US - Research, News, and Perspectives http://feed.informer.com/digests/G5HRN3DTV4/feeder US - Research, News, and Perspectives Respective post owners and feed distributors Tue, 09 Nov 2021 16:45:03 +0000 Feed Informer http://feed.informer.com/ New Linux-Based Ransomware 'Cheerscrypt' Targets EXSi Devices https://www.trendmicro.com/en_us/research/22/e/new-linux-based-ransomware-cheerscrypt-targets-exsi-devices.html Research, News, and Perspective urn:uuid:fdcfe9bf-756a-e9cc-614f-7c9e8e547b31 Wed, 25 May 2022 00:00:00 +0000 Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises EXSi servers. We discuss our initial findings on in this report. Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Arianne Dela Cruz New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices https://www.trendmicro.com/en_us/research/22/e/new-linux-based-ransomware-cheerscrypt-targets-exsi-devices.html Research, News, and Perspective urn:uuid:ad5d5cb6-19ec-1b2a-e096-37beef7a9715 Wed, 25 May 2022 00:00:00 +0000 Trend Micro Research detected “Cheerscrypt”, a new Linux-based ransomware variant that compromises ESXi servers. We discuss our initial findings on in this report. Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Arianne Dela Cruz Celebrating 15 Years of Pwn2Own https://www.trendmicro.com/en_us/research/22/e/pwn2own-video.html Research, News, and Perspective urn:uuid:e90af0a8-834e-05dc-7375-337737d79bf1 Wed, 25 May 2022 00:00:00 +0000 Join Erin Sindelar, Mike Gibson, Brian Gorenc, and Dustin Childs as they discuss Pwn2Own's 15th anniversary, what we've learned, and how the program will continue to serve the cybersecurity community in the future. Trend Micro Research : Latest News Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Cyber Threats Trend Micro Research : Connected Car Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Endpoints Trend Micro Research : IoT Trend Micro Research : Video The Fault in Our kubelets: Analyzing the Security of Publicly Exposed Kubernetes Clusters https://www.trendmicro.com/en_us/research/22/e/the-fault-in-our-kubelets-analyzing-the-security-of-publicly-exposed-kubernetes-clusters.html Research, News, and Perspective urn:uuid:35ab1a01-b8a6-3e5a-8886-28ca0795b8e7 Tue, 24 May 2022 00:00:00 +0000 While researching cloud-native tools, our Shodan scan revealed over 200,000 publicly exposed Kubernetes clusters and kubelet ports that can be abused by criminals. Trend Micro Research : Cloud Trend Micro Research : Endpoints Trend Micro Research : Privacy & Risks Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Magno Logan Detect Azure AD Hybrid Cloud Vulnerabilities https://www.trendmicro.com/en_us/devops/22/e/detect-azure-ad-hybrid-cloud-vulnerabilities.html DevOps Resource Center urn:uuid:bebae2ea-fc3d-7be8-8ce9-240aabc51e79 Thu, 19 May 2022 00:00:00 +0000 AADInternals is a PowerShell module widely used by administrators for administering Azure Active Directory (AD) and Microsoft 365 - learn how to protect against their common vulnerabilities. Trend Micro DevOps : Workload Security Trend Micro DevOps : Cloud Native Trend Micro DevOps : How To Trend Micro DevOps : Azure Trend Micro DevOps : Article Trend Micro DevOps : Best Practices Jiri Sykora Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware https://www.trendmicro.com/en_us/research/22/e/bruised-but-not-broken--the-resurgence-of-the-emotet-botnet-malw.html Research, News, and Perspective urn:uuid:23487c69-7d5e-8633-4ded-3cabff500681 Thu, 19 May 2022 00:00:00 +0000 During the first quarter of 2022, we discovered a significant number of infections using multiple new Emotet variants that employed both old and new techniques to trick their intended victims into accessing malicious links and enabling macro content. Trend Micro Research : Spam Trend Micro Research : Articles, News, Reports Trend Micro Research : Research Adolph Christian Silverio Cyber risk management: Attribution strategies https://www.trendmicro.com/en_us/ciso/22/e/cyber-attribution-benefits.html CISO Resource Center urn:uuid:5e8ac3ef-7f9b-8bae-fc5e-2ae450a098c7 Thu, 19 May 2022 00:00:00 +0000 Discover the importance of cyber attribution, the benefits, and the right tools to assist your efforts so you can better manage cyber risk across your digital attack surface. Trend Micro CISO : Article Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Uncovering a Kingminer Botnet Attack Using Trend Micro™ Managed XDR https://www.trendmicro.com/en_us/research/22/e/uncovering-a-kingminer-botnet-attack-using-trend-micro-managed-x.html Research, News, and Perspective urn:uuid:48489dfe-b0c2-a5ed-3f83-3d1512c3e8b0 Wed, 18 May 2022 00:00:00 +0000 Trend Micro’s Managed XDR team addressed a Kingminer botnet attack conducted through an SQL exploit. We discuss our findings and analysis in this report. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Buddy Tancio Trend Micro's One Vision, One Platform https://www.trendmicro.com/en_us/research/22/e/platform-centric-enterprise-cybersecurity-protection.html Research, News, and Perspective urn:uuid:766fff4d-b020-cd02-510d-a4642b9ea25c Tue, 17 May 2022 00:00:00 +0000 Why Trend Micro is evolving its approach to enterprise protection Trend Micro Research : Cloud Trend Micro Research : Web Trend Micro Research : Cyber Threats Trend Micro Research : Data center Trend Micro Research : Compliance & Risks Trend Micro Research : Ransomware Trend Micro Research : Security Strategies Trend Micro Research : Articles, News, Reports Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys https://www.trendmicro.com/en_us/research/22/e/fake-mobile-apps-steal-facebook-credentials--crypto-related-keys.html Research, News, and Perspective urn:uuid:96a9e761-ecc7-158c-9344-0eb47654dd87 Mon, 16 May 2022 00:00:00 +0000 We recently observed a number of apps on Google Play designed to perform malicious activities such as stealing user credentials and other sensitive user information, including private keys. Trend Micro Research : Malware Trend Micro Research : Research Trend Micro Research : Mobile Trend Micro Research : Articles, News, Reports Cifer Fang Sandstone CTO shares how to assess cyber risk in the cloud https://www.trendmicro.com/en_us/ciso/22/e/cyber-risk-assessment-sandstone-cto.html CISO Resource Center urn:uuid:01f6b31f-f0c1-0297-9593-ee1ccc9ee2ee Fri, 13 May 2022 00:00:00 +0000 Chaitanya Pinnamanemi discusses how visibility and prioritization are key to securing your digital attack surface and reducing cyber risk. Trend Micro CISO : Article Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management S4x22: ICS Security Creates the Future https://www.trendmicro.com/en_us/research/22/e/ics-security-event-s4-2022-review.html Research, News, and Perspective urn:uuid:c0c5e787-a01b-bf35-a3c0-c798fb4f7c99 Thu, 12 May 2022 00:00:00 +0000 The ICS Security Event S4 was held for the first time in two years, bringing together more than 800 business leaders and specialists from around the world to Miami Beach on 19-21 Feb 2022. The theme was CREATE THE FUTURE. Trend Micro Research : Malware Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Cyber Threats Trend Micro Research : ICS OT Trend Micro Research : Compliance & Risks Trend Micro Research : IoT Trend Micro Research : Security Strategies Trend Micro Research : Articles, News, Reports Kazuhisa Tagaya The Difference Between Virtual Machines and Containers https://www.trendmicro.com/en_us/devops/22/e/the-difference-between-virtual-machines-and-containers.html DevOps Resource Center urn:uuid:3f4eaaa7-2ec5-3d88-6a8e-ffe54a62c084 Thu, 12 May 2022 00:00:00 +0000 Discover the key differences, use cases, and benefits of virtual machines and containers. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Azure Trend Micro DevOps : Article Trend Micro DevOps : AWS Trend Micro DevOps : Expert Perspective Trend Micro DevOps : Container Security Trend Micro DevOps : Multi Cloud Chris Van Den Abbeele Adding Guardrails To A Cloud Account After The Fact https://www.trendmicro.com/en_us/devops/22/e/cloud-configuration-management-guardrails.html DevOps Resource Center urn:uuid:f930b653-894c-89ec-3a90-4be26ecc984e Wed, 11 May 2022 00:00:00 +0000 This article outlines a priority checklist of which guardrails need to be applied to an existing cloud account. Answering questions like, can these guardrails be implemented without breaking anything? What level of testing is required? Trend