Potential disruptions following vulnerabilities found in OpenSSL. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Latest on OpenSSL 3.0.7 Critical Bug & Security-Fix
Category: Trend Micro Research, News and Perspectives
How a Cloud Security Broker Reduces SaaS App Risks – SASE Part 4
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to maintain data control with Cloud Application Security Broker (CASB) technology. This article has been indexed from Trend Micro Research, News…
PCI Compliance Requirements: Network Security
There are many challenges that accompany implementing PCI compliance within your organization. And, these challenges can be particularly tough to navigate alone, given their importance. This article explores how Trend Micro Cloud One – Network Security helps you overcome the…
Comprehensive Traceability for Android Supply-Chain Security
We discuss the importance of traceability in the world of mobile operating systems. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Comprehensive Traceability for Android Supply-Chain Security
Addressing Ransomware in Hospitals & Medical Devices
Ransomware attacks have been on the rise in recent years, and hospitals are increasingly becoming targets. In many cases, these attacks can have devastating consequences, disrupting vital services and putting patients’ lives at risk. This article has been indexed from…
Manufacturing Cybersecurity: Trends & Survey Response
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations. This article has been indexed from Trend Micro Research, News and…
Top Cloud Security Challenges & How to Beat Them
The ongoing shift of traditional IT functions to the cloud brings new cyber risks for enterprises. Discover three current cloud security challenges and how to prevent them from causing financial, operational, and reputational damage. This article has been indexed from…
Threat Actors Target AWS EC2 Workloads to Steal Credentials
We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Where is the Origin?: QAKBOT Uses Valid Code Signing
Code signing certificates help us assure the file’s validity and legitimacy. However, threat actors can use that against us. In this blog, discover how QAKBOT use such tactic and learn ways how to prevent it. This article has been indexed…
Attack Surface Management 2022 Midyear Review Part 2
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
From Bounty to Exploit: Observations About Cybercriminal Contests
From articles to hackathons, cybercriminals are resorting to crowdsourcing to find more ways to exploit systems. In this blog, we discuss our takeaways and summarize the results of these contests. This article has been indexed from Trend Micro Research, News…
How a Cloud Security Broker Reduces SaaS App Risks – SASE Part 4
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to maintain data control with Cloud Application Security Broker (CASB) technology. This article has been indexed from Trend Micro Research, News…
Addressing Ransomware in Hospitals & Medical Devices
Ransomware attacks have been on the rise in recent years, and hospitals are increasingly becoming targets. In many cases, these attacks can have devastating consequences, disrupting vital services and putting patients’ lives at risk. This article has been indexed from…
LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: LV Ransomware…
Top Cloud Security Challenges & How to Beat Them
The ongoing shift of traditional IT functions to the cloud brings new cyber risks for enterprises. Discover three current cloud security challenges and how to prevent them from causing financial, operational, and reputational damage. This article has been indexed from…
Threat Actors Target AWS EC2 Workloads to Steal Credentials
We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Uncovering Security Blind Spots in CNC Machines
Industry 4.0 has given rise to smart factories that have markedly improved machining processes, but it has also opened the doors for cybercriminals looking to abuse networked industrial equipment such as CNC machines. Our research investigates potential cyberthreats to CNC…
LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: LV Ransomware…
Top Cloud Security Challenges & How to Beat Them
The ongoing shift of traditional IT functions to the cloud brings new cyber risks for enterprises. Discover three current cloud security challenges and how to prevent them from causing financial, operational, and reputational damage. This article has been indexed from…
Uncovering Security Blind Spots in CNC Machines
Industry 4.0 has given rise to smart factories that have markedly improved machining processes, but it has also opened the doors for cybercriminals looking to abuse networked industrial equipment such as CNC machines. Our research investigates potential cyberthreats to CNC…
Ransomware Insurance Security Strategies
Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how to improve your ransomware prevention strategy to reduce cyber risk and meet insurance requirements. This article has been indexed from…
Infographic: How CNAPP Consolidate Cybersecurity Tools
A cloud-native application protection platform (CNAPP) consolidates your security tools, helping development, DevOps, cloud, and security teams sort each piece and see the big picture. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Solve the Cloud-Native App Security Puzzle with CNAPP
Explore the value of integrating cloud-native application protection into security and development. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Solve the Cloud-Native App Security Puzzle with CNAPP
TeamTNT Returns – or Does It?
