Tag: Trend Micro Research, News and Perspectives

Prevent BEC with AI-Powered Email and Collaboration

Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Prevent BEC with AI-Powered…

18X a Leader in Gartner Magic Quadrant for EPP

Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: 18X a Leader in…

Reduce Business Email Compromise with Collaboration

Here’s the latest Trend Vision One™ platform integration addressing the growing need for collaboration in business email security space. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Reduce Business Email Compromise with…

Embracing a risk-based cybersecurity approach with ASRM

Explore how a risk-based cybersecurity approach is critical to proactively stop dynamic, ever-evolving threats. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Embracing a risk-based cybersecurity approach with ASRM

Accelerating into 2024 with NEOM McLaren Formula E Team

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Accelerating into 2024 with NEOM McLaren Formula…

Build Cyber Resilience with Distributed Energy Systems

This post doesn’t have text content, please click on the link below to view the original article. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Build Cyber Resilience with Distributed Energy Systems

3 Strategic Insights from Cybersecurity Leader Study

Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Modern Attack Surface Management (ASM) for SecOps

Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management (ASM) and what SecOps need to look for in an ASM solution. This article has been indexed from Trend Micro Research, News and…

How the EU Cyber Resilience Act Impacts Manufacturers

EU’s Cyber Resilience Act urges vendors to embrace security-by-design, establishing standards in global tech protocols. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How the EU Cyber Resilience Act Impacts Manufacturers

Web Security Expands into Secure Service Edge (SSE)

Trend has been securing web access for over a decade with forward-looking innovation and a global footprint to support our customer’s security strategy. We are committed to our customers’ journey of transforming their current security posture, aligning with Zero Trust…

Accelerating into 2024 with NEOM McLaren Formula E Team

Learn more about how Trend is engineering innovation and resiliency with NEOM McLaren Formula E Team in 2024 and beyond. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Accelerating into 2024 with…

Modern Attack Surface Management for Cloud Teams

Today’s attack surface requires modern processes and security solutions. Explore the tenants of modern attack surface management (ASM) and what Cloud teams need to look for in an ASM solution. This article has been indexed from Trend Micro Research, News…

Accelerating Security Risk Management

In response to the expanding attack surface, Mike Milner, Trend Micro VP of Cloud Technology, explores the role security risk management plays in this new era of cybersecurity and how IT leaders are accelerating innovation. This article has been indexed…

ALPHV/BlackCat Take Extortion Public

Learn more about ALPHV filing a complaint with the Security and Exchange Commission (SEC) against their victim, which appears to be an attempt to influence MeridianLink to pay the ransom sooner than later. This article has been indexed from Trend…

Against the Clock: Cyber Incident Response Plan

Conventional wisdom says most organizations will experience a cybersecurity breach at some point—if they haven’t already. That makes having a ready-to-launch incident response process crucial when an attack is detected, as this fictionalized scenario shows. This article has been indexed…

Implementing Zero Trust: 5 Key Considerations

When implementing a Zero Trust strategy and selecting a solution to safeguard your company against cyber risk, there are many factors to consider. Five key areas include Visibility and Analytics, Automation and Orchestration, Central Management, Analyst Experience, and Pricing Flexibility…

Zero Day Threat Protection for Your Network

Explore the world of zero day threats and gain valuable insight into the importance of proactive detection and remediation. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Zero Day Threat Protection for…

Securing Cloud Infrastructure Demands a New Mindset

Rising attacks on cloud infrastructure and services have created a ‘shared fate’ scenario for cloud providers and users, where a successful breach means everybody loses. Fresh thinking and closer collaboration can help avoid that outcome and better protect public cloud…

Securing Cloud Infrastructure Demands a New Mindset

Rising attacks on cloud infrastructure and services have created a ‘shared fate’ scenario for cloud providers and users, where a successful breach means everybody loses. Fresh thinking and closer collaboration can help avoid that outcome and better protect public cloud…

APT34 Deploys Phishing Attack With New Malware

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an…

AWS Graviton Use Cases

Discover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton. This article has been indexed…

Cybersecurity Awareness Month 2023: 4 Actionable Tips

Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cybersecurity Awareness Month…

