US - Research, News, and Perspectives http://feed.informer.com/digests/G5HRN3DTV4/feeder US - Research, News, and Perspectives Respective post owners and feed distributors Tue, 09 Nov 2021 16:45:03 +0000 Feed Informer http://feed.informer.com/ Common Cloud-Native Security Misconfigurations & Fixes https://www.trendmicro.com/en_us/devops/22/i/cloud-native-security-misconfigurations-solutions.html DevOps Resource Center urn:uuid:630022da-22b5-d881-1416-2a12ea04de2e Fri, 30 Sep 2022 00:00:00 +0000 Cloud configuration errors are a major concern for modern DevOps teams, introducing a new attack surface with numerous potential points of vulnerability. Read on to discover some of the most common errors and learn how to resolve them. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Azure Trend Micro DevOps : Article Trend Micro DevOps : Compliance Trend Micro DevOps : AWS Trend Micro DevOps : How To Trend Micro DevOps : Multi Cloud Michael Langford Incident Response Services & Playbooks Guide https://www.trendmicro.com/en_us/ciso/22/i/incident-response-services.html CISO Resource Center urn:uuid:2fbca013-1e0d-459d-a284-e349bb695e8a Thu, 29 Sep 2022 00:00:00 +0000 63% of c-level executives in the US don’t have an incident response plan yet 50% of organizations experience a cyberattack. Explore incident response services and playbooks to strengthen your cyber defenses. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Trend Micro CISO : Cybersecurity Awareness Month Chris LaFleur Stronger Cloud Security in Azure Function Using Custom Cloud Container https://www.trendmicro.com/en_us/research/22/i/stronger-cloud-security-in-azure-function-using-custom-cloud-container.html Research, News, and Perspective urn:uuid:18a52dea-e0fc-8143-0006-d661d9d8b092 Thu, 29 Sep 2022 00:00:00 +0000 In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Function. Trend Micro Research : Cloud Trend Micro Research : Articles, News, Reports Trend Micro Research : Research David Fiser Stronger Cloud Security in Azure Functions Using Custom Cloud Container https://www.trendmicro.com/en_us/research/22/i/stronger-cloud-security-in-azure-function-using-custom-cloud-container.html Research, News, and Perspective urn:uuid:5f163e9b-2b15-ab7a-2b7d-e16d7b59c677 Thu, 29 Sep 2022 00:00:00 +0000 In this entry, we discuss how developers can use custom cloud container image and the distroless approach to minimize security gaps in Azure Functions. Trend Micro Research : Cloud Trend Micro Research : Articles, News, Reports Trend Micro Research : Research David Fiser Preventing Cryptocurrency Cyber Extortion https://www.trendmicro.com/en_us/ciso/22/i/prevent-cyber-extortion.html CISO Resource Center urn:uuid:d2742ea5-e050-1f3b-a6b1-c99205c5b54f Tue, 27 Sep 2022 00:00:00 +0000 Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. Discover cryptocurrency trends and how enterprises can enhance their cybersecurity posture to prevent cyber extortion. Trend Micro CISO : Article Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Cybersecurity Awareness Month Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Jon Clay How Underground Groups Use Stolen Identities and Deepfakes https://www.trendmicro.com/en_us/research/22/i/how-underground-groups-use-stolen-identities-and-deepfakes.html Research, News, and Perspective urn:uuid:0c5466fb-3567-7b36-8b70-30e3079c01e8 Tue, 27 Sep 2022 00:00:00 +0000 The growing appearance of deepfake attacks is significantly reshaping the threat landscape. These fakes brings attacks such as business email compromise (BEC) and identity verification bypassing to new levels. Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Social Media Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Vladimir Kropotov Simplify with Network Security as a Service (NSaaS) https://www.trendmicro.com/en_us/devops/22/i/network-security-as-a-service-nsaas.html DevOps Resource Center urn:uuid:cb984ebf-e73f-75c5-e431-b1c4283426c1 Fri, 23 Sep 2022 00:00:00 +0000 Learn more on how network security as a service (NSaaS) employs the latest technologies to counter unknown threats and detect abnormal behavior before it becomes a direct threat. Trend Micro DevOps : Cloud Native Trend Micro DevOps : How To Trend Micro DevOps : Network Security Trend Micro DevOps : Article Trend Micro DevOps : Multi Cloud Duane Seon 4 Cybersecurity Budget Management Tips https://www.trendmicro.com/en_us/ciso/22/h/cybersecurity-budget-management.html CISO Resource Center urn:uuid:a43cf929-3d28-5ce4-3de5-fcb26ad2dead Fri, 23 Sep 2022 00:00:00 +0000 Learn how CISOs can strategically manage their cybersecurity budget to run more productive cybersecurity teams amid a skills shortage. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Greg Young How to Prevent Ransomware as a Service (RaaS) Attacks https://www.trendmicro.com/en_us/ciso/22/i/prevent-ransomware-as-a-service-raas-attacks.html CISO Resource Center urn:uuid:ca0447aa-6a2b-74f5-9ec7-206379184333 Thu, 22 Sep 2022 00:00:00 +0000 Explore key insights on how ransomware as a service (RaaS) operators work and how to prevent ransomware attacks. Trend Micro CISO : Article Trend Micro CISO : Expert Perspective Trend Micro CISO : Cybersecurity Awareness Month Trend Micro CISO : Risk Management Jon Clay Atlassian Confluence Vulnerability CVE-2022-26134 Abused For Cryptocurrency Mining, Other Malware https://www.trendmicro.com/en_us/research/22/i/atlassian-confluence-vulnerability-cve-2022-26134-abused-for-cryptocurrency-mining-other-malware.html Research, News, and Perspective urn:uuid:8d955a73-e93e-1c2a-cf60-589d7b5954d2 Wed, 21 Sep 2022 00:00:00 +0000 Users are advised to patch immediately: We found exploit samples abusing the Atlassian Confluence vulnerability (CVE-2022-26134) in the wild for malicious cryptocurrency mining. Trend Micro Research : Malware Trend Micro Research : Cyber Crime Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Cyber Threats Trend Micro Research : Endpoints Trend Micro Research : Mobile Trend Micro Research : Articles, News, Reports Sunil Bharti Cybersecurity Awareness Month 2022: 3 Actionable Tips https://www.trendmicro.com/en_us/ciso/22/i/cybersecurity-awareness-month-3-actionable-tips.html CISO Resource Center urn:uuid:b6968e0d-cfe0-44c8-3d28-8567fbdc98a4 Tue, 20 Sep 2022 00:00:00 +0000 Make Cybersecurity Awareness Month a year-long initiative with these three actionable security tips to reduce cyber risk across the attack surface. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Greg Young Security Risks in Logistics APIs Used by E-Commerce Platforms https://www.trendmicro.com/en_us/research/22/i/security-risks-in-logistics-apis-used-by-e-commerce-platforms-.html Research, News, and Perspective urn:uuid:a5f823a9-cf43-7294-9d09-c5adbfbd6fdf Tue, 20 Sep 2022 00:00:00 +0000 Our research examines the security flaws that we found in the logistics API implementation of e-commerce platforms that can potentially expose the consumers’ personal information. We discuss the security risks that such flaws present for software engineers, e-commerce platform providers, and consumers. Trend Micro Research : Cloud Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Medium Ryan Flores The Risk of Ransomware Supply Chain Attacks https://www.trendmicro.com/en_us/research/22/i/ransomware-supply-chain-attack-stats.html Research, News, and Perspective urn:uuid:dcbc931d-41e0-d9b2-3032-1687b12ac404 Tue, 20 Sep 2022 00:00:00 +0000 Over the years, ransomware has become a major threat and it can put supply chains in deep trouble. Trend Micro Research : ICS OT Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Red Teaming to Reduce Cyber Risk https://www.trendmicro.com/en_us/ciso/22/i/red-teaming-to-reduce-cyber-risk.html CISO Resource Center urn:uuid:1473954f-f43d-b0cc-6bfb-876f5b16812a Thu, 15 Sep 2022 00:00:00 +0000 Discover how red teaming can help reduce cyber risk across your ever-expanding digital attack surface. Trend Micro CISO : Article Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Lucas van den Berg Top 5 CNAPP-Solved Security Challenges https://www.trendmicro.com/en_us/devops/22/i/cnapp-solved-security-challenges.html DevOps Resource Center urn:uuid:b044addc-cf55-669a-75b1-bf41be783161 Thu, 15 Sep 2022 00:00:00 +0000 Cloud-native application security solutions consist of various tools, each with its own objective - learn what security challenges CNAPP solves. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Article Trend Micro DevOps : Best Practices Trend Micro DevOps : Multi Cloud Michael Langford A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities https://www.trendmicro.com/en_us/research/22/i/a-post-exploitation-look-at-coinminers-abusing-weblogic-vulnerab.html Research, News, and Perspective urn:uuid:cd8c0752-b3bc-e170-a658-a1ff203bca26 Wed, 14 Sep 2022 00:00:00 +0000 This blog entry details how Trend Micro Cloud One™ – Workload Security and Trend Micro Vision One™ effectively detected and blocked the abuse of the CVE-2020-14882 WebLogic vulnerability in affected endpoints. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Sunil Bharti Pros and Cons of 5G https://www.trendmicro.com/en_us/ciso/22/i/pros-cons-5g.html CISO Resource Center urn:uuid:d21f56f7-2fe8-fd2b-2452-66146aa43699 Tue, 13 Sep 2022 00:00:00 +0000 As private 5G networks continue to roll-out, CISOs and security leaders need to fully aware of the security implications to minimize cyber risk. Explore pros and cons as well as security tips for implementing private 5G. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud William Malik Security Breaks: TeamTNT’s DockerHub Credentials Leak https://www.trendmicro.com/en_us/research/22/i/security-breaks-teamtnts-dockerhub-credentials-leak.html Research, News, and Perspective urn:uuid:09381b9d-b428-751e-94f8-73a8c134d22b Mon, 12 Sep 2022 00:00:00 +0000 One of our honeypots based on exposed Docker REST APIs showed cybercriminal group TeamTNT’s potential attack scenario and leak of container registry credentials for docker-abuse malware. The full version of this research will be presented at the c0c0n XV Hacking and Cyber Security Conference in September 2022. Trend Micro Research : Cloud Trend Micro Research : Compliance & Risks Trend Micro Research : Cyber Crime Trend Micro Research : Privacy & Risks Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Nitesh Surana CIEM vs CWPP vs CSPM https://www.trendmicro.com/en_us/devops/22/i/ciem-vs-cwpp-vs-cspm.html DevOps Resource Center urn:uuid:56cbfb11-e184-5c55-6b8a-55796d180589 Thu, 08 Sep 2022 00:00:00 +0000 This article will explore three solutions, CIEM, CWPP, and CSPM, detail a sample case for each, and help you to determine when and how to use them—whether individually or in conjunction with one another. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Article Trend Micro DevOps : Conformity Trend Micro DevOps : Multi Cloud Trend Micro DevOps : Expert Perspective Michael Langford Biden Cybersecurity Executive Order: Ex-USSS Reflects https://www.trendmicro.com/en_us/ciso/22/i/biden-cybersecurity-executive-order-14028-may-2021.html CISO Resource Center urn:uuid:6ea85e38-7489-4d11-d1a4-48035fe3420a Thu, 08 Sep 2022 00:00:00 +0000 Ed Cabrera, former CISO of the US Secret Service and current Chief Cybersecurity Officer for Trend Micro, reflects on the effectiveness of Biden’s executive order and what organizations of all sizes can learn from it. Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Ed Cabrera How Malicious Actors Abuse Native Linux Tools in Attacks https://www.trendmicro.com/en_us/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html Research, News, and Perspective urn:uuid:c08bfba1-2f89-661b-2fc3-2551e3dfa638 Thu, 08 Sep 2022 00:00:00 +0000 Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on how to minimize their impact. Trend Micro Research : Cloud Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Nitesh Surana Enhancing Cloud Security by Reducing Container Images Through Distroless Techniques https://www.trendmicro.com/en_us/research/22/i/enhancing-cloud-security-by-reducing-container-images-through-di.html Research, News, and Perspective urn:uuid:519b42d1-e2a7-8a01-7612-c5031b691f50 Wed, 07 Sep 2022 00:00:00 +0000 We analyzed the Distroless technique for reducing the size of container images and explored its capabilities to address security concerns. We