Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year
https://www.trendmicro.com/en_us/research/24/e/poll-security.html
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.
https://www.trendmicro.com/en_us/research/24/e/router-roulette.html
In this blog entry, we discuss Trend Micro's contributions to an Interpol-coordinated operation to help Brazilian and Spanish law enforcement agencies analyze malware samples of the Grandoreiro b...
https://www.trendmicro.com/en_us/research/24/d/multipronged-network-defense.html
Delve into the crucial practice of file scanning within uploader applications, and learn defensive measures to safeguards against malicious threats like malware.
https://www.trendmicro.com/en_us/research/24/d/file-scan-before-upload.html
Learn how far cybersecurity has come from scattered resources to consolidation the future.
https://www.trendmicro.com/en_us/research/24/d/cybersecurity-consolidated.html
Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of it...
https://www.trendmicro.com/en_us/research/24/d/fileless-malware-attack-solution.html
Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within netwo...
https://www.trendmicro.com/en_us/research/24/d/red-team-exercises-examples.html
Our blog entry provides an in-depth analysis of Earth Hundun's Waterbear and Deuterbear malware.
https://www.trendmicro.com/en_us/research/24/d/earth-hundun-waterbear-deuterbear.html
Explore how a cybersecurity platform with attack surface management and runtime protection capabilities can enhance your cloud security posture.
https://www.trendmicro.com/en_us/research/24/d/cloud-security-platform.html
Our new article provides key highlights and takeaways from Operation Cronos' disruption of LockBit's operations, as well as telemetry details on how LockBit actors operated post-disruption.
https://www.trendmicro.com/en_us/research/24/d/operation-cronos-aftermath.html
This article provides an in-depth look into two techniques used by Earth Freybug actors: dynamic-link library (DLL) hijacking and application programming interface (API) unhooking to prevent chil...
https://www.trendmicro.com/en_us/research/24/d/earth-freybug.html
This blog entry discusses the Agenda ransomware group's use of its latest Rust variant to propagate to VMWare vCenter and ESXi servers.
On February 26, 2024, the National Institute of Standards and Technology (NIST) released the official 2.0 version of the Cyber Security Framework (CSF).
https://www.trendmicro.com/en_us/research/24/c/nist-cybersecurity-framework-2024.html
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Jenkins, a popular open-source automation server, was discovered to be affected by a file read vulnerability, CVE-2024-23897.
https://www.trendmicro.com/en_us/research/24/c/cve-2024-23897.html
ENISA Report Unveils a Complex Cyber Landscape
https://www.trendmicro.com/en_us/research/24/c/enisa-report-dos-attack-classifications.html
Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and A...
https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html
In addition to our Water Hydra APT zero day analysis, the Zero Day Initiative (ZDI) observed a DarkGate campaign which we discovered in mid-January 2024 where DarkGate operators exploited CVE-202...
Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations.
https://www.trendmicro.com/en_us/research/24/c/rpa-al-ml-use-cases-HUD.html
Explore two RPA and AI/ML use cases at HUD during the operational challenges of the longest US Government shutdown, a rigid legacy IT environment, and complex federal regulations.
https://www.trendmicro.com/en_us/ciso/24/c/rpa-al-ml-use-cases-HUD.html
This blog entry will examine Trend Micro MDR team's investigation that successfully uncovered the intrusion sets employed by Earth Kapre in a recent incident, as well as how the team leveraged th...
The Trend Micro threat hunting team came across an RA World attack involving multistage components designed to ensure maximum impact.
https://www.trendmicro.com/en_us/research/24/c/multistage-ra-world-ransomware.html
Overworked CISOs are struggling to deliver the cybersecurity results their organizations expect. Fortunately, there are concrete and practical ways they can make their lives easier—while managi...
https://www.trendmicro.com/en_us/ciso/23/i/managing-cyber-risk.html
This blog entry gives a detailed analysis of these recent ScreenConnect vulnerabilities. We also discuss our discovery of threat actor groups, including Black Basta and Bl00dy Ransomware gangs, t...
During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets.
This research is the result of our collaboration with the National Crime Agency in the United Kingdom, who took action against LockBit as part of Operation Cronos, an international effort resulti...