Examining the Activities of the Turla APT Group

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group. This article has been indexed from Trend…

Attacks on 5G Infrastructure From Users’ Devices

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations…

Unsung Hero in Cyber Risk Management

Behind the scenes of the world of vulnerability intelligence and threat hunting This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Unsung Hero in Cyber Risk Management

Protect CNC Machines in Networked IT/OT Environments

Networking IT/OT environments is a bit like walking a tightrope, balancing the pursuit of intelligence and efficiency against the risks of exposing OT systems to the wider world. Trend Micro recently teamed up with global machine tool company Celada to…

Biden National Cybersecurity Strategy Key Takeaways

Major changes are underway, with new rules for federal agencies and updated requirements for public-private partnerships. We discuss the implementation plans for the strategy’s first two pillars: defend critical infrastructure and disrupt and dismantle threat actors. This article has been…

3 Strategic Insights from Cybersecurity Leader Study

Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

RedLine/Vidar Abuses EV Certificates, Shifts to Ransomware

In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method. This article has been indexed from Trend Micro Research, News and…

Azure vs. AWS Developer Tools Guide

Azure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

How Zero Trust and XDR Work Together

As the Zero Trust approach gains momentum, more organizations are looking to apply it to their security strategy. Learn how XDR and Zero Trust work together to enhance your security posture. This article has been indexed from Trend Micro Research,…

Analyzing a Facebook Profile Stealer Written in Node.js

We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication. This article has been indexed from Trend…

Revisiting 16shop Phishing Kit, Trend-Interpol Partnership

In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.…

IT & OT security: How to Bridge the Gap

Connecting IT and OT environments can give industrial organizations powerful efficiencies, but it also introduces cybersecurity challenges. A new Trend Micro/SANS Institute report gets at the heart of those IT and OT security issues—and how to address them. This article…

Earth Estries Targets Government, Tech for Cyberespionage

We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments…

4 Popular Cybersecurity Myths vs. Facts

Any cybersecurity approach is only as strong as its underlying assumptions. What happens when those assumptions are wrong? Find out where confusion about cybersecurity facts can lead organizations astray. This article has been indexed from Trend Micro Research, News and…

How to Protect Your CI/CD Pipeline

Continuous integration and continuous delivery/deployment (CI/CD) has won over app developers, with enterprise cybersecurity teams on the hook to protect CI/CD pipelines. OWASP’s Top 10 CI/CD Security Risks clarify what to watch for. This article has been indexed from Trend…

OT and IT Visibility and Efficiency Barriers

Learn the common OT and IT visibility and efficiency barriers, as well as how to get around them. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: OT and IT Visibility and Efficiency…

Profile Stealers Spread via LLM-themed Facebook Ads

In this entry, we discuss how a threat actor abuses paid Facebook promotions featuring LLMs to spread malicious code, with the goal of installing a malicious browser add-on and stealing victims’ credentials. This article has been indexed from Trend Micro…

Ex-USSS CISO Explains Agencies’ Struggle with Biden EO

Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden’s cybersecurity executive order. This article has been indexed from Trend Micro Research, News…

The Current Security State of Private 5G Networks

Private 5G networks offer businesses enhanced security, reliability, and scalability. Learn more about why private 5G could be the future of secure networking. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: The…

5 Types of Cyber Crime Groups

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy. This article has been indexed…

How to Build a Simple Application Powered by ChatGPT

OpenAI’s ChatGPT API enables applications to access and integrate ChatGPT, a large language model (LLM) that generates human-like responses to input. Learn how to build a web application that utilizes ChatGPT to generate useful output. This article has been indexed…

Monti Ransomware Unleashes a New Encryptor for Linux

The Monti ransomware collective has restarted their operations, focusing on institutions in the legal and governmental fields. Simultaneously, a new variant of Monti, based on the Linux platform, has surfaced, demonstrating notable differences from its previous Linux-based versions. This article…

TargetCompany Ransomware Abuses FUD Obfuscator Packers

In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Latest Batloader Campaigns Use Pyarmor Pro for Evasion

In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Break IT/OT Silos by Expanding SOC Responsibilities

The latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

7 Container Security Best Practices For Better Apps

Explore how to implement 7 container security best practices within a CI/CD pipeline built with tools from Amazon Web Services (AWS). This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: 7 Container Security…

Tech Consolidation – How and When?