provide an alternative approach to Distroless that reduces the attack surface for malicious actors targeting cloud-native applications while optimizing cloud resources. Trend Micro Research : Cloud Trend Micro Research : Articles, News, Reports Trend Micro Research : Research Alfredo Oliveira Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa https://www.trendmicro.com/en_us/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html Research, News, and Perspective urn:uuid:e53649a2-4523-a363-6d03-daa9e47037ae Tue, 06 Sep 2022 00:00:00 +0000 Play is a new ransomware that takes a page out of Hive and Nokoyawa's playbook. The many similarities among them indicate that Play, like Nokoyawa, are operated by the same people. Trend Micro Research : Articles, News, Reports Trend Micro Research : Ransomware Trend Micro Research : Research Don Ovid Ladores Hybrid Cloud Security Challenges & Solutions https://www.trendmicro.com/en_us/ciso/22/i/hybrid-cloud-security-challenges-solutions.html CISO Resource Center urn:uuid:026a9eba-11f9-f6cb-1b0d-77799031a6a3 Tue, 06 Sep 2022 00:00:00 +0000 Explore hybrid cloud security challenges, components, and tips to minimize your cyber risk. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Mike Milner Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm https://www.trendmicro.com/en_us/research/22/i/buzzing-in-the-background-bumblebee-a-new-modular-backdoor-evolv.html Research, News, and Perspective urn:uuid:f1f29c73-5ee8-1326-baa8-9ed4458377cf Fri, 02 Sep 2022 00:00:00 +0000 In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string embedded in the malware. However, in our recent investigations, we have discovered a controller application that expands its capabilities. Trend Micro Research : Malware Trend Micro Research : Endpoints Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Vickie Su Top 5 Cloud Security Trends from AWS re:Inforce 2022 https://www.trendmicro.com/en_us/devops/22/i/cloud-security-trends-aws-reinforce-2022.html DevOps Resource Center urn:uuid:6a5c6101-5a86-0400-8e12-0234cf3312ae Fri, 02 Sep 2022 00:00:00 +0000 With the industry changing so rapidly, it is often hard to keep up with what is new in cloud security, so we thought we would put together a list of the top five cloud security trends we found during AWS re:Inforce 2022. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Network Security Trend Micro DevOps : Article Trend Micro DevOps : Compliance Trend Micro DevOps : AWS Trend Micro DevOps : Expert Perspective Trend Micro DevOps : Multi Cloud Caitlyn Hughes Metaverse Broadband Infrastructure Security https://www.trendmicro.com/en_us/ciso/22/i/metaverse-broadband-infrastructure-security.html CISO Resource Center urn:uuid:5b625d30-5057-e738-f3b5-a3be3c5ae2eb Thu, 01 Sep 2022 00:00:00 +0000 The metaverse is coming—but what does that mean for network infrastructure? We explore expected changes, network challenges, and tips for enhancing network security to minimize cyber risk across the attack surface. Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management William Malik Cyber Security Managed Services 101 https://www.trendmicro.com/en_us/ciso/22/i/cyber-security-managed-services-101.html CISO Resource Center urn:uuid:53c0797e-c5fa-96bb-dd82-0702ab145f58 Tue, 30 Aug 2022 00:00:00 +0000 MSP partnerships are growing in line with rapid cloud migration and the evolving threat landscape. Discover how an MSP can help your business and tips for making an informed partner decision. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud William Malik ZTNA vs VPN: Secure Remote Work & Access - SASE Part 2 https://www.trendmicro.com/en_us/ciso/22/h/ztna-vs-vpn-secure-remote-work.html CISO Resource Center urn:uuid:5cd0918e-60c9-04a6-bbeb-b4915d422aa2 Thu, 25 Aug 2022 00:00:00 +0000 Explore the drivers behind switching from VPN to Zero Trust Network Access (ZTNA) for any device access from anywhere. Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Unlocking Serverless with AWS Lambda and IAM https://www.trendmicro.com/en_us/devops/22/h/serverless-aws-lambda-iam-tutorial.html DevOps Resource Center urn:uuid:d8dfc6ad-438a-8d5d-eda6-da014f7b12bd Thu, 25 Aug 2022 00:00:00 +0000 Learn how Lambda and IAM unlock the power and versatility of the cloud by implementing a serverless User API that can be expanded on as you grow and explore the many services on AWS. Trend Micro DevOps : Cloud Native Trend Micro DevOps : How To Trend Micro DevOps : Serverless Security Trend Micro DevOps : Article Trend Micro DevOps : AWS Braden Collingwood New Golang Ransomware Agenda Customizes Attacks https://www.trendmicro.com/en_us/research/22/h/new-golang-ransomware-agenda-customizes-attacks.html Research, News, and Perspective urn:uuid:ced46746-f256-ed3e-c935-7c3a392958ac Thu, 25 Aug 2022 00:00:00 +0000 A new piece of ransomware written in the Go language has been targeting healthcare and education enterprises in Asia and Africa. This ransomware is called Agenda and is customized per victim. Trend Micro Research : Endpoints Trend Micro Research : Ransomware Trend Micro Research : Research Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Mohamed Fahmy Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html Research, News, and Perspective urn:uuid:602d2600-0748-423a-8251-c0bd5f0ef2c8 Wed, 24 Aug 2022 00:00:00 +0000 We investigate mhyprot2.sys, a vulnerable anti-cheat driver for the popular role-playing game Genshin Impact. The driver is currently being abused by a ransomware actor to kill antivirus processes and services for mass-deploying ransomware. Trend Micro Research : Endpoints Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Research Trend Micro Research : Ransomware Trend Micro Research : Articles, News, Reports Ryan Soliven 4 Cybersecurity Budget Management Tips https://www.trendmicro.com/en_us/ciso/22/h/cybersecurity-budget-management.html CISO Resource Center urn:uuid:33f43371-e4c1-b2f2-5421-b7ac1d8d99e2 Tue, 23 Aug 2022 00:00:00 +0000 Learn how CISOs can strategically manage their cybersecurity budget to run more productive cybersecurity teams amid a skills shortage. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Greg Young Business Email Compromise Attack Tactics https://www.trendmicro.com/en_us/ciso/22/h/business-email-compromise-bec-attack-tactics.html CISO Resource Center urn:uuid:ebeffa6e-5537-b09a-50c4-24f2a2a0ed54 Thu, 18 Aug 2022 00:00:00 +0000 Is BEC more damaging than ransomware? What tactics are BEC actors using? How can organizations bolster their defenses? Jon Clay, VP of threat intelligence, tackles these pertinent questions and more to help reduce cyber risk. Trend Micro CISO : Article Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Jon Clay Analyzing the Hidden Danger of Environment Variables for Keeping Secrets https://www.trendmicro.com/en_us/research/22/h/analyzing-hidden-danger-of-environment-variables-for-keeping-secrets.html Research, News, and Perspective urn:uuid:ed3c6161-dc67-b5ad-e649-48636b0c0d24 Wed, 17 Aug 2022 00:00:00 +0000 While DevOps practitioners use environment variables to regularly keep secrets in applications, these could be conveniently abused by cybercriminals for their malicious activities, as our analysis shows. Trend Micro Research : Cloud Trend Micro Research : Web Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Privacy & Risks Trend Micro Research : Articles, News, Reports David Fiser Protecting S3 from Malware: The Cold Hard Truth https://www.trendmicro.com/en_us/research/22/h/protect-s3-malware.html Research, News, and Perspective urn:uuid:d3d2d041-8533-45f1-8f42-ba618c1d7b66 Wed, 17 Aug 2022 00:00:00 +0000 Cloud object storage is a core component of any modern application, but most cloud file storage security is insufficient. Trend Micro Research : Cloud Trend Micro Research : Malware Trend Micro Research : Security Strategies Trend Micro Research : Articles, News, Reports Mike Milner What Exposed OPA Servers Can Tell You About Your Applications https://www.trendmicro.com/en_us/research/22/h/what-exposed-opa-servers-can-tell-you-about-your-applications-.html Research, News, and Perspective urn:uuid:1cc4fe78-8557-4c93-4194-b5b54d1edb9c Tue, 16 Aug 2022 00:00:00 +0000 This blog entry discusses