Micro DevOps : Cloud Native Trend Micro DevOps : Azure Trend Micro DevOps : Article Trend Micro DevOps : AWS Trend Micro DevOps : How To Trend Micro DevOps : Google Cloud Platform Trend Micro DevOps : Multi Cloud Melanie Tafelski Security Above and Beyond CNAPPs https://www.trendmicro.com/en_us/research/22/e/more-secure-than-cnapps.html Research, News, and Perspective urn:uuid:ff5e7b80-0f96-f127-0a55-35d69e49ed6b Tue, 10 May 2022 00:00:00 +0000 How Trend Micro’s unified cybersecurity platform is transforming cloud security Trend Micro Research : Cloud Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Web Trend Micro Research : Cyber Threats Trend Micro Research : Data center Trend Micro Research : Compliance & Risks Trend Micro Research : Security Strategies Trend Micro Research : Articles, News, Reports Examining the Black Basta Ransomware’s Infection Routine https://www.trendmicro.com/en_us/research/22/e/examining-the-black-basta-ransomwares-infection-routine.html Research, News, and Perspective urn:uuid:a6c5ae91-f36a-5f91-97fc-7e6e85d451ff Mon, 09 May 2022 00:00:00 +0000 We analyze the Black Basta ransomware and examine the malicious actor’s familiar infection tactics. Trend Micro Research : Articles, News, Reports Trend Micro Research : Ransomware Trend Micro Research : Research Ieriz Nicolle Gonzalez NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service https://www.trendmicro.com/en_us/research/22/e/netdooka-framework-distributed-via-privateloader-ppi.html Research, News, and Perspective urn:uuid:c2f65102-6565-e4ef-592f-1d08a034fded Thu, 05 May 2022 00:00:00 +0000 This report focuses on the components and infection chain ⁠of the NetDooka framework. Its scope ranges from the release of the first payload up until the release of the final RAT that is protected by a kernel driver. Trend Micro Research : Malware Trend Micro Research : Articles, News, Reports Trend Micro Research : Research Aliakbar Zahravi Workshop: Simplifying Network Security in the Cloud https://www.trendmicro.com/en_us/devops/22/e/workshop-simplifying-network-security-in-the-cloud.html DevOps Resource Center urn:uuid:7add9de9-234f-82ae-7e43-be012ba446a5 Wed, 04 May 2022 00:00:00 +0000 In this workshop, you will learn how to leverage Trend Micro Cloud One™ - Network Security to provide a powerful network security layer which can be deployed seamlessly into your existing AWS architecture. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Network Security Trend Micro DevOps : Free Trials Trend Micro DevOps : AWS Trend Micro DevOps : Best Practices AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell https://www.trendmicro.com/en_us/research/22/e/avoslocker-ransomware-variant-abuses-driver-file-to-disable-anti-Virus-scans-log4shell.html Research, News, and Perspective urn:uuid:5d727d2e-eaa8-b86d-d0b8-95b78a144a73 Mon, 02 May 2022 00:00:00 +0000 We found an AvosLocker ransomware variant using a legitimate anti-virus component to disable detection and blocking solutions. Trend Micro Research : Malware Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Cyber Threats Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Christoper Ordonez New AWS Competency Category - Why It's Important https://www.trendmicro.com/en_us/devops/22/d/why-aws-devops-competency-important.html DevOps Resource Center urn:uuid:4d7d4475-3408-889f-4c34-3a5f193122c2 Wed, 27 Apr 2022 00:00:00 +0000 AWS DevOps competency recently added a new category, DevSecOps to its arsenal. Explore our overview of the category and why it matters to security and development teams building in the cloud. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Article Trend Micro DevOps : AWS Trend Micro DevOps : Expert Perspective How to better manage your digital attack surface risk https://www.trendmicro.com/en_us/research/22/d/attack-surface-management.html Research, News, and Perspective urn:uuid:fd086c74-6956-cc36-fb9b-0295bd2bd9cb Sun, 24 Apr 2022 00:00:00 +0000 As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. And with the number of threats rapidly increasing, security leaders need to enhance their attack surface risk management. We explore how a unified cybersecurity platform can help improve your defenses against cyber risk in comparison to point products. Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Cyber Threats Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Cybersecurity Predictions for 2022 https://www.trendmicro.com/en_us/ciso/21/l/cybersecurity-trends-2022.html CISO Resource Center urn:uuid:b643c963-ee71-ce2f-9905-7444832b14a3 Sun, 24 Apr 2022 00:00:00 +0000 Explore Trend Micro Research’s security insights and predictions for 2022 to enable more informed and proactive decision-making. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Unified Cybersecurity Platform: Why CISOs are Shifting https://www.trendmicro.com/en_us/ciso/21/g/why-secops-need-cybersecurity-platform.html CISO Resource Center urn:uuid:ec7dd2cf-6d18-0328-4351-0890cb2750dd Sun, 24 Apr 2022 00:00:00 +0000 Our global study polled more than 2,300 IT security decision makers to discover how to best assist and support SecOps teams with a unified cybersecurity platform so you can be more resilient with less resources. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Risk Management Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Report Trend Micro CISO : Cloud How XDR Security Aids in Cyber Risk Management https://www.trendmicro.com/en_us/ciso/21/l/why-xdr-is-necessary-in-todays-attack-landscape.html CISO Resource Center urn:uuid:de83d2bb-483f-42a9-392d-ee72d437a220 Sun, 24 Apr 2022 00:00:00 +0000 Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is key to better understanding, communicating, and mitigating cyber risk across your enterprise. Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Jon Clay Aligning the c-suite with cyber risk management https://www.trendmicro.com/en_us/ciso/21/k/reduce-friction-between-it-leaders-and-c-suite.html CISO Resource Center urn:uuid:5e7a7c74-ad83-ddad-d957-b9557884664c Sun, 24 Apr 2022 00:00:00 +0000 As we creep toward a post-pandemic world, organizations need to plan accordingly. Explore Trend Micro’s latest cyber risk research to enable your business to maximize its growth and potential. Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Risk Management Trend Micro Partnering with Bit Discovery https://www.trendmicro.com/en_us/research/22/d/attack-surface-management-partner.html Research, News, and Perspective urn:uuid:8a75ac8d-4cdf-4c7a-4723-e49bd9f40d7d Sun, 24 Apr 2022 00:00:00 +0000 We’re excited to partner with Bit Discovery, bringing attack surface discovery capabilities to the Trend Micro One platform, providing ongoing visibility to internal assets (devices, identities, applications) but also external, internet-facing assets. Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Cyber Threats Trend Micro Research : Compliance & Risks Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Cryptomining Overview for DevOps https://www.trendmicro.com/en_us/devops/22/d/cryptomining-overview.html DevOps Resource Center urn:uuid:26859996-9c10-e611-8ab9-1da8192ae3f2 Thu, 21 Apr 2022 00:00:00 +0000 Learn the impacts of cryptomining attacks for DevOps as well as mitigation strategies to bolster security without impacting time to market delivery. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Article Trend Micro DevOps : Multi Cloud Trend Micro DevOps : Expert Perspective Mayra Rosario Fuentes Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners https://www.trendmicro.com/en_us/research/22/d/spring4shell-exploited-to-deploy-cryptocurrency-miners.html Research, News, and Perspective urn:uuid:25cf621f-24dd-ed64-41af-1b53b3533f06 Wed, 20 Apr 2022 00:00:00 +0000 Recently, we observed attempts to exploit the Spring4Shell vulnerability — a remote code execution bug, assigned as CVE-2022-22965 — by malicious actors to deploy cryptocurrency miners. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Nitesh Surana Secure application development cloud best practices https://www.trendmicro.com/en_us/devops/22/d/secure-application-development.html DevOps Resource Center urn:uuid:232d8594-1cf4-6ba2-144c-4b11b0cdba37 Wed, 20 Apr 2022 00:00:00 +0000 The need for agility can often sideline security best practices; we explore how to build with security at the forefront without compromising time to delivery. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Article Trend Micro DevOps : AWS Trend Micro DevOps : Best Practices Trend Micro DevOps : Container Security Trend Micro DevOps : Serverless Security Trend Micro DevOps : Conformity Tabitha Doyle Critically Underrated: Studying the Data Distribution Service (DDS) Protocol https://www.trendmicro.com/en_us/research/22/d/critically-underrated-studying-data-distribution-service-DDS-protocol.html Research, News, and Perspective urn:uuid:34781c92-20a3-6caa-80d2-37eec39b78fd Tue, 19 Apr 2022 00:00:00 +0000 Researchers from Trend Micro Research, TXOne, ADLINK, Alias Robotics, and ZDI looked into the Data Distribution Service (DDS) standard and its implementations from a security angle. The full findings of this research will be presented in the S4X22 Conference in April 2022. Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Cyber Threats Trend Micro Research : ICS OT Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Compliance & Risks Trend Micro Research : IoT Trend Micro Research : Articles, News, Reports Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders https://www.trendmicro.com/en_us/ciso/22/d/cyber-risk-index-2H-2021-security-assessment.html CISO Resource Center urn:uuid:c7664787-f71a-53fd-2906-2dcf2b8dd10b Mon, 18 Apr 2022 00:00:00 +0000 We take a look at our latest Cyber Risk Index (CRI) findings across North America, Europe, Asia-Pacific, and Latin/South America, to help security leaders better understand, communicate, and address their enterprise’s cyber risk. Trend Micro CISO : Expert Perspective Trend Micro CISO : Report Trend Micro CISO : Risk Management Jon Clay Cyber Risk Index (2H’ 2021): An Assessment for Security Leaders https://www.trendmicro.com/en_us/research/22/d/cyber-risk-index-2H-2021-security-assessment.html Research, News, and Perspective urn:uuid:08a604ab-b8d1-5a9d-e2fa-25e1e0d9c316 Mon, 18 Apr 2022 00:00:00 +0000 We take a look at our latest Cyber Risk Index (CRI) findings across North America, Europe, Asia-Pacific, and Latin/South America, to help security leaders better understand, communicate, and address their enterprise’s cyber risk. Trend Micro Research : Cyber Crime Trend Micro Research : Expert Perspective Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Jon Clay An Investigation of the BlackCat Ransomware via Trend Micro Vision One https://www.trendmicro.com/en_us/research/22/d/an-investigation-of-the-blackcat-ransomware.html Research, News, and Perspective urn:uuid:1c33de71-9b43-feab-5d89-593b2e0975a3 Mon, 18 Apr 2022 00:00:00 +0000 We recently investigated a case related to the BlackCat ransomware group using the Trend Micro Vision One™ platform, which comes with extended detection and response (XDR) capabilities. BlackCat (aka AlphaVM or AlphaV) is a ransomware family created in the Rust programming language and operated under a ransomware-as-a-service (RaaS) model. Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Lucas Silva Cybersecurity Basics: Authentication and Authorization https://www.trendmicro.com/en_us/devops/22/d/cybersecurity-basics.html DevOps Resource Center urn:uuid:c3e85aae-1d7e-045e-3357-3b28face5e72 Wed, 13 Apr 2022 00:00:00 +0000 With most security incidents caused by exposed secrets in DevOps pipelines and tools, proper authentication and authorization is essential. Explore the basics of strong identity management to build more resilient apps. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Article Trend Micro DevOps : Best Practices Trend Micro DevOps : Multi Cloud Melanie Tafelski CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware https://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html Research, News, and Perspective urn:uuid:2e9f2a53-dfd0-6dca-43ae-afea87523aed Fri, 08 Apr 2022 00:00:00 +0000 We discovered active exploitation of a vulnerability in the Spring Framework designated as CVE-2022-22965 that allows malicious actors to download the Mirai botnet malware. Trend Micro Research : IoT Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Deep Patel Why the Mitre Engenuity ATT&CK Evaluations Matter https://www.trendmicro.com/en_us/ciso/22/d/mitre-engenuity-attack-simulator.html CISO