Trend Achieves AWS Level 1 MSSP Competency Status

Trend Achieves AWS Level 1 MSSP Competency Status

Are your security teams overwhelmed with notifications and ever-expanding queues of suspicious activities that require investigation? You are not alone. According to Trend Micro™ Research, 51% of organizations are drowning in alerts. As the attack surface continues to evolve, your organization’s ability to discover, assess, and mitigate risk effectively and efficiently will determine your capacity to stop adversaries. So, what would it mean to your organization if you could become more resilient to the onslaught…

Read More

Stay Ahead of Cyber Threats

Stay Ahead of Cyber Threats

Trend Micro serves over half a million corporate customers across the globe, including eight of the top 10 telecom firms. Many of these customers are among the world’s largest organizations – running some of the most demanding IT environments on the planet. They need industry-leading threat protection, detection, and response capabilities to work at high speed and scale. That’s why we recently enhanced our TX product line of high-performance appliances with the 9200TXE. As attack…

Read More

S4x23 Review Part 4: Cybersecurity for Industrial IoT

S4x23 Review Part 4: Cybersecurity for Industrial IoT

Bellotti said first that we should start with the realization that legacy technologies are successful technologies. Legacy technologies remain because they are usable and important. They are the foundation for other systems therefore it has a significant impact when they are changed. But people believe in some myths of modernization. First, the technology is regarded as old. It doesn’t matter if the technology is new or old. For example, Python is older than Java, and…

Read More

S4x23 Review Part 3: Healthcare Cybersecurity Sessions

S4x23 Review Part 3: Healthcare Cybersecurity Sessions

COVID Task ForceIn 2017, before the pandemic, he was involved in providing a report to improve cybersecurity in the healthcare industry as a member of the Healthcare Cybersecurity Task Force. The report raised concerns that the healthcare industry was in the critical condition, suggesting severe lack of security talent, legacy equipment, premature/over-connectivity, vulnerabilities impacting patient care, and an epidemic of known vulnerabilities. He later worked on initiatives to protect medical care during the pandemic as…

Read More

S4x23 Review Part 2: Evolving Energy Cybersecurity

S4x23 Review Part 2: Evolving Energy Cybersecurity

While public-private partnerships may have been successful for large businesses, small businesses with limited financial and human assets still face challenges. The 100-day plan has certainly advanced cybersecurity in the energy sector by focusing on ICS security and grid security and facilitating coordination between public and private entities and agencies. However, challenges have been raised in the areas of information sharing among small utilities, solutions tailored for them, and sustainable initiatives. Innovative threat intelligence and…

Read More

S4x23 Review Part 1: What’s New in OT Security

S4x23 Review Part 1: What’s New in OT Security

In this blog, I will introduce discussions from S4 over several posts. The first installment will cover two topics from the academic interviews. Interview with Michael Fischerkeller – Author of Cyber Persistence Theory Fischerkeller is a senior researcher in the Institute for Defense Analyses and has been involved in shaping US government security policy for over 25 years. Based on this experience, he published “Cyber Persistence Theory” with two co-authors, aiming to bridge the gap…

Read More

In Review: What GPT-3 Taught ChatGPT in a Year

In Review: What GPT-3 Taught ChatGPT in a Year

ChatGPT spotted and called the error, recognizing not only the difference between the previous and latest uploaded code but also that the new code would not work altogether. The reason is in ChatGPT’s stateful session: By “remembering” the previously input correct snippet of code, the system is able to draw a direct comparison — something that GPT-3 was unable to do unless we provided the input ourselves. As further proof, we retried the experiment in…

Read More

Monthly Threat Webinar Series in 2023: What to Expect

Monthly Threat Webinar Series in 2023: What to Expect

2023 will be the ninth year of doing my monthly threat webinar series that I love.  Each month I select a threat or a research report to discuss with my audience that I think can help educate them on the latest trends in the threat landscape.  Over the years, I’ve covered such threats as advanced persistent threats (APT), botnets, crypto mining, fileless, key loggers, messaging, ransomware, spyware, trojans, vulnerabilities, web threats, and zero days.  One…

Read More

Attacking The Supply Chain: Developer

Attacking The Supply Chain: Developer

In 2021, we published an entry identifying the weak parts of the supply chain security. In the face of the surge in documented attacks, the entry gave a summarized overview of how malicious actors found gaps to abuse and take advantage of for possible gains and disruptions. In this entry, we focus on one specific part of the supply chain: the developers themselves. To find a suitable attack model focusing on the developer, we must…

Read More

What is Red Teaming & How it Benefits Orgs

What is Red Teaming & How it Benefits Orgs

In today’s increasingly connected world, red teaming has become a critical tool for organizations to test their security and identify possible gaps within their defenses. Red teaming, also known as red cell, adversary simulation, or Cyber Red Team, involves simulating real-world cyber attackers’ tactics, techniques, and procedures (TTPs) to assess an organization’s security posture. In the world of cybersecurity, the term “red teaming” refers to a method of ethical hacking that is goal-oriented and driven…

Read More
1 2 3 4