Codex Exposed Exploring the Capabilities and Risks of OpenAIs Code Generator

Codex Exposed Exploring the Capabilities and Risks of OpenAIs Code Generator

While GPT-3, the general-purpose language transformer that powers Codex, has recently been opened to the public, Codex itself remains a technical preview open to a limited selection of users. Codex powers the functionality of GitHub’s Copilot, a programming assistant available as a plug-in for Visual Studio Code that is able to offer AI-powered autocomplete and code translation on the fly. Its capabilities are still rough around the edges, but they give a good idea of…

Read More

This Week in Security News – January 7, 2022

This Week in Security News – January 7, 2022

Read on: Are Endpoints at Risk for Log4Shell Attacks The end of 2021 saw the emergence of the Log4Shell (CVE-2021-44228) vulnerability, a critical vulnerability in the ubiquitous Java logging package Apache Log4j. Exploiting Log4Shell via crafted log messages can allow an attacker to execute code on remote machines. The potential impact of this vulnerability is great enough that it scores a 10.0 rating based on CVSS version 3.x and a 9.3 rating based on CVSS…

Read More

Organized Cybercrime Cases: What CISOs Need to Know

Organized Cybercrime Cases: What CISOs Need to Know

Organized Cybercrime Cases: What CISOs Need to Know Risk Management Jon Clay, VP of Threat Intelligence at Trend Micro, explores the latest Trend Micro Research covering Access as a Service (AaaS), an emerging business model selling all-access passes to other malicious actors. By: Jon Clay January 07, 2022 Read time:  ( words) What is access as a service? Recently, Trend Micro Research analyzed a new service offering, called Access as a Service (AaaS), in the…

Read More

Apache Log4j: Mitigating risks

Apache Log4j: Mitigating risks

Apache Log4j: Mitigating risks Risk Management Explore tactical measures and strategic guidance to mitigate ongoing risks caused by Apache Log4j (Log4Shell). By: William Malik December 23, 2021 Read time:  ( words) Apache Log4j (Log4Shell) poses serious challenges for IT teams. In this article, I’ll discuss various tactical measures to navigate the current situation and provide strategic guidance for what to do after the immediate crisis abates. The Problem Log4j is a very useful tool incorporated…

Read More

The Log4j story, and how it has impacted our customers

The Log4j story, and how it has impacted our customers

The security research community had been expecting something like this to come along for a while. So it was with a sense of dread that we read news of a newly discovered CVSS 10.0 vulnerability in early December. The impact is already being felt around the globe as threat actors scramble to exploit the bug before defenders can apply their patches. It is a story that could take months or even years to play out….

Read More

This Week in Security News – December 17, 2021

This Week in Security News – January 7, 2022

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read on Purple Fox’s infection chain observed by Trend Micro’s Managed XDR. Also, learn about the Log4j vulnerability that has the potential to cause ‘incalculable’ damage. Read on: A Look into Purple Fox’s Server Infrastructure In this blog, Trend Micro sheds light on the later stages of Purple…

Read More

Why You Need XDR in Today’s Threat Landscape

Why You Need XDR in Today’s Threat Landscape

Why You Need XDR in Today’s Threat Landscape Detection and Response Trend Micro’s VP of Threat Intelligence, Jon Clay, explores the latest trends in today’s threat landscape and why XDR is key to enabling more resilience. By: Jon Clay December 13, 2021 Read time:  ( words) I’m proud to share the Forrester New Wave™: for Extended Detection and Response (XDR) that named Trend Micro a Leader in both current offerings and strength of strategy. I’d…

Read More

How Zero Trust and XDR Work Together

How Zero Trust and XDR Work Together

XDR alone is an effective security capability. However, when used in tandem with the Zero Trust approach, organizations can further enhance their security. XDR has two significant assets that can support a Zero Trust strategy: strong endpoint (user, cloud workload, device, etc) controls and organization-wide data collection and correlation from across the IT infrastructure. Here’s how it works: Strong endpoint controls deliver a solid foundation for verifying and establishing trust by providing security teams with…

Read More

This Week in Security News – December 10, 2021

This Week in Security News – December 10, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, read about Trend Micro’s predictions for security in the coming year. Also, learn about the Biden administration’s latest initiatives for curtailing attacks on the transport infrastructure. Read on: Pushing Forward Key Takeaways from Trend Micro’s Security Predictions for 2022 Because of the Covid-19 pandemic, organizations have learned to…

Read More

This Week in Security News – December 3, 2021

This Week in Security News – December 10, 2021

Welcome to our weekly roundup, where we share what you need to know about cybersecurity news and events that happened over the past few days. This week, learn about how Squirrelwaffle utilized ProxyLogon and ProxyShell to hack email chains. Also, read on a recent data breach of the Los Angeles Planned Parenthood Network. Read on: Squirrelwaffle Exploits ProxyShell and ProxyLogon to Hijack Email Chains In September, Squirrelwaffle emerged as a new loader that is spread…

Read More
1 14 15 16 17 18 19