Resource Center urn:uuid:d7c5bfaa-1e25-fe30-a717-56cbe2968b5e Fri, 08 Apr 2022 00:00:00 +0000 This year’s MITRE Engenuity™ ATT&CK Evaluation simulates techniques associated with notorious threat groups Wizard Spider and Sandworm to test solutions' ability to detect and stop APT and Targeted Attacks. Trend Micro CISO : Article Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response How to Optimize Your Lambda Code https://www.trendmicro.com/en_us/devops/22/d/optimize-lambda-code.html DevOps Resource Center urn:uuid:6c4cc37c-85c7-935c-4f15-d4daf02a184a Thu, 07 Apr 2022 00:00:00 +0000 Learn how to make your code run more efficiently in AWS Lambda, so you can save money and time! Trend Micro DevOps : Cloud Native Trend Micro DevOps : How To Trend Micro DevOps : Serverless Security Trend Micro DevOps : Article Trend Micro DevOps : AWS Raphael Bottino TM Named CWS "Strong Performer" by Research Firm https://www.trendmicro.com/en_us/research/22/d/cloud-workload-security-cws-forrester-wave-2022.html Research, News, and Perspective urn:uuid:2099089c-9bde-2813-ce39-f2d693b70b18 Thu, 07 Apr 2022 00:00:00 +0000 Trend Micro was named a strong performer in the Forrester Wave™: Cloud Workload Security, Q1 2022, achieving the highest possible score in the market presence category. That said, Trend Micro Cloud One secures far more than workloads and containers. Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Malware Trend Micro Research : Compliance & Risks Trend Micro Research : Articles, News, Reports An In-Depth Look at ICS Vulnerabilities Part 3 https://www.trendmicro.com/en_us/research/22/d/an-in-depth-look-at-ics-vulnerabilities-part-3.html Research, News, and Perspective urn:uuid:314321d2-8171-9f1a-12c4-e7e93283709d Wed, 06 Apr 2022 00:00:00 +0000 In our series wrap-up, we look into CVEs that affect critical manufacturing based on MITRE’s matrix. We also explore common ICS-affecting vulnerabilities identified in 2021. Trend Micro Research : Malware Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : ICS OT Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Articles, News, Reports Detecting Exploitation of Local Vulnerabilities Through Trend Micro Vision One™ and Cloud One™ https://www.trendmicro.com/en_us/research/22/d/detecting-exploitation-of-local-vulnerabilities-through-trend-mi.html Research, News, and Perspective urn:uuid:4c4329d5-b950-5a20-d92c-f5fcfce502d9 Wed, 06 Apr 2022 00:00:00 +0000 We provide a guide to detecting Dirty Pipe, a Linux kernel vulnerability tracked as CVE-2022-0847.  Trend Micro Research : Articles, News, Reports Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Sunil Bharti 5 Zero Trust Security Model DevOps Integrations https://www.trendmicro.com/en_us/devops/22/d/zero-trust-security-devops-integrations.html DevOps Resource Center urn:uuid:cbc19d3d-4cef-5c59-6ee9-7acab9db91ad Wed, 06 Apr 2022 00:00:00 +0000 Learn how the zero trust security model can be integrated into your DevOps lifecycle without implicating the agility or speed of your application build. Trend Micro DevOps : Cloud Native Trend Micro DevOps : How To Trend Micro DevOps : Article Trend Micro DevOps : Multi Cloud Caitlyn Hughes Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload https://www.trendmicro.com/en_us/research/22/d/Thwarting-Loaders-From-SocGholish-to-BLISTERs-LockBit-Payload.html Research, News, and Perspective urn:uuid:9c32abc9-3f84-6d80-b96a-b9fd5f50a821 Tue, 05 Apr 2022 00:00:00 +0000 Both BLISTER and SocGholish are loaders known for their evasion tactics. Our report details what these loaders are capable of and our investigation into a campaign that uses both to deliver the LockBit ransomware. Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Earle Maui Earnshaw An In-Depth Look at ICS Vulnerabilities Part 2 https://www.trendmicro.com/en_us/research/22/d/an-in-depth-look-at-ics-vulnerabilities-part-2.html Research, News, and Perspective urn:uuid:02a313dd-6799-565f-7831-b6210472f5f7 Mon, 04 Apr 2022 00:00:00 +0000 In part two of our three-part series, we continue to analyze vulnerabilities using MITRE ATT&CK. We also look into the sectors affected and their risk levels. Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Cyber Threats Trend Micro Research : ICS OT Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Articles, News, Reports MacOS SUHelper Root Privilege Escalation Vulnerability: A Deep Dive Into CVE-2022-22639 https://www.trendmicro.com/en_us/research/22/d/macos-suhelper-root-privilege-escalation-vulnerability-a-deep-di.html Research, News, and Perspective urn:uuid:2c81acaa-68ae-cdb2-d045-2d7262aacb8e Mon, 04 Apr 2022 00:00:00 +0000 We discovered a now-patched vulnerability in macOS SUHelper, designated as CVE-2022-22639. If exploited, the vulnerability could allow malicious actors to gain root privilege escalation. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Mickey Jin MITRE Engenuity ATT&CK Tests https://www.trendmicro.com/en_us/research/22/d/mitre-engenuity-attack-tests.html Research, News, and Perspective urn:uuid:93184342-7c48-a3ce-9178-74c8e3f557ed Mon, 04 Apr 2022 00:00:00 +0000 Trend Micro Vision One achieved a protection score of 100% in this year’s evaluation, proving once again that it is an invaluable tool that provides higher confidence detections for security operations teams. Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Cyber Threats Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports This Week in Security News - April 1, 2022 https://www.trendmicro.com/en_us/research/22/d/this-week-in-security-news-april-1-2022.html Research, News, and Perspective urn:uuid:02184f7a-ca43-6537-7f38-fe1b985f661a Fri, 01 Apr 2022 00:00:00 +0000 Probing the activities of cloud-based cryptocurrency-mining groups, and Lapsus$ ‘back from vacation’ Trend Micro Research : Cloud Trend Micro Research : Cyber Crime Trend Micro Research : Expert Perspective Trend Micro Research : Cyber Threats Trend Micro Research : Endpoints Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Jon Clay An In-Depth Look at ICS Vulnerabilities Part 1 https://www.trendmicro.com/en_us/research/22/c/an-in-depth-look-at-ics-vulnerabilities-part-1.html Research, News, and Perspective urn:uuid:574d7455-7b09-adda-6ac1-0f99d5c8e1b9 Wed, 30 Mar 2022 00:00:00 +0000 In this blog series our team examined various ICS vulnerabilities using the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK) for ICS. Trend Micro Research : Malware Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Cyber Threats Trend Micro Research : ICS OT Trend Micro Research : Endpoints Trend Micro Research : Articles, News, Reports Why Organizations Should Take Cloud-Based Cryptocurrency-Mining Attacks Seriously https://www.trendmicro.com/en_us/research/22/c/organizations-should-take-cloud-cryptomining-attacks-seriously.html Research, News, and Perspective urn:uuid:29fcdfb8-c956-146f-2090-d6dae14b0834 Tue, 29 Mar 2022 00:00:00 +0000 One of the recent trends we’ve observed is the rise of cloud-based cryptocurrency-mining groups that exploit cloud resources, specifically the CPU power of deployed cloud instances, to mine cryptocurrency. Trend Micro Research : Cloud Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Mayra Rosario Fuentes How CISOs can Mitigate Cryptomining Malware https://www.trendmicro.com/en_us/ciso/22/c/stop-cryptomining-malware.html CISO Resource Center urn:uuid:3606beda-752b-dab4-754f-ab8072184aeb Tue, 29 Mar 2022 00:00:00 +0000 Learn more about cloud-based cryptomining, its repercussions, and how CISOs can create an effective risk mitigation strategy for this threat. Trend Micro CISO : Article Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Jon Clay Terraform Tutorial: Drift Detection Strategies https://www.trendmicro.com/en_us/devops/22/c/terraform-tutorial-drift-detection-strategies.html DevOps Resource Center urn:uuid:914b8964-4fe3-80c1-a7d9-bfff419a0041 Mon, 28 Mar 2022 00:00:00 +0000 A fundamental challenge of architecture built using tools like Terraform is configuration drift. Check out these actionable strategies and steps you can take to detect and mitigate Terraform drift and manage any drift issues you might face. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Azure Trend Micro DevOps : Article Trend Micro DevOps : AWS Trend Micro DevOps : Expert Perspective Trend Micro DevOps : Conformity Trend Micro DevOps : Multi Cloud Michael Langford