what an OPA is and what it’s for, what we’ve discovered after identifying 389 exposed OPA servers via Shodan, and how exposed OPAs can negatively impact your applications’ overall security. Trend Micro Research : Cloud Trend Micro Research : Articles, News, Reports Trend Micro Research : Research Magno Logan Top Five Patch Management & Process Best Practices https://www.trendmicro.com/en_us/ciso/22/h/patch-management-process-best-practices.html CISO Resource Center urn:uuid:0f700049-f371-74d5-6a51-b454e51dddba Tue, 16 Aug 2022 00:00:00 +0000 Explore the top patch management best practices to mitigate the growing threat of vulnerability exploits in your organization. Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Jon Clay Detect Threats with Runtime Security https://www.trendmicro.com/en_us/devops/22/h/runtime-security.html DevOps Resource Center urn:uuid:bf4e9f0c-4ef6-46fc-3f58-706bc60404d9 Tue, 16 Aug 2022 00:00:00 +0000 With the increasing use of multi-cloud infrastructure services security has become more complex. You need simplified security for your cloud-native applications with advanced container image scanning, policy-based admission control, and container runtime protection. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Container Security Trend Micro DevOps : Article Trend Micro DevOps : Best Practices Trend Micro DevOps : Multi Cloud Jiri Sykora Oil and Gas Cybersecurity: Recommendations Part 3 https://www.trendmicro.com/en_us/research/22/h/oil-gas-cybersecurity-recommendations-part-3.html Research, News, and Perspective urn:uuid:9a9a908a-d37b-737d-c4e3-3734d3b18b8b Mon, 15 Aug 2022 00:00:00 +0000 In the final part of our series, we look at the APT33 case study and several recommendations from our expert team. Trend Micro Research : Malware Trend Micro Research : Research Trend Micro Research : Privacy & Risks Trend Micro Research : Cyber Threats Trend Micro Research : ICS OT Trend Micro Research : IoT Trend Micro Research : Ransomware Trend Micro Research : Articles, News, Reports Event-Driven Architectures & the Security Implications https://www.trendmicro.com/en_us/devops/22/h/event-driven-architecture-security.html DevOps Resource Center urn:uuid:8737b7aa-e8db-5f0e-4b3f-42f4b06e0e76 Fri, 12 Aug 2022 00:00:00 +0000 This article explores event-driven architecture (EDA) with a detailed definition and explains how EDA offers many essential benefits to developers. It concludes with an outline of some best practices for mitigating security concerns. Trend Micro DevOps : Cloud Native Trend Micro DevOps : Article Trend Micro DevOps : Multi Cloud Trend Micro DevOps : Expert Perspective Sterling Davis Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users https://www.trendmicro.com/en_us/research/22/h/irontiger-compromises-chat-app-Mimi-targets-windows-mac-linux-users.html Research, News, and Perspective urn:uuid:ab266a61-63b3-5caa-6f8d-055ffd686bf5 Fri, 12 Aug 2022 00:00:00 +0000 We found APT group Iron Tiger's malware compromising chat application Mimi’s servers in a supply chain attack. Trend Micro Research : Malware Trend Micro Research : Cyber Crime Trend Micro Research : Privacy & Risks Trend Micro Research : Cyber Threats Trend Micro Research : APT & Targeted Attacks Trend Micro Research : Endpoints Trend Micro Research : Mobile Trend Micro Research : Articles, News, Reports Daniel Lunghi CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies https://www.trendmicro.com/en_us/research/22/h/copperstealer-distributes-malicious-chromium-browser-extension-steal-cryptocurrencies.html Research, News, and Perspective urn:uuid:dc0c4bf9-c1e5-ad0c-3bed-b48defa6e1f4 Thu, 11 Aug 2022 00:00:00 +0000 We tracked the latest deployment of the group behind CopperStealer, this time stealing cryptocurrencies and users’ wallet account information via a malicious Chromium-based browser extension. Trend Micro Research : Malware Trend Micro Research : Endpoints Trend Micro Research : Cyber Crime Trend Micro Research : Privacy & Risks Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Jaromir Horejsi Cyber Insurance Coverage Checklist: 5 Security