Tag: Trend Micro Research, News and Perspectives

We observed and tracked the advanced persistent threat (APT) APT34 group with a new malware variant accompanying a phishing attack comparatively similar to the SideTwist backdoor malware. Following the campaign, the group abused a fake license registration form of an…

Read more →

Discover how AWS Graviton’s optimized processors help provide a superior price-performance ratio. Available for AWS-managed services, you’ll gain insight on strategies, use cases, and insight on how to get the most out of AWS Graviton. This article has been indexed…

Read more →

Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cybersecurity Awareness Month…

Read more →

We examine the campaigns of the cyberespionage group known as Turla over the years, with a special focus on the key MITRE techniques and the corresponding IDs associated with the threat actor group. This article has been indexed from Trend…

Read more →

This blog entry details a scheme that exploits the recent Morocco earthquake by impersonating the domain name of a well-known humanitarian organization for financial fraud. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

Crafted packets from cellular devices such as mobile phones can exploit faulty state machines in the 5G core to attack cellular infrastructure. Smart devices that critical industries such as defense, utilities, and the medical sectors use for their daily operations…

Read more →

Behind the scenes of the world of vulnerability intelligence and threat hunting This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Unsung Hero in Cyber Risk Management

Read more →

Networking IT/OT environments is a bit like walking a tightrope, balancing the pursuit of intelligence and efficiency against the risks of exposing OT systems to the wider world. Trend Micro recently teamed up with global machine tool company Celada to…

Read more →

While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and SOCKS…

Read more →

Major changes are underway, with new rules for federal agencies and updated requirements for public-private partnerships. We discuss the implementation plans for the strategy’s first two pillars: defend critical infrastructure and disrupt and dismantle threat actors. This article has been…

Read more →

Explore the results of a Sapio Research survey commissioned by Trend Micro about how CISOs and other technology leaders are overcoming today’s biggest challenges. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

In this blog, we investigate how threat actors used information-stealing malware with EV code signing certificates and later delivered ransomware payloads to its victims via the same delivery method. This article has been indexed from Trend Micro Research, News and…

Read more →

Azure vs. AWS — which should you use for your DevOps environment? Discover the differences, similarities, and use cases to make an informed decision. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

Discover what the increased regulatory risk due to recent US and UK sanctions imposed on TrickBot and Conti cybercriminals mean for CISOs and board members. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

As the Zero Trust approach gains momentum, more organizations are looking to apply it to their security strategy. Learn how XDR and Zero Trust work together to enhance your security posture. This article has been indexed from Trend Micro Research,…

Read more →

We analyze an information stealer written in Node.js, packaged into an executable, exfiltrated stolen data via both Telegram bot API and a C&C server, and employed GraphQL as a channel for C&C communication. This article has been indexed from Trend…

Read more →

In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.…

Read more →

Connecting IT and OT environments can give industrial organizations powerful efficiencies, but it also introduces cybersecurity challenges. A new Trend Micro/SANS Institute report gets at the heart of those IT and OT security issues—and how to address them. This article…

Read more →

We break down a new cyberespionage campaign deployed by a cybercriminal group we named Earth Estries. Analyzing the tactics, techniques, and procedures (TTPs) employed, we observed overlaps with the advanced persistent threat (APT) group FamousSparrow as Earth Estries targets governments…

Read more →

Any cybersecurity approach is only as strong as its underlying assumptions. What happens when those assumptions are wrong? Find out where confusion about cybersecurity facts can lead organizations astray. This article has been indexed from Trend Micro Research, News and…

Read more →

Continuous integration and continuous delivery/deployment (CI/CD) has won over app developers, with enterprise cybersecurity teams on the hook to protect CI/CD pipelines. OWASP’s Top 10 CI/CD Security Risks clarify what to watch for. This article has been indexed from Trend…

Read more →

Learn the common OT and IT visibility and efficiency barriers, as well as how to get around them. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: OT and IT Visibility and Efficiency…

Read more →

In this entry, we discuss how a threat actor abuses paid Facebook promotions featuring LLMs to spread malicious code, with the goal of installing a malicious browser add-on and stealing victims’ credentials. This article has been indexed from Trend Micro…

Read more →

Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, explains why Federal agencies are slow to comply with Biden’s cybersecurity executive order. This article has been indexed from Trend Micro Research, News…

Read more →

Private 5G networks offer businesses enhanced security, reliability, and scalability. Learn more about why private 5G could be the future of secure networking. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: The…

