Cyber Risk Index 1H’22 Snapshot

Cyber Risk Index 1H’22 Snapshot

The Global and Regional CRI The current global cyber risk index is at -0.15, which is considered an elevated risk level. This is a slight increase in risk from the second half of 2021, when it was -0.04.  Organizations in North America and Asia-Pacific saw an increase in their cyber risk from that period while Europe and Latin/South America’s risk decreased in comparison. Digging into each of the four regions, North America’s CRI was the…

Read More

Electricity/Energy Cybersecurity: Trends & Survey Response

Electricity/Energy Cybersecurity: Trends & Survey Response

Trend Micro conducted a study on the state of industrial cybersecurity in the oil and gas, manufacturing, and electricity/energy industries in 2022. Based on the results of a survey of over 900 ICS business and security leaders in the United States, Germany, and Japan, we will discuss the characteristics of each industry, the motivations and environmental factors that will drive future cybersecurity improvements. We will also introduce Trend Micro’s proposals based on the industry’s current…

Read More

7 Cyber Attack Vectors & How to Protect Them

7 Cyber Attack Vectors & How to Protect Them

7 Cyber Attack Vectors & How to Protect Them Risk Management The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial attack vendors and provides proactive security tips to help you reduce cyber risk across the attack surface. By: Jon Clay November 15, 2022 Read time:  ( words) Digital transformation and remote work have rapidly expanded the attack surface. As the collection of applications, websites,…

Read More

4 Types of Cyber Crime Groups

4 Types of Cyber Crime Groups

The adage “teamwork makes dreamwork” extends to cybercriminals as well. To launch more successful cyberattacks, malicious actors with different specialized skills have conglomerated to form Cybercrime as a Service (CaaS). We’re now seeing people and groups specialize in various parts of the attack lifecycle. This means that we’re likely going to see less mistakes made leading to detections, and we should expect multiple groups colonizing an infected network. Within CaaS there are four types of…

Read More

Hybrid Cloud Management Security Tools

Hybrid Cloud Management Security Tools

Learn more about cloud security by joining Trend Micro at AWS re:Invent fromNov. 28 – Dec. 2 The accelerated shift to the cloud was mostly borne out of necessity due to the influx of remote workers and changing customer demands requiring more business agility. According to Forrester, 94% of US enterprise infrastructure decision makers are using at least one type of cloud deployment. While there is a push to be cloud-native, the reality is that…

Read More

Guide to Better Threat Detection and Response

Guide to Better Threat Detection and Response

Not all threats originate at the endpoint. According to Verizon’s 2022 Data Breach Investigations Report, web applications and email are the top two vectors for breaches. XDR enables you to detect compromised accounts sending internal phishing emails, whereas native email security tools typically only monitors for malicious emails being delivered externally. XDR will also sweep mailboxes for IoCs in real time. With this information, the SOC can investigate who else received the email as well…

Read More

Latest on OpenSSL 3.0.7 Bug & Security-Fix

Latest on OpenSSL 3.0.7 Bug & Security-Fix

What to know and do about this week’s OpenSSL vulnerability A new vulnerability has just been disclosed in OpenSSL, an open-source cryptography library that is very widely used in a range of commercial and internal applications to provide encryption and other security and privacy capabilities. OpenSSL is found in applications deployed on-premises, in the cloud, in SaaS applications, on endpoints, servers, in IoT or OT environments, and more. What is the issue in OpenSSL? The…

Read More

Manufacturing Cybersecurity: Trends & Survey Response

Manufacturing Cybersecurity: Trends & Survey Response

Figure 5: Q19. Until now, what have been your organization’s top two reasons for implementing cybersecurity measures to protect your ICS/OT systems? Q20.What do you believe your organization’s top two reasons for implementing cybersecurity measures to protect your ICS/OT systems are over the next three years?(NB: Multiple choices allowed) We will consider the reasons and background for these results. One of the reasons why there is a high awareness of efforts to prevent recurrence is…

Read More

How a Cloud Security Broker Reduces SaaS App Risks

How a Cloud Security Broker Reduces SaaS App Risks

Read: Data exposure from SaaS and cloud applications is an increasing risk factor facing businesses today. Depending on where your organization is along its digital transformation, multi-cloud environments and cloud applications are likely being used for critical business operations. There are good reasons to move to SaaS apps, such as their simplicity, reduction of administration, and cost reductions. Since the advent of cloud computing, applications like Microsoft Office, Salesforce, and Box™ have made themselves indispensable…

Read More

Threat Actors Target AWS EC2 Workloads to Steal Credentials

Threat Actors Target AWS EC2 Workloads to Steal Credentials

Threat Actors Target AWS EC2 Workloads to Steal Credentials Cloud We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads’ access keys and tokens via typosquatting and the abuse of legitimate tools. By: Nitesh Surana October 26, 2022 Read time:  ( words) Recently, we came across an exploitation attempt leveraging monitoring and visualization tool Weave Scope to enumerate the Amazon Web Services (AWS) instance metadata service (IMDS) from Elastic Compute Cloud (EC2)…

Read More
1 5 6 7 8 9 19