Items https://www.trendmicro.com/en_us/ciso/22/h/cyber-insurance-coverage-checklist.html CISO Resource Center urn:uuid:397ee4d7-2bc9-c6b9-0c2a-884681c7c605 Thu, 11 Aug 2022 00:00:00 +0000 Explore 5 security considerations in-line with cyber insurance requirements to renew or obtain a policy while reducing your cyber risk. Trend Micro CISO : Expert Perspective Trend Micro CISO : Skills Gap Trend Micro CISO : Compliance Trend Micro CISO : Risk Management Trend Micro CISO : Detection and Response Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Vince Kearns Oil and Gas Cybersecurity: Threats Part 2 https://www.trendmicro.com/en_us/research/22/h/oil-gas-cybersecurity-threats-part-2.html Research, News, and Perspective urn:uuid:0961eff9-74d1-ded0-3bfa-115f3e9e1306 Thu, 11 Aug 2022 00:00:00 +0000 In part two of our oil and gas series, we look at more threats that can expose the industry to cyberattacks. Trend Micro Research : Malware Trend Micro Research : Privacy & Risks Trend Micro Research : Cyber Threats Trend Micro Research : ICS OT Trend Micro Research : IoT Trend Micro Research : Ransomware Trend Micro Research : Articles, News, Reports Improve Threat Detection & Response with OCSF https://www.trendmicro.com/en_us/research/22/h/improve-threat-detection-response-ocsf.html Research, News, and Perspective urn:uuid:bc5e224d-aed5-e8b7-9103-29dff87facde Wed, 10 Aug 2022 00:00:00 +0000 New open source initiative helping organizations to detect and respond to cyber-attacks faster and easier Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Compliance & Risks Trend Micro Research : Network Trend Micro Research : Articles, News, Reports Forecasting Metaverse Threats: Will it Become Metaworse? https://www.trendmicro.com/en_us/research/22/h/forecasting-metaverse-threats-will-it-become-metaworse.html Research, News, and Perspective urn:uuid:c69b43f9-50a0-a1bf-547d-583ff59ff6f2 Tue, 09 Aug 2022 00:00:00 +0000 This report shares threat predictions concerning a rapidly evolving area of the physical and digital word – the metaverse. We refine our definition of the metaverse, while identifying threats against it and inside it. Trend Micro Research : IoT Trend Micro Research : Research Trend Micro Research : Deep Web Trend Micro Research : Articles, News, Reports Trend Micro Research : Cyber Threats Trend Micro Research A Secure Access Service Edge (SASE) Guide for Leaders https://www.trendmicro.com/en_us/ciso/22/h/secure-access-service-edge-sase-security-company.html CISO Resource Center urn:uuid:bbe2c8b6-6d3a-bb26-a941-f6c7c977468a Tue, 09 Aug 2022 00:00:00 +0000 Discover the benefits of SASE in adopting modern security architectures to reduce cyber risk across the attack surface. Trend Micro CISO : Article Trend Micro CISO : Digital Transformation Trend Micro CISO : Cloud Trend Micro CISO : Expert Perspective Trend Micro CISO : Risk Management Oil and Gas Cybersecurity: Industry Overview Part 1 https://www.trendmicro.com/en_us/research/22/h/oil-gas-cybersecurity-part-1.html Research, News, and Perspective urn:uuid:2daed98c-f15f-4fcc-4740-adc74f31feda Mon, 08 Aug 2022 00:00:00 +0000 With geopolitical tensions running high, oil and gas companies may be more susceptible to cyberattacks. Trend Micro Research : Malware Trend Micro Research : Exploits & Vulnerabilities Trend Micro Research : Privacy & Risks Trend Micro Research : Cyber Threats Trend Micro Research : ICS OT Trend Micro Research : IoT Trend Micro Research : Ransomware Trend Micro Research : Articles, News, Reports Facebook's Metaverse is Expanding the Attack Surface https://www.trendmicro.com/en_us/research/22/h/facebook-metaverse-attack-surface-security.html Research, News, and Perspective urn:uuid:d9ac9556-4d7a-9ae3-0204-86c8891d4e06 Mon, 08 Aug 2022 00:00:00 +0000 Understand the cybersecurity risks in the Metaverse Trend Micro Research : Cloud Trend Micro Research : Latest News Trend Micro Research : Cyber Crime Trend Micro Research : Social Media Trend Micro Research : Privacy & Risks Trend Micro Research : IoT Trend Micro Research : Ransomware Trend Micro Research : Articles, News, Reports William Malik