Read more →

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy. This article has been indexed…

Read more →

OpenAI’s ChatGPT API enables applications to access and integrate ChatGPT, a large language model (LLM) that generates human-like responses to input. Learn how to build a web application that utilizes ChatGPT to generate useful output. This article has been indexed…

Read more →

The Monti ransomware collective has restarted their operations, focusing on institutions in the legal and governmental fields. Simultaneously, a new variant of Monti, based on the Linux platform, has surfaced, demonstrating notable differences from its previous Linux-based versions. This article…

Read more →

In this blog entry, we will provide details on Rhysida, including its targets and what we know about its infection chain. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: An Overview of…

Read more →

One of the key pillars of the AWS Well-Architected Framework (WAF) is sustainability: the idea that cloud applications should be designed to minimize their environmental impact. Gain insight into the WAF sustainability pillar and discover best practices for architecting your…

Read more →

In this entry, we detail our analysis of how the TargetCompany ransomware abused an iteration of fully undetectable (FUD) obfuscator engine BatCloak to infect vulnerable systems. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

In June 2023, Trend Micro observed an upgrade to the evasion techniques used by the Batloader initial access malware, which we’ve covered in previous blog entries. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

The latest study said that enterprise SOCs are expanding their responsibilities to the OT domain, but major visibility and skills-related challenges are causing roadblocks. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

Explore how to implement 7 container security best practices within a CI/CD pipeline built with tools from Amazon Web Services (AWS). This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: 7 Container Security…

Read more →

Streamlining IT for business optimal business performance This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Tech Consolidation – How and When?

Read more →

It may be some time before generative AI security can autonomously mitigate cyber threats, but we’re already seeing early examples of how AI models can strengthen enterprise cybersecurity in powerful and transformative ways. This article has been indexed from Trend…

Read more →

Trend Micro’s Mobile Application Reputation Service (MARS) team discovered two new related Android malware families involved in cryptocurrency-mining and financially-motivated scam campaigns targeting Android users. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

Explore how a security platform can help organizations address the 3 “S” impacting cybersecurity: stealth, sustainability, and shortage. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How a Cyber Security Platform Addresses…

Read more →

Explore the Performance Efficiency pillar of the AWS Well-Architected Framework and discover how to create performance efficiency in the compute, storage, database, and network elements of cloud infrastructures. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management. This article has been indexed from Trend Micro Research, News…

Read more →

Gain insight into the Reliability pillar of the AWS Well-Architected Framework and best practices for cloud-based operations, including change management and disaster recovery. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: AWS…

Read more →

As the extended detection and response (XDR) market grows and evolves, it’s a great opportunity to learn about the positive outcomes like better security posture experienced by organizations that have invested in these capabilities. This article has been indexed from…

Read more →

Trend Micro and INTERPOL collaborate to create a safer digital world This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Taking the Fight to the Cyber-Criminals

Read more →

We recently found that an MSI installer built by the National Information Technology Board (NITB), a Pakistani government entity, delivered a Shadowpad sample, suggesting a possible supply-chain attack. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

An analysis of advanced persistent threat (APT) group Red Menshen’s different variants of backdoor BPFDoor as it evolves since it was first documented in 2021. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…

Read more →

IDPS, IDS, IPS… what’s the difference? Discover key differences between intrusion detection and prevention systems as well as 9 technical and non-technical questions to ask when evaluating vendors. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

In this entry, we discuss the findings of our investigation into a piece of a signed rootkit, whose main binary functions as a universal loader that enables attackers to directly load a second-stage unsigned kernel module. This article has been…

Read more →

We analyze the technical details of a new ransomware family named Big Head. In this entry, we discuss the Big Head ransomware’s similarities and distinct markers that add more technical details to initial reports on the ransomware. This article has…

Read more →

To combat complexity and achieve optimal security outcomes, there are four key factors an organization should consider when evaluating their endpoint security. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Four Must-haves…

Read more →

Since its initial release in late 2022, the AI-powered text generation tool known as ChatGPT has been experiencing rapid adoption rates from both organizations and individual users. However, its latest feature, known as Shared Links, comes with the potential risk…

Read more →

Explore the Operational Excellence pillar of the AWS Well-Architected Framework and examine best practices and design principles for cloud-based security operations, including CI/CD and risk management. This article has been indexed from Trend Micro Research, News and Perspectives Read the…

