Src |
Date (GMT) |
Titre |
Description |
Tags |
Stories |
Notes |
|
2023-03-09 00:00:00 |
Examining Ransomware Payments From a Data-Science Lens (lien direct) |
In this entry, we discuss case studies that demonstrated how data-science techniques were applied in our investigation of ransomware groups' ransom transactions, as detailed in our joint research with Waratah Analytics, “What Decision-Makers Need to Know About Ransomware Risk.” |
Ransomware
Studies
|
|
★★★
|
|
2023-03-08 00:00:00 |
Security Patch Management Strengthens Ransomware Defense (lien direct) |
With thousands of applications to manage, enterprises need an effective way to prioritize software security patches. That calls for a contextualized, risk-based approach and good overall attack surface risk management. |
Ransomware
|
|
★★
|
|
2023-03-02 00:00:00 |
Phishing as a Service Stimulates Cybercrime (lien direct) |
With phishing attacks at an all-time high, phishing as a service (PhaaS) is turning this once-skilled practice into a pay-to-play industry. Understanding the latest attack tactics is critical to improving your email security strategy. |
Cloud
|
|
★★★
|
|
2023-03-01 00:00:00 |
Iron Tiger\'s SysUpdate Reappears, Adds Linux Targeting (lien direct) |
We detail the update that advanced persistent threat (APT) group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems. |
Threat
Malware
|
APT 27
|
★
|
|
2023-02-28 00:00:00 |
Decrypting Cyber Risk Quantification (lien direct) |
Discover the evolution of cyber risk quantification, criteria for an accurate risk score, and its benefits across the organization. |
|
|
★★
|
|
2023-02-21 00:00:00 |
Fight Ransomware with a Cybersecurity Audit (lien direct) |
An advanced cybersecurity audit helps identify overlooked IP addresses, forgotten devices, and misconfigured infrastructure that can expose organizations to ransomware and other cyber threats. Find out how to strengthen attack surface risk management. |
Ransomware
|
|
★★★
|
|
2023-02-16 00:00:00 |
Lower Data Breach Insurance Costs with These Tips (lien direct) |
The changing attack landscape has resulted in the hardening of the data breach insurance market. Gain insight into how implementing security controls can reduce the mean time to detect and control the costliness of an attack. |
Data Breach
|
|
★★★
|
|
2023-02-09 00:00:00 |
Ransomware Revolution: 4 Types of Cyber Risks in 2023 (lien direct) |
The ransomware business model is poised to change. These four predictions could help to keep your organization secure from new forms of cyber extortion. |
Ransomware
|
|
★★
|
|
2023-02-07 00:00:00 |
A Cybersecurity Risk Assessment Guide for Leaders (lien direct) |
Cybersecurity risk assessment provides the continuous asset detection, analysis, prioritization, and risk scoring needed to keep pace with a continuously growing digital attack surface. |
|
|
★★
|
|
2023-02-01 00:00:00 |
Attack Vector vs Attack Surface: The Subtle Difference (lien direct) |
To establish a better security posture, you must address vulnerabilities in your attack vectors and surfaces. While these terms are similar, they're not the same. This article explores key differences between the two, helping you make your system more secure. |
|
|
★★
|
|
2023-01-19 00:00:00 |
What is Business Attack Surface Management? (lien direct) |
Explore how businesses can make internal and external attack surface management (ASM) actionable. |
|
|
★★
|
|
2023-01-17 00:00:00 |
Batloader Malware Abuses Legitimate Tools, Uses Obfuscated JavaScript Files in Q4 2022 Attacks (lien direct) |
We discuss the Batloader malware campaigns we observed in the last quarter of 2022, including our analysis of Water Minyades-related events (This is the intrusion set we track behind the creation of Batloader). |
Malware
|
|
★★
|
|
2023-01-12 00:00:00 |
4 Predictions for Cyber Insurance Requirements 2023 (lien direct) |
As the threat landscape evolves and the cost of data breaches increase, so will cyber insurance requirements from carriers. Cyber Risk Specialist Vince Kearns shares his 4 predictions for 2023. |
Threat
|
|
★★★
|
|
2023-01-05 00:00:00 |
Why Data Hygiene is Key to Industrial Cybersecurity (lien direct) |
How can highly distributed organizations with complex, integrated supply chains defend against cyber threats? By practicing good data hygiene based on zero-trust principles. |
Industrial
|
|
★★
|
|
2022-12-28 00:00:00 |
Improving Software Supply Chain Security (lien direct) |
Explore use cases and mitigation strategies to improve software supply chain security and reduce cyber risk. |
|
|
★★
|
|
2022-12-23 00:00:00 |
IcedID Botnet Distributors Abuse Google PPC to Distribute Malware (lien direct) |