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat…
Attack Surface Management 2022 Midyear Review Part 1
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Ransomware Insurance Security Strategies
Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how to improve your ransomware prevention strategy to reduce cyber risk and meet insurance requirements. This article has been indexed from…
Solve the Cloud-Native App Security Puzzle with CNAPP
Explore the value of integrating cloud-native application protection into security and development. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Solve the Cloud-Native App Security Puzzle with CNAPP
Software Patch Management Policy Best Practices
Explore the top risk-based patch management policy best practices to mitigate the growing threat of vulnerability exploits in your organization. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Software Patch Management Policy…
TeamTNT Returns – or Does It?
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat…
Attack Surface Management 2022 Midyear Review Part 1
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Ransomware Insurance Security Strategies
Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how to improve your ransomware prevention strategy to reduce cyber risk and meet insurance requirements. This article has been indexed from…
Solve the Cloud-Native App Security Puzzle with CNAPP
Explore the value of integrating cloud-native application protection into security and development. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Solve the Cloud-Native App Security Puzzle with CNAPP
Software Patch Management Policy Best Practices
Explore the top risk-based patch management policy best practices to mitigate the growing threat of vulnerability exploits in your organization. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Software Patch Management Policy…
TeamTNT Returns – or Does It?
Our honeypots caught malicious cryptocurrency miner samples targeting the cloud and containers, and its routines are reminiscent of the routines employed by cybercriminal group TeamTNT, which was said to have quit in November 2021. Our investigation shows that another threat…
Software Patch Management Policy Best Practices
Explore the top risk-based patch management policy best practices to mitigate the growing threat of vulnerability exploits in your organization. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Software Patch Management Policy…
Oil and Gas Cybersecurity: Trends & Response to Survey
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations. This article has been indexed from Trend Micro Research, News and…
Prevent Ransomware Attacks on Critical Infrastructure
Cyberattacks against critical infrastructure can cause massive societal disruption and take an enormous financial toll. Discover how to protect six key OT domains to help prevent ransomware and other threats to essential operations. This article has been indexed from Trend…
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware. This article has been indexed from Trend Micro Research, News and Perspectives…
Black Basta Ransomware Gang Infiltrates Networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware. This article has been indexed from Trend Micro Research, News and Perspectives…
Oil and Gas Cybersecurity: Trends & Response to Survey
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations. This article has been indexed from Trend Micro Research, News and…
Prevent Ransomware Attacks on Critical Infrastructure
Cyberattacks against critical infrastructure can cause massive societal disruption and take an enormous financial toll. Discover how to protect six key OT domains to help prevent ransomware and other threats to essential operations. This article has been indexed from Trend…
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware. This article has been indexed from Trend Micro Research, News and Perspectives…
Enhance Cyber Defense with 2022 Cybersecurity Trends
Jon Clay, VP of Threat Intelligence, reviews cybersecurity trends from the first half of 2022 to help CISOs and security leaders enhance their cyber defense strategy and lower cyber risk. This article has been indexed from Trend Micro Research, News…
Oil and Gas Cybersecurity: Trends & Response to Survey
Based on our survey of over 900 ICS security leaders in the United States, Germany, and Japan, we dig deeper into each industry’s challenges and present Trend Micro’s recommendations. This article has been indexed from Trend Micro Research, News and…
Prevent Ransomware Attacks on Critical Infrastructure
Cyberattacks against critical infrastructure can cause massive societal disruption and take an enormous financial toll. Discover how to protect six key OT domains to help prevent ransomware and other threats to essential operations. This article has been indexed from Trend…
Black Basta Ransomware Gang Infiltrates networks via QAKBOT, Brute Ratel, and Cobalt Strike
We analyzed a QAKBOT-related case leading to a Brute Ratel C4 and Cobalt Strike payload that can be attributed to the threat actors behind the Black Basta ransomware. This article has been indexed from Trend Micro Research, News and Perspectives…
Enhance Cyber Defense with 2022 Cybersecurity Trends
Jon Clay, VP of Threat Intelligence, reviews cybersecurity trends from the first half of 2022 to help CISOs and security leaders enhance their cyber defense strategy and lower cyber risk. This article has been indexed from Trend Micro Research, News…
Secure Web Gateway (SWG) Security – SASE Part 3
Explore why secure web gateway (SWG) is important to effectively secure cloud resources and reduce cyber risk across the attack surface. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Secure Web Gateway…
Cyber Hygiene: 5 Tips for Company Buy-In
Good cyber hygiene starts with buy-in from across the enterprise. Discover how CISOs can establish a company-wide security culture to enhance cyber hygiene effectiveness and reduce risk. This article has been indexed from Trend Micro Research, News and Perspectives Read…
How Will the Metaverse Affect Cloud Security?