Read more →

We found that malicious actors used malvertising to distribute malware via cloned webpages of legitimate organizations. The distribution involved a webpage of the well-known application WinSCP, an open-source Windows application for file transfer. We were able to identify that this…

Read more →

In today’s business world’s dynamic and ever-changing digital landscape, organizations encounter escalating security challenges that demand a more business-friendly and pertinent approach. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Human vs…

Read more →

Explore how to fulfil HIPAA compliance standards without friction This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How to Reach Compliance with HIPAA

Read more →

The Trigona ransomware is a relatively new ransomware family that began activities around late October 2022 — although samples of it existed as early as June 2022. Since then, Trigona’s operators have remained highly active, and in fact have been…

Read more →

As you rely more on APIs to connect microservices in modern applications, these APIs become a lucrative target for bad actors. Learn how an API gateway provides an extra layer of security, helping protect your systems and data from unauthorized…

Read more →

In this blog post, we discuss different configuration scenarios that may lead to security issues with Azure Service Fabric, a distributed platform for deploying, managing, and scaling microservices and container applications. This article has been indexed from Trend Micro Research,…

Read more →

Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API frameworks and how to prevent them. This article has been indexed from…

Read more →

Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Decrypting Cyber Risk Quantification

Read more →

Ongoing developments on this topic will be added to this thread. We invite you to bookmark this page and check back. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Insight on Vulnerabilities…

Read more →

We looked into the documented behavior of SeroXen malware and noted the inclusion of the latest iteration of the batch obfuscation engine BatCloak to generate a fully undetectable (FUD) .bat loader. This is the second part of a three-part series…

Read more →

As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. We explore how proactive cyber risk management can help harden your defenses and reduce the likelihood of an attack or breach. This article has…

Read more →

Discover how Companion can help upgrade SOC efficiency and elevate your team to reach their full potential. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Meet Your New AI Assistant: Introducing Trend…

Read more →

How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm. This article has been indexed from Trend…

Read more →

This blog entry discusses the more technical details on the most recent tools, techniques, and procedures (TTPs) leveraged by the Earth Preta APT group, and tackles how we were able to correlate different indicators connected to this threat actor. This…

Read more →

Ransomware accounts for 75% of all cyber insurance claims, yet 40% of business currently lack the coverage needed. Discover security strategies to help you meet ransomware insurance requirements. This article has been indexed from Trend Micro Research, News and Perspectives…

Read more →

We look into BatCloak engine, its modular integration into modern malware, proliferation mechanisms, and interoperability implications as malicious actors take advantage of its fully undetectable (FUD) capabilities. This article has been indexed from Trend Micro Research, News and Perspectives Read…

Read more →

Discover the power of serverless architecture design patterns for scalable and efficient application development. Explore EDA, pub-sub, fan-out/fan-in, strangler, and saga patterns. Learn how to select, implement, and optimize them for your needs. This article has been indexed from Trend…

Read more →

With the continued expansion of your attack surface, cybersecurity compliance has become more important than ever. Gain an overview of the most popular compliance standards, including HIPAA, NIST, ISO, and PCI DSS, to safeguard your business against potential risks. This…

Read more →

This article explores the benefits of event-driven architecture for developers and best practices for mitigating security concerns. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Event-Driven Architecture & the Security Implications

Read more →

New technologies always change the security landscape, but few are likely to have the transformative power of generative AI. As platforms like ChatGPT continue to catch on, CISOs need to understand the unprecedented cybersecurity risks they bring—and what to do…

Read more →

In this blog entry, we analyze BlackSuit ransomware and how it compares to Royal Ransomware. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Investigating BlackSuit Ransomware’s Similarities to Royal

Read more →

Void Rabisu, a malicious actor believed to be associated with the RomCom backdoor, was thought to be driven by financial gain because of its ransomware attacks. But in this blog entry, we discuss how the use of the RomCom backdoor…

Read more →

This is an analysis of Bandit Stealer, a new Go-based information-stealing malware capable of evading detection as it targets multiple browsers and cryptocurrency wallets. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…

Read more →

This blog entry features three case studies that show how malicious actors evade the antispam, antibot, and antiabuse measures of online web services via residential proxies and CAPTCHA-breaking services. This article has been indexed from Trend Micro Research, News and…

Read more →

Conventional wisdom says most organizations will experience a cybersecurity breach at some point—if they haven’t already. That makes having a ready-to-launch incident response process crucial when an attack is detected, as this fictionalized scenario shows. This article has been indexed…

