Cloud object storage is a core component of any modern application, but most cloud file storage security is insufficient.
https://www.trendmicro.com/en_us/research/22/h/protect-s3-malware.html
While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysi...
Explore the top patch management best practices to mitigate the growing threat of vulnerability exploits in your organization.
https://www.trendmicro.com/en_us/ciso/22/h/patch-management-process-best-practices.html
This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applica...
In the final part of our series, we look at the APT33 case study and several recommendations from our expert team.
https://www.trendmicro.com/en_us/research/22/h/oil-gas-cybersecurity-recommendations-part-3.html
We found APT group Iron Tiger's malware compromising chat application Mimi’s servers in a supply chain attack.
This article explores event-driven architecture (EDA) with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best pract...
https://www.trendmicro.com/en_us/devops/22/h/event-driven-architecture-security.html
In part two of our oil and gas series, we look at more threats that can expose the industry to cyberattacks.
https://www.trendmicro.com/en_us/research/22/h/oil-gas-cybersecurity-threats-part-2.html
Explore 5 security considerations in-line with cyber insurance requirements to renew or obtain a policy while reducing your cyber risk.
https://www.trendmicro.com/en_us/ciso/22/h/cyber-insurance-coverage-checklist.html
We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension.
New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier
https://www.trendmicro.com/en_us/research/22/h/improve-threat-detection-response-ocsf.html
This report shares threat predictions concerning a rapidly evolving area of the physical and digital word – the metaverse. We refine our definition of the metaverse, while identifying threats a...
Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface.
https://www.trendmicro.com/en_us/ciso/22/h/secure-access-service-edge-sase-security-company.html
Understand the cybersecurity risks in the Metaverse
https://www.trendmicro.com/en_us/research/22/h/facebook-metaverse-attack-surface-security.html
With geopolitical tensions running high, oil and gas companies may be more susceptible to cyberattacks.
https://www.trendmicro.com/en_us/research/22/h/oil-gas-cybersecurity-part-1.html
One of the key pillars of the AWS Well-Architected Framework (WAF) is sustainability: the idea that cloud applications should be designed to minimize their environmental impact. Gain insight into...
https://www.trendmicro.com/en_us/devops/22/h/well-architected-framework-sustainability-pillar.html
iBynd VP of Insurance, Tim Logan, and Trend Micro’s Cyber Risk Specialist Vince Kearns provide insights on cyber insurance must-haves, pricing, services, and how the industry is changing in the...
https://www.trendmicro.com/en_us/ciso/22/h/cyber-insurance-market-2022.html
Trend Micro experts discuss how the prominence of cyberwarfare in a hyper-connected world is a call for enhanced cyber risk management.
https://www.trendmicro.com/en_us/ciso/22/h/russian-cyber-warfare-attacks.html
This blog entry offers a technical analysis of a new SolidBit variant that is posing as different applications to lure gamers and social media users. The SolidBit ransomware group appears to be p...
In this blog post, we discuss the technical details of a new banking dropper that we have dubbed DawDropper, give a brief history of banking trojans released in early 2022 that use malicious drop...
Although Transport layer security (TLS) provides enhanced security, cybercriminals have become increasingly savvy, finding ways to circumvent many of these protections. Learn how malicious actors...
https://www.trendmicro.com/en_us/devops/22/g/transport-layer-security-tls-issues-protocol.html
Discover how to leverage the zero trust strategy to protect ICS environments, enabling a stronger security posture and reducing risk.
https://www.trendmicro.com/en_us/ciso/22/g/zero-trust-security-model-ics.html
Gootkit has been known to use fileless techniques to drop Cobalt Strike and other malicious payloads. Insights from a recent attack reveal updates in its tactics.
Streamlining and enhancing security in the cloud with AWS and Trend Micro
https://www.trendmicro.com/en_us/research/22/g/aws-marketplace-vendor.html
This post relays the latest threat detection tool innovation of AWS - Amazon GuardDuty Malware Protection. This tool works closely with Trend Micro cloud solutions, providing another valuable lay...
https://www.trendmicro.com/en_us/research/22/g/aws-trend-micro.html
In June 2022, LockBit revealed version 3.0 of its ransomware. In this blog entry, we discuss the findings from our own technical analysis of this variant and its behaviors, many of which are simi...
In this blog entry, we discuss a malicious campaign that targets Alibaba Cloud’s OSS buckets with leaked credentials for malware distribution and cryptojacking.
