Cybersecurity Reflections from 26 Years at Trend

Cybersecurity Reflections from 26 Years at Trend

I started my cybersecurity journey in July 1996 as a sales engineer for a cybersecurity company, Trend Micro, that had already been around for 8 years. Having been in the industry for 26 years now – all of them at Trend Micro – I may have a bit of bias toward what we’ve been able to accomplish over the years, but I wanted to share my excitement about what we’re doing today and will be…

Read More

Industry 4.0: CNC Machine Security Risks Part 3

Industry 4.0: CNC Machine Security Risks Part 3

Industry 4.0: CNC Machine Security Risks Part 3 Cyber Threats This three-part blog series explores the risks associated with CNC machines By: Trend Micro December 06, 2022 Read time:  ( words) In this final installation of our three-part blog series, we lay out countermeasures that enterprises can do to protect their machines. We’ll also discuss our responsible disclosure as well as the feedback we got from the vendors we evaluated. Countermeasures We found that only…

Read More

Industry 4.0: CNC Machine Security Risks Part 2

Industry 4.0: CNC Machine Security Risks Part 2

Industry 4.0: CNC Machine Security Risks Part 2 Cyber Threats This three-part blog series explores the risks associated with CNC machines By: Trend Micro December 01, 2022 Read time:  ( words) In part one, we discussed what numerical control machines do and their basic concepts. These concepts are important to understand the machines better, offering a wider view of their operations. We also laid out how we evaluated the chosen vendors for our research. For…

Read More

Industry 4.0: CNC Machine Security Risks Part 1

Industry 4.0: CNC Machine Security Risks Part 1

Industry 4.0: CNC Machine Security Risks Part 1 Cyber Threats This three-part blog series explores the risks associated with CNC machines By: Trend Micro November 29, 2022 Read time:  ( words) Computer numerical controls (CNCs) are machines used to produce products in a factory setting. They have been in use for many years, and in the last decade, their use has become more widespread due to increased connectivity. This increased connectivity has made them more…

Read More

INTERPOL Uses Trend Threat Intelligence to Fight Cyber Crime

INTERPOL Uses Trend Threat Intelligence to Fight Cyber Crime

INTERPOL recently conducted operation African Surge to take down malicious infrastructure across the African continent and requested the help of private enterprises. Trend Micro is proud to have been asked to participate and provided global threat intelligence that was utilized in this operation. To read the official announcement, please visit: https://www.interpol.int/News-and-Events/News/2022/Operation-across-Africa-identifies-cyber-criminals-and-at-risk-online-infrastructure Trend Micro has a long history of supporting law enforcement, including INTERPOL, with our threat intelligence. From providing information about malicious actors to the…

Read More

WannaRen Returns as Life Ransomware, Targets India

WannaRen Returns as Life Ransomware, Targets India

WannaRen Returns as Life Ransomware, Targets India Ransomware This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension. By: Don Ovid Ladores, Jeffrey Francis Bonaobra November 23, 2022 Read time:  ( words) Although not as well-known as ransomware families such as Ryuk, REvil, or Maze, WannaRen ransomware made a name for itself back in 2020 after it launched attacks against Chinese internet users,…

Read More

Earth Preta Spear-Phishing Governments Worldwide

Earth Preta Spear-Phishing Governments Worldwide

In our observation of the campaigns, we noted that, Earth Preta abused fake Google accounts to distribute the malware via spear-phishing emails, initially stored in an archive file (such as rar/zip/jar) and distributed through Google Drive links. Users are then lured into downloading and triggering the malware to execute,  TONEINS, TONESHELL, and PUBLOAD. PUBLOAD has been previously reported, but we add new technical insights in this entry that tie it to TONEINS and TONESHELL, newly…

Read More

Cyber Risk Index 1H’22 Snapshot

Cyber Risk Index 1H’22 Snapshot

The Global and Regional CRI The current global cyber risk index is at -0.15, which is considered an elevated risk level. This is a slight increase in risk from the second half of 2021, when it was -0.04.  Organizations in North America and Asia-Pacific saw an increase in their cyber risk from that period while Europe and Latin/South America’s risk decreased in comparison. Digging into each of the four regions, North America’s CRI was the…

Read More

Pilfered Keys Free App Infected by Malware Steals Keychain Data

Pilfered Keys Free App Infected by Malware Steals Keychain Data

Pilfered Keys Free App Infected by Malware Steals Keychain Data Malware Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused by threat actors to steal your data. Find out how one app was used to gather information of Apple users. By: Luis Magisa, Qi Sun November 16, 2022 Read time:  ( words) Today, malware spreads easily, infecting computers of various users. Commonly found on…

Read More

CVE-2019-8561 A Hard-to-Banish PackageKit Framework Vulnerability in macOS

CVE-2019-8561 A Hard-to-Banish PackageKit Framework Vulnerability in macOS

At line 28, if the offset value of the payload subpath inside the PKG file is not equal to zero, the “-[PKLeopardPackage payloadExtractorWithDestination:externalRoot:error:]” function will call the “-[PKPayloadCopier initWithArchivePath:offset:destination:]” function. Similar to the second method, there is a “triple fetch” issue. If the offset value is equal to zero, it will extract the payload from a special external root path, which seems to be unrestricted and can be controlled by an attacker. This means that…

Read More
1 6 7 8 9 10 27