Trend and other private entities recently contributed to INTERPOL’s Operation Synergia, a global operation that successfully took down over 1,000 C&C servers and identified suspects related to ...
The landscape of cybersecurity is continuously evolving, with new threats emerging and the roles and responsibilities of security professionals constantly adapting.
https://www.trendmicro.com/en_us/research/24/b/sans-2023-soc-report.html
Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies.
https://www.trendmicro.com/en_us/ciso/24/b/digital-transformation-ai-rpa.html
Explore the first article in this series about AI, ML, and RPA, which aims to demystify and explore the full spectrum of these core technologies.
https://www.trendmicro.com/en_us/research/24/b/digital-transformation-ai-rpa.html
In this blog entry, we focus on Earth Preta's campaign that employed a variant of the DOPLUGS malware to target Asian countries.
https://www.trendmicro.com/en_us/research/24/b/earth-preta-campaign-targets-asia-doplugs.html
Discover how to strategically present security controls to the board to better manage cyber risk.
https://www.trendmicro.com/en_us/ciso/24/b/cyber-risk-management-boardroom-security.html
This entry aims to provide additional context to CVE-2024-21412, how it can be used by threat actors, and how Trend protects customers from this specific vulnerability.
https://www.trendmicro.com/en_us/research/24/b/cve-2024-21412-facts-and-fixes.html
The APT group Water Hydra has been exploiting the Microsoft Defender SmartScreen vulnerability (CVE-2024-21412) in its campaigns targeting financial market traders. This vulnerability, which has ...
Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.
https://www.trendmicro.com/en_us/research/24/b/global-security-trends-2024.html
Trend Micro’s Chief Technology Strategy Officer discusses the biggest cybersecurity trends and what to watch for in 2024.
https://www.trendmicro.com/en_us/ciso/24/b/global-security-trends-2024.html
After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks - learn what generative AI means for cybersecurity in...
https://www.trendmicro.com/en_us/ciso/24/b/generative-ai-cybersecurity-2024.html
After a full year of life with ChatGPT cybersecurity experts have a clearer sense of how criminals are using generative AI to enhance attacks - learn what generative AI means for cybersecurity in...
https://www.trendmicro.com/en_us/research/24/b/generative-ai-cybersecurity-2024.html
A finance worker in Hong Kong was tricked by a deepfake video conference. The future of defending against deepfakes is as much as human challenge as a technological one.
https://www.trendmicro.com/en_us/research/24/b/deepfake-video-calls.html
In this blog entry, we discuss CVE-2023-22527, a vulnerability in Atlassian Confluence that has a CVSS score of 10 and could allow threat actors to perform remote code execution.
Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the clou...
https://www.trendmicro.com/en_us/research/24/b/unify-cloud-security.html
Attacks don’t stay in siloes, and neither should your security solutions. Explore the benefits of a cybersecurity platform that consolidates security across multiple layers—including the clou...
https://www.trendmicro.com/en_us/ciso/24/b/unify-cloud-security.html
Learn how hackers are getting smarter, ruder, meaner, and sneakier and what to do about it with this overview of cybersecurity trends in 2024.
https://www.trendmicro.com/en_us/ciso/24/a/cybersecurity-trends-2024.html
Based on our estimates, from approximately April 2022 until November 2023, Pawn Storm attempted to launch NTLMv2 hash relay attacks through different methods, with huge peaks in the number of tar...
https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth.html
Latest Trend Vision One™ platform integration addresses growing need for streamlined IT and security operations across email and messaging environments.
https://www.trendmicro.com/en_us/research/24/a/bec-security-enhancements.html
In this blog, we detail our investigation of the Kasseika ransomware and the indicators we found suggesting that the actors behind it have acquired access to the source code of the notorious Blac...
Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms.
https://www.trendmicro.com/en_us/research/24/a/endpoint-gartner-magic-quadrant-2024.html
Explore why Trend Micro is recognized—for the 18th time—as a Leader in the Gartner Magic Quadrant for Endpoint Protection Platforms.
https://www.trendmicro.com/en_us/ciso/24/a/endpoint-gartner-magic-quadrant-2024.html
The overlooked vulnerability with real impacts
https://www.trendmicro.com/en_us/research/24/a/ivanti-zero-day-threat-protection.html