or cloud security buyer. The pandemic has exposed new security…

Comment by Richard Werner, Business Consultant at Trend Micro Over the July 4 U.S. National Day weekend, a cyberattack hit…

There is no longer an alternative for banks: Those who want to continue to play a role in the competition…

This entry aims to introduce and impress upon organizations the importance of proper secret management in today’s environments, as a…

The expedited move to digital transformation has been a lifeline for organizations during the pandemic. Rapid investments in cloud services,…

Threats are constantly evolving. They aim to gain access to your sensitive company system through your users. The video explains…

OT stands for Operational Technology. This refers to both hardware and software that control and monitor physical devices. The video…

By Janus Agcaoili, Miguel Ang, Earle Earnshaw, Byron Gelera, and Nikko Tamaña The incorporation of double extortion is a turning point in the ongoing evolution…

OT stands for Operational Technology. This refers to both hardware and software that control and monitor physical devices. The video…

It’s easy to forget that cybersecurity is fundamentally about people. Attacks are launched by threat actors, phishing emails are opened…

Ransomware actors have been a persistent threat for years, but they are still evolving. The wide adoption of advanced cybersecurity…

One year into the pandemic, our team at Trend Micro discussed the lasting impact that Covid-19 will have on people’s way of life and what a post-pandemic “new normal” might look like. The coronavirus has…

As we discussed in our previous blog, the DarkSide ransomware is targeting organizations in manufacturing, finance, and critical infrastructures in…

Workplace evolution is in favor of traditional siloes being torn down and replaced with increased cross-functional collaboration, working in lockstep…

Keeping secrets safe is key to keeping systems secure and preventing supply-chain attacks. Malicious actors often go after secrets in…

In connection with the upcoming “Women in Cyber Days Switzerland 2021“, Trend Micro’s Director of Technical Marketing Myla Pilao was…

The Trend Micro Zero Day Initiative (ZDI) again dominated the number of disclosed vulnerabilities for the 13th year in a…

Thanks to open source, you can meet business demands to build and deploy applications quickly—that’s why it sometimes makes up…

Original article Trend Micro The MITRE ATT&CK® knowledge base is an extremely valuable tool that helps drive advancement and alignment…

The global cybersecurity market was set to be worth nearly $124 billion by the end of 2020, according to Gartner….

Original article by Trend Micro As the value of data increases together with continuous discoveries about what can be done…

by Udo Schneider, IoT Security Evangelist Europe Many of today’s IoT devices, including those from well-known manufacturers, originate from a…

Original article by Jonn Perez, Sr. Director, Vulnerability Response (PSIRT) and Global Programs As a global security company, Trend Micro…

Original article Jaromir Horejsi, Joseph C Chen We investigated a number of websites with cracks and pirated software that start…

Original article Alvin Nieto, Mark Vicente, RonJay Caragay, Miguel Carlo Ang, McJustine De Guzman, Emmanuel Evangelista, Divina Chua, Marco Dela…

Original article Mayra Rosario Fuentes, Stephen Hilt, Robert McArdle, Fernando Merces, David Sancho, Threat Researchers The internet of things (IoT)…

Original article Trend Micro One of the secrets of Trend Micro’s long-lasting success is being constantly on the lookout for…

Original article Trend Micro               As an enterprise’s online infrastructures become more complex —…

  Even a current IT security solution does not guarantee 100 per cent protection. Our video explains why.   You…

by David Fiser The now-infamous Orion Solar Winds case caused a lot of noise in both the cybersecurity community and…

Original article: Trend Micro At least 30,000 organizations are already thought to have been attacked in the US, but the…

Original article Trend Micro In the midst of the COVID-19 pandemics, millions of people are now working from home around…

Original article: Federico Maggi, Senior Threat Researcher The use of audio-only social media apps such as ClubHouse, Riffr, Listen, Audlist,…

Original article: Trend Micro Research 2020 was a most unprecedented year given the circumstances under which it unfolded. The Covid-19…

Original article: Numaan Huq, Craig Gibson, Vladimir Kropotov, Rainer Vosseler Connected cars and the technologies that propel them continue to…

by Richard Werner, Business Consultant Once again, headlines about a spectacular attack have caught the world’s attention: A hacker had…

Original article Raphael Centeno, Monte de Jesus, Don Ovid Ladores, Junestherry Salvador, Nikko Tamana, Llalum Victoria Ransomware is in constant…

by Richard Werner, Business Consultant More and more companies are opting to use services from and with the help of…

Original article: Trend Micro Customers first: building out our Splunk partnership for a more secure 2021 The past 12 months…

Original article: Michael Suby, Research Vice President, Security and Trust, IDC The cybersecurity discipline entails data collection, analysis, and responding…

Like any other software, Linux is not free from security-related threats and risks. However, with Linux now prevalent as one…

Linux is now one of the most powerful operating systems prevalent on cloud platforms and servers worldwide. In fact, Linux…

By Marc Lanzendorfer, Threat Analyst Since October 2020, we saw an increase in the number of Gootkit cases targeting users…

By Jon Clay The Cyber Risk Index (CRI), launched three years ago by Trend Micro in conjunction with the independent…

By Trend Micro Research As the end of the year approaches, organisations need to shift their focus for 2021 to…

By Rik Ferguson, VP Security Research In 2012, Trend Micro was privileged to participate in a very exciting research project…

By Brandon Niemczyk (Security Researcher) “Can they be trusted?” One of the primary security problems one must solve in a container-based…