The metaverse is an immersive digital world of augmented reality. While supporting a virtual universe relies on cloud storage, questions arise on how this will affect cloud security. Gain valuable insight on security concerns surrounding the metaverse now and in…
How Water Labbu Exploits Electron-Based Applications
In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using Cobalt Strike to deploy backdoors. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Secure Web Gateway (SWG) Security – SASE Part 3
Explore why secure web gateway (SWG) is important to effectively secure cloud resources and reduce cyber risk across the attack surface. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Secure Web Gateway…
Cyber Hygiene: 5 Tips for Company Buy-In
Good cyber hygiene starts with buy-in from across the enterprise. Discover how CISOs can establish a company-wide security culture to enhance cyber hygiene effectiveness and reduce risk. This article has been indexed from Trend Micro Research, News and Perspectives Read…
Cyber Security Framework: Back to Basics
Dr. Ivan Pavlov once said: “If you want new ideas, read old books.” The same applies with cybersecurity best practices. Discover how you can extend a basic cyber security framework to reduce systems and employee security risks. This article has…
How Water Labbu Exploits Electron-Based Applications
In the second part of our Water Labbu blog series, we explore how the threat actor exploits Electron-based applications using Cobalt Strike to deploy backdoors. This article has been indexed from Trend Micro Research, News and Perspectives Read the original…
Tracking Earth Aughisky’s Malware and Changes
For over 10 years, security researchers have been observing and keeping tabs of APT group Earth Aughisky’s malware families and the connections, including previously documented malware that have yet to be attributed. This article has been indexed from Trend Micro…
Water Labbu Abuses Malicious DApps to Steal Cryptocurrency
The parasitic Water Labbu capitalizes on the social engineering schemes of other scammers, injecting malicious JavaScript code into their malicious decentralized application websites to steal cryptocurrency. This article has been indexed from Trend Micro Research, News and Perspectives Read the…
CISA Gov: ’23-25 Plan Focuses on Unified Cybersecurity
William Malik, VP of Infrastructure Strategies, shares his opinions on the goals and objectives outlined in the CISA Strategic Plan 2023-2025. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: CISA Gov: ’23-25…
Cyber Security Framework: Back to Basics
Dr. Ivan Pavlov once said: “If you want new ideas, read old books.” The same applies with cybersecurity best practices. Discover how you can extend a basic cyber security framework to reduce systems and employee security risks. This article has…
Stronger Cloud Security in Azure Functions Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…
Stronger Cloud Security in Azure Function Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Function. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…
Common Cloud-Native Security Misconfigurations & Fixes
Cloud configuration errors are a major concern for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them. This article…
Incident Response Services & Playbooks Guide
63% of c-level executives in the US don’t have an incident response plan yet 50% of organizations experience a cyberattack. Explore incident response services and playbooks to strengthen your cyber defenses. This article has been indexed from Trend Micro Research,…
Stronger Cloud Security in Azure Functions Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…
Stronger Cloud Security in Azure Function Using Custom Cloud Container
In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Function. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article:…
How Underground Groups Use Stolen Identities and Deepfakes
The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels. This article has been indexed from Trend Micro Research, News and…
Incident Response Services & Playbooks Guide
63% of c-level executives in the US don’t have an incident response plan yet 50% of organizations experience a cyberattack. Explore incident response services and playbooks to strengthen your cyber defenses. This article has been indexed from Trend Micro Research,…
Preventing Cryptocurrency Cyber Extortion
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. Discover cryptocurrency trends and how enterprises can enhance their cybersecurity posture to prevent cyber extortion. This article has been indexed from Trend Micro…
How Underground Groups Use Stolen Identities and Deepfakes
The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels. This article has been indexed from Trend Micro Research, News and…
Preventing Cryptocurrency Cyber Extortion
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. Discover cryptocurrency trends and how enterprises can enhance their cybersecurity posture to prevent cyber extortion. This article has been indexed from Trend Micro…
How to Prevent Ransomware as a Service (RaaS) Attacks
Explore key insights on how ransomware as a service (RaaS) operators work and how to prevent ransomware attacks. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How to Prevent Ransomware as a…
Simplify with Network Security as a Service (NSaaS)
Learn more on how network security as a service (NSaaS) employs the latest technologies to counter unknown threats and detect abnormal behavior before it becomes a direct threat. This article has been indexed from Trend Micro Research, News and Perspectives…
Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware
Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Atlassian…
Cybersecurity Awareness Month 2022: 3 Actionable Tips
Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cybersecurity Awareness Month…
The Risk of Ransomware Supply Chain Attacks