Read more →

In this blog entry, we will examine the security risks related to file extension-related Top-Level Domains (TLDs) while also providing best practices and recommendations on how both individual users and organizations can protect themselves from these hazards. This article has…

Read more →

In this blog post, we will provide details on a BlackCat ransomware incident that occurred in February 2023, where we observed a new capability, mainly used for the defense evasion phase. This article has been indexed from Trend Micro Research,…

Read more →

This is the first part of our security analysis of an information stealer targeting GitHub Codespaces (CS) that discusses how attackers can abuse these cloud services for a variety of malicious activities. This article has been indexed from Trend Micro…

Read more →

In response to the expanding attack surface, Mike Milner, Trend Micro VP of Cloud Technology, explores the role security risk management plays in this new era of cybersecurity and how IT leaders are accelerating innovation. This article has been indexed…

Read more →

An overview of the Lemon Group’s use of preinfected mobile devices, and how this scheme is potentially being developed and expanded to other internet of things (IoT) devices. This research was presented in full at the Black Hat Asia 2023…

Read more →

We observed the threat actor group known as “8220 Gang” employing new strategies for their respective campaigns, including exploits for the Linux utility “lwp-download” and CVE-2017-3506, an Oracle WebLogic vulnerability. This article has been indexed from Trend Micro Research, News…

Read more →

Water Orthrus has been active recently with two new campaigns. CopperStealth uses a rootkit to install malware on infected systems, while CopperPhish steals credit card information. This blog will provide the structure of the campaign and how they work. This…

Read more →

We’ve been observing malicious advertisement campaigns in Google’s search engine with themes that are related to AI tools such as Midjourney and ChatGPT. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Malicious…

Read more →

Discover how a platform approach can best assist and support security operations teams with a cyber risk management so you can be more resilient with less resources. This article has been indexed from Trend Micro Research, News and Perspectives Read…

Read more →

Data exposure from SaaS and cloud applications is an increasing risk factor facing businesses today. Discover how SASE capabilities can help prevent data exfiltration, achieve zero trust, and reduce cyber risk across the attack surface. This article has been indexed…

Read more →

How can organizations defend themselves more effectively against ransomware and other forms of cyber extortion? By “shifting left” and adopting proactive cybersecurity strategies to detect attacks sooner, mitigating breaches before they cause harm. This article has been indexed from Trend…

Read more →

After months of dormancy, Earth Longzhi, a subgroup of advanced persistent threat (APT) group APT41, has reemerged using new techniques in its infection routine. This blog entry forewarns readers of Earth Longzhi’s resilience as a noteworthy threat. This article has…

Read more →

In March and April 2023, we observed a type of ransomware targeting its victims via a minimalistic approach with tools that leave only a minimal footprint behind. Our findings revealed many of the preparations made by the perpetrators and how…

Read more →

You may wonder if you should choose SSL or TLS to secure your network. Explore the differences between the two communications protocols, use cases where you should choose one or the other, and best practices for using SSL and TLS.…

Read more →

Two vulnerabilities in PaperCut have been found, and one of them is being actively exploited in the wild. This blog entry provides a summary of the vulnerabilities, and includes security guidance for IT and SOC professionals. This article has been…

Read more →

On the fence about migrating to the cloud because security seems complex and abstract? Let go of your on-premises point products and discover how a platform with enhanced cloud visibility can help smooth out your cloud journey. This article has…

Read more →

We observed cryptocurrency and information stealer ViperSoftX evading initial loader detection and making its lure more believable by making the initial package loader via cracks, keygens, activators, and packers non-malicious. We also noted more sophisticated encryption and basic anti-analysis techniques,…

Read more →

Learn how to counteract the top five challenges of infrastructure as code (IaC) and discover how these obstacles pose a threat to security and gain valuable insight in how to mitigate these risks. This article has been indexed from Trend…

Read more →

Discover how cybersecurity leaders and decision makers can leverage cyber threat intelligence to increase security posture and reduce risk. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cyber Threat Intelligence: The Power…

Read more →

This blog post analyzes a stealthy and expeditious ransomware called BabLock (aka Rorschach), which shares many characteristics with LockBit. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: An Analysis of the BabLock…

Read more →

Discover the five main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, crowd sourcing, and phishing as a service as well as tips to strengthen your defense strategy. This article has been indexed…

Read more →

Discover the differences between CIEM, CWPP, and CSPM and how to use them individually or in conjunction. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: CIEM vs CWPP vs CSPM Use Cases

Read more →