We discovered the use of two Python penetration-testing tools, Impacket and Responder, that malicious actors used to compromise systems and exfiltrate data. We share our key findings in this repo...
Explore use cases for software supply chain cyberattacks and mitigation strategies to improve security maturity and reduce cyber risk.
https://www.trendmicro.com/en_us/ciso/22/g/software-supply-chain-cybersecurity.html
Learn how to counteract the top five challenges of IaC and discover how these obstacles pose a threat to security and gain valuable insight in how to mitigate these risks.
https://www.trendmicro.com/en_us/devops/22/g/infrastructure-as-code-iac-security.html
Explore the need for going beyond built-in Microsoft 365 and Google Workspace security based on email threats detected in 2021.
https://www.trendmicro.com/en_us/ciso/22/g/worldwide-email-phishing-stats-examples-2021.html
In the final chapter of our blog series, we discuss mitigating strategies and recommendations to keep DDS protected from malicious actors.
In this blog entry, we discuss how open-source code has been subjected to protest-driven code modifications by its maintainers or backers. We also provide an analysis of what these incidents coul...
How to secure your private 5G networks; The challenge of complex ecosystem in DX.
https://www.trendmicro.com/en_us/research/22/g/private-5g-network-security-part-3.html
The importance of proof of “security” concepts in private 5G networks: Are verifications of system operations and new functions sufficient for your proof of concept in private wireless networ...
https://www.trendmicro.com/en_us/research/22/g/private-5g-network-security-part-2.html
Learn about the security capabilities of GraphQL and gRPC, how they perform authentication/authorization, and how they compare to REST. In addition, discover common attack vectors for both API fr...
https://www.trendmicro.com/en_us/devops/22/g/graphql-vs-grpc.html
We investigate cloud-based cryptocurrency miners that leverage GitHub Actions and Azure virtual machines, including the cloud infrastructure and vulnerabilities that malicious actors exploit for ...
We explore Trend Micro’s latest research into industrial cybersecurity, including the impact of attacks, maturity of security programs, and recommendations for strengthening security.
https://www.trendmicro.com/en_us/ciso/22/g/ics-ot-cybersecurity-attack-trends.html
In part two of our series, we’ll highlight both known and new DDS vulnerabilities and what they mean for mission critical operations.
https://www.trendmicro.com/en_us/research/22/g/data-distribution-service-part-2.html
We recently found a new ransomware family, which we have dubbed as HavanaCrypt, that disguises itself as a legitimate Google Software Update application and uses a Microsoft web hosting service I...
Are "new" protocols and "private" networks sufficient for your cybersecurity requirements?
https://www.trendmicro.com/en_us/research/22/g/private-5g-network-security-part-1.html
In this three-part blog series, we’ll look into Data Distribution Service, why it is critical, and how you can mitigate risks associated with it.
https://www.trendmicro.com/en_us/research/22/g/data-distribution-service-part-1.html
What danger lies around the corner?
https://www.trendmicro.com/en_us/research/22/f/hacking-the-crypto-monetized-web.html
While DevOps and site reliability engineering teams often work together and have shared goals, there are important distinctions between the two. This article explores the differences between thei...
https://www.trendmicro.com/en_us/devops/22/f/devops-vs-sre.html
We look into a recent attack orchestrated by the Black Basta ransomware ransomware group that used the banking trojan QakBot as a means of entry and movement and took advantage of the PrintNightm...
Trend Micro Security Researcher, Erin Sindelar, breaks down three popular types of cloud risk assessments to help CISOs and security leaders better explain cyber risk to the board.
https://www.trendmicro.com/en_us/ciso/22/f/cloud-risk-management-assessment-plan.html
Trend Micro research reveals struggle to control cyber risks against mounting digital attack surfaces.
https://www.trendmicro.com/en_us/ciso/22/f/reduce-attack-surface-digital-mapping.html
Trend Micro research reveals struggle to control cyber risks against mounting digital attack surfaces.
https://www.trendmicro.com/en_us/research/22/f/reduce-attack-surface-digital-mapping.html
We analyzed cases of a Log4Shell vulnerability being exploited in certain versions of the software VMware Horizon. Many of these attacks resulted in data being exfiltrated from the infected syste...
We compare the targeting and business models of the Conti and LockBit ransomware groups using data analysis approaches. This will be presented in full at the 34th Annual FIRST Conference on June ...