Streamlining IT for business optimal business performance This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Tech Consolidation – How and When?

4 Generative AI Security Benefits

It may be some time before generative AI security can autonomously mitigate cyber threats, but we’re already seeing early examples of how AI models can strengthen enterprise cybersecurity in powerful and transformative ways. This article has been indexed from Trend…

How a Cyber Security Platform Addresses the 3 “S”

Explore how a security platform can help organizations address the 3 “S” impacting cybersecurity: stealth, sustainability, and shortage. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How a Cyber Security Platform Addresses…

How to Leverage AWS Performance Efficiency Pillar

Explore the Performance Efficiency pillar of the AWS Well-Architected Framework and discover how to create performance efficiency in the compute, storage, database, and network elements of cloud infrastructures. This article has been indexed from Trend Micro Research, News and Perspectives…

Security Patch Management Strengthens Ransomware Defense

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management. This article has been indexed from Trend Micro Research, News…

AWS Reliability Pillar: Consistent Cloud Architecture

Gain insight into the Reliability pillar of the AWS Well-Architected Framework and best practices for cloud-based operations, including change management and disaster recovery. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: AWS…

The XDR Payoff: Better Security Posture

As the extended detection and response (XDR) market grows and evolves, it’s a great opportunity to learn about the positive outcomes like better security posture experienced by organizations that have invested in these capabilities. This article has been indexed from…

Taking the Fight to the Cyber-Criminals

Trend Micro and INTERPOL collaborate to create a safer digital world This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Taking the Fight to the Cyber-Criminals

Detecting BPFDoor Backdoor Variants Abusing BPF Filters

An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Intrusion Detection & Prevention Systems Guide

IDPS, IDS, IPS… what’s the difference? Discover key differences between intrusion detection and prevention systems as well as 9 technical and non-technical questions to ask when evaluating vendors. This article has been indexed from Trend Micro Research, News and Perspectives…

Hunting for A New Stealthy Universal Rootkit Loader

In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module. This article has been…

Four Must-haves to Strengthen Your Endpoint Security

To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Four Must-haves…

How to Achieve AWS Operational Excellence in Your Cloud Workload

Explore the Operational Excellence pillar of the AWS Well-Architected Framework and examine best practices and design principles for cloud-based security operations, including CI/CD and risk management. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Human vs Machine Identity Risk Management

In today’s business world’s dynamic and ever-changing digital landscape, organizations encounter escalating security challenges that demand a more business-friendly and pertinent approach. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Human vs…

How to Reach Compliance with HIPAA

Explore how to fulfil HIPAA compliance standards without friction This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How to Reach Compliance with HIPAA

How to Implement a Secure API Gateway

As you rely more on APIs to connect microservices in modern applications, these APIs become a lucrative target for bad actors. Learn how an API gateway provides an extra layer of security, helping protect your systems and data from unauthorized…

GraphQL vs gRPC: Which One Creates More Secure APIs?

Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API frameworks and how to prevent them. This article has been indexed from…

Decrypting Cyber Risk Quantification

Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Decrypting Cyber Risk Quantification

Insight on Vulnerabilities in MOVEit Transfer

Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Insight on Vulnerabilities…

SeroXen Incorporates Latest BatCloak Engine Iteration

We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series…

Attack Surface Management Strategies

As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. We explore how proactive cyber risk management can help harden your defenses and reduce the likelihood of an attack or breach. This article has…

To Fight Cyber Extortion and Ransomware, Shift Left

How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm. This article has been indexed from Trend…

Ransomware Insurance: Security Strategies to Obtain Coverage

Ransomware accounts for 75% of all cyber insurance claims, yet 40% of business currently lack the coverage needed. Discover security strategies to help you meet ransomware insurance requirements. This article has been indexed from Trend Micro Research, News and Perspectives…

Analyzing the FUD Malware Obfuscation Engine BatCloak

We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities. This article has been indexed from Trend Micro Research, News and Perspectives Read…