What is Red Teaming & How it Benefits Orgs

What is Red Teaming & How it Benefits Orgs

In today’s increasingly connected world, red teaming has become a critical tool for organizations to test their security and identify possible gaps within their defenses. Red teaming, also known as red cell, adversary simulation, or Cyber Red Team, involves simulating real-world cyber attackers’ tactics, techniques, and procedures (TTPs) to assess an organization’s security posture. In the world of cybersecurity, the term “red teaming” refers to a method of ethical hacking that is goal-oriented and driven…

Read More

Why Data Hygiene is Key to Industrial Cybersecurity

Why Data Hygiene is Key to Industrial Cybersecurity

If there’s a common denominator to today’s security woes, it’s complexity. Industrial and enterprise IT environments are more open, interdependent, and essential than ever before. Practicing good data hygiene is one of the best ways for organizations to protect themselves, and it starts with a zero-trust approach to network access. Complexity is a security risk Part of what makes IT environments so complex today is the distributed nature of industrial and business operations, which decentralizes…

Read More

Web3 IPFS Only Used for Phishing – So Far

Web3 IPFS Only Used for Phishing – So Far

Web3 IPFS Only Used for Phishing – So Far Cloud We discuss the use of the InterPlanetary File System (IPFS) in phishing attacks. By: Matsukawa Bakuei, Morton Swimmer December 20, 2022 Read time:  ( words) Web3 has been garnering attention recently, but it has yet to be used for anything practical and widespread except for one thing: phishing. The concept of Web 3 encompasses a variety of technologies. In this article, we will ignore the…

Read More

Improve Cyber Security Posture with 2023 Predictions

Improve Cyber Security Posture with 2023 Predictions

Digitalization has made enterprise cybersecurity more complex than ever before. Taking that context into account, Future/Tense: Trend Micro Security Predictions for 2023 looks at some of the key trends organizations will need to address to strengthen their security posture for the year ahead. This blog focuses on four priority threat predictions—cloud misconfigurations, hidden vulnerabilities, the vanishing network perimeter, and evolving ransomware business models—as well as a growing trend that will redefine enterprise cybersecurity going forward:…

Read More

Trend Helps Google Play Prevent Malicious Apps via ADA

Trend Helps Google Play Prevent Malicious Apps via ADA

Trend Helps Google Play Prevent Malicious Apps via ADA Trend Micro will be joining Google’s App Defense Alliance (ADA) to help improve their ability to identify malicious apps before they are published to the Google Play store. By: Jon Clay December 16, 2022 Read time:  ( words) Google has announced Trend Micro will be joining their App Defense Alliance (ADA) to help improve their ability to identify malicious apps before they are published to the…

Read More

Ransomware Business Models: Future Pivots and Trends

Ransomware Business Models: Future Pivots and Trends

RDP port 3389 remains a popular service abused by ransomware actors to gain initial access to systems located and connected to on-premise infrastructure. However, as more organizations shift to the cloud services for file storage and active directory systems, ransomware groups will look for more opportunities to develop and/or exploit vulnerabilities not yet leveraged at scale. Evolutions Gradual evolutions in the current modern ransomware models as we know them are expected to be tweaked in…

Read More

Intrusion Detection & Prevention Systems Guide

Intrusion Detection & Prevention Systems Guide

Don’t get stuck choosing between on or the other. Ideally you want to find an IDS and IPS solution that integrate – forming IDPS – for full detection and response capabilities. IDS will give you a deep understanding of how traffic is moving across your network, while IPS provides active network security by preventing and remediating detections. Making an informed decision Not all security solutions are the same. Some vendors are marketing masters who make…

Read More

Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT

Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT

Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT Cloud We intercepted a cryptocurrency mining attack that incorporated an advanced remote access trojan (RAT) named the CHAOS Remote Administrative Tool. By: David Fiser, Alfredo Oliveira December 12, 2022 Read time:  ( words) We’ve previously written about cryptojacking scenarios involving Linux machines and specific cloud computing instances being targeted by threat actors active in this space such as TeamTNT. We found that the routines and chain of…

Read More

Cybersecurity Reflections from 26 Years at Trend

Cybersecurity Reflections from 26 Years at Trend

I started my cybersecurity journey in July 1996 as a sales engineer for a cybersecurity company, Trend Micro, that had already been around for 8 years. Having been in the industry for 26 years now – all of them at Trend Micro – I may have a bit of bias toward what we’ve been able to accomplish over the years, but I wanted to share my excitement about what we’re doing today and will be…

Read More

Cyber Insurance Policy Underwriting Explained

Cyber Insurance Policy Underwriting Explained

Businesses are often in the dark when it comes to applying for a cyber insurance policy. What documentation is necessary? What should they expect? What security controls are underwriters actually looking for? I spoke to John Hennessy, RVP of underwriting at Cowbell, for an insider’s perspective on the underwriting process. Q: What should people know about cyber insurance underwriters?Q: What does the typical underwriting engagement look like?Q: What are some of the non-security factors underwriters…

Read More
1 4 5 6 7 8 19