Over the years, ransomware has become a major threat and it can put supply chains in deep trouble. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: The Risk of Ransomware Supply Chain…
How to Prevent Ransomware as a Service (RaaS) Attacks
Explore key insights on how ransomware as a service (RaaS) operators work and how to prevent ransomware attacks. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: How to Prevent Ransomware as a…
Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware
Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Atlassian…
Security Risks in Logistics APIs Used by E-Commerce Platforms
Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers,…
Cybersecurity Awareness Month 2022: 3 Actionable Tips
Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Cybersecurity Awareness Month…
Red Teaming to Reduce Cyber Risk
Discover how red teaming can help reduce cyber risk across your ever-expanding digital attack surface. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Red Teaming to Reduce Cyber Risk
A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities
This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints. This article has been indexed from Trend Micro Research,…
Pros and Cons of 5G
As private 5G networks continue to roll-out, CISOs and security leaders need to fully aware of the security implications to minimize cyber risk. Explore pros and cons as well as security tips for implementing private 5G. This article has been…
Security Breaks: TeamTNT’s DockerHub Credentials Leak
One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking…
Biden Cybersecurity Executive Order: Ex-USSS Reflects
Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, reflects on the effectiveness of Biden’s executive order and what organizations of all sizes can learn from it. This article has been indexed…
CIEM vs CWPP vs CSPM
This article will explore three solutions, CIEM, CWPP, and CSPM, detail a sample case for each, and help you to determine when and how to use them—whether individually or in conjunction with one another. This article has been indexed from…
Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques
We analyzed the Distroless technique for reducing the size of container images and explored its capabilities to address security concerns. We provide an alternative approach to Distroless that reduces the attack surface for malicious actors targeting cloud-native applications while optimizing…
3 Hybrid Cloud Security Challenges & Solutions
Explore hybrid cloud security challenges, components, and tips to minimize your cyber risk. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: 3 Hybrid Cloud Security Challenges & Solutions
Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm
In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. However, in our recent investigations, we have discovered a controller application that expands its capabilities. This…
Metaverse Broadband Infrastructure Security
The metaverse is coming—but what does that mean for network infrastructure? We explore expected changes, network challenges, and tips for enhancing network security to minimize cyber risk across the attack surface. This article has been indexed from Trend Micro Research,…
Tackling the Growing and Evolving Digital Attack Surface: 2022 Midyear Cybersecurity Report
This blog entry highlights the threats that dominated the first six months of the year, which we discussed in detail in our midyear cybersecurity roundup report, “Defending the Expanding Attack Surface.” This article has been indexed from Trend Micro Research,…
Cyber Security Managed Services 101
MSP partnerships are growing in line with rapid cloud migration and the evolving threat landscape. Discover how an MSP can help your business and tips for making an informed partner decision. This article has been indexed from Trend Micro Research,…
Unlocking Serverless with AWS Lambda and IAM
Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that can be expanded on as you grow and explore the many services on AWS. This article has been indexed from…
ZTNA vs VPN: Secure Remote Work & Access – SASE Part 2
Explore the drivers behind switching from VPN to Zero Trust Network Access (ZTNA) for any device access from anywhere. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: ZTNA vs VPN: Secure Remote…
Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware. This article has been indexed from Trend…
4 Cybersecurity Budget Management Tips
Learn how CISOs can use automation, strategic budgeting and internal training to run more productive cybersecurity teams amid a skills shortage. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: 4 Cybersecurity Budget…
Business Email Compromise Attack Tactics
Is BEC more damaging than ransomware? What tactics are BEC actors using? How can organizations bolster their defenses? Jon Clay, VP of threat intelligence, tackles these pertinent questions and more to help reduce cyber risk. This article has been indexed…
Analyzing the Hidden Danger of Environment Variables for Keeping Secrets
While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows. This article has been indexed from Trend Micro Research, News and Perspectives Read…
What Exposed OPA Servers Can Tell You About Your Applications
This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security. This article has been indexed from…
Oil and Gas Cybersecurity: Recommendations Part 3
In the final part of our series, we look at the APT33 case study and several recommendations from our expert team. This article has been indexed from Trend Micro Research, News and Perspectives Read the original article: Oil and Gas…
Event-Driven Architectures & the Security Implications
This article explores event-driven architecture (EDA) with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best practices for mitigating security concerns. This article has been indexed from Trend…