We analyze the latest changes in IcedID botnet from a campaign that abuses Google pay per click (PPC) ads to distribute IcedID via malvertising attacks. |
Malware
|
|
★★★
|
|
2022-12-22 00:00:00 |
Prevent Cryptocurrency Cyber Extortion (lien direct) |
Highly destructive cybercrime is on the rise, and most of it is being funded with anonymous cryptocurrency. We review cryptocurrency trends and how enterprises can enhance their cybersecurity posture to prevent cyber extortion. |
|
|
★★
|
|
2022-12-19 00:00:00 |
Improve Cyber Security Posture with 2023 Predictions (lien direct) |
If a stronger cyber security posture is one of your organization's new year's resolutions, focus on what matters with these five essential highlights from the Trend Micro Security Predictions for 2023. |
Prediction
|
|
★★
|
|
2022-12-09 00:00:00 |
Protect Your Network with Zero-Day Threat Protection (lien direct) |
Explore the world of zero-day threats and gain valuable insight into the importance of proactive detection and remediation. Learn how Trend Micro™ Research mitigates risk by providing global cybersecurity intelligence to continuously discover the ever-changing attack surface, understand and prioritize vulnerabilities, detect and rapidly respond to threats, and apply the right security at the right time. |
Threat
|
|
★★
|
|
2022-12-08 00:00:00 |
Cyber Insurance Policy Underwriting Explained (lien direct) |
Cybersecurity insurance is a must have for organizations of any size. John Hennessy, RVP at Cowbell discusses cyber insurance policy underwriting process, market trends, and the key security controls for businesses. |
|
|
★★
|
|
2022-12-01 00:00:00 |
Top 3 Non-Technical Cybersecurity Trends for 2023 (lien direct) |
A strong cybersecurity strategy isn't just about choosing the right tools. Cybersecurity experts Greg Young and William Malik discuss three non-technical cybersecurity trends for 2023 to help security leaders reduce cyber risk across the enterprise attack surface. |
Guideline
|
|
★★
|
|
2022-11-29 00:00:00 |
Data Exfiltration Prevention with SASE (lien direct) |
Data exposure from SaaS and cloud applications is an increasing risk factor facing businesses today. Discover how SASE capabilities can help prevent data exfiltration and reduce cyber risk across the attack surface. |
|
|
★★
|
|
2022-11-25 00:00:00 |
Cyber Crime: INTERPOL Uses Trend Threat Intelligence (lien direct) |
INTERPOL recently conducted operation African Surge to take down malicious infrastructure across the African continent and requested the help of private enterprises. Trend Micro is proud to have been asked to participate, and provided global threat intelligence that was utilized in this operation. |
Threat
|
|
★★
|
|
2022-11-24 00:00:00 |
How the MITRE ATT&CK Framework Enhances Cloud Security (lien direct) |
Upgrade your cybersecurity game with MITRE ATT&CK™. Discover how this framework can help you protect your business-now and in the future. |
|
|
★★
|
|
2022-11-24 00:00:00 |
How a Unified Security Platform Protects the Cloud (lien direct) |
Massive growth in cloud use has increased the enterprise attack surface. Addressing the risks with specialized point solutions is unwieldy, complex and can leave vulnerability gaps-driving many companies to seek a unified cyber security platform. |
Vulnerability
|
|
★★
|
|
2022-11-23 00:00:00 |
Security Culture Matters when IT is Decentralized (lien direct) |
Decentralization can make enterprises more agile but it also makes IT and network security more complex. Creating a strong security culture, deploying the right tools, and defining an incident response plan are key to keeping the business protected. |
|
|
|
|
2022-11-23 00:00:00 |
WannaRen Returns as Life Ransomware, Targets India (lien direct) |
This blog entry looks at the characteristics of a new WannaRen ransomware variant, which we named Life ransomware after its encryption extension. |
Ransomware
|
|
|
|
2022-11-17 00:00:00 |
Email Security Best Practices for Phishing Prevention (lien direct) |
Trend Micro Research reported a 137.6% growth in phishing attacks blocked and detected in 2021. Explore the latest phishing trends and email security best practices to enhance your email security and reduce cyber risk. |
|
|
|
|
2022-11-16 00:00:00 |
Will Cloud-Native Network Security Oust Firewalls? (lien direct) |
Security threats have already begun to outpace cloud firewalls. It's a fact. But organizations exploring new cloud-native solution find themselves more prepared to stay resilient. Find out how cloud-native network security's features and benefits are making this possible. |
|
|
|
|
2022-11-16 00:00:00 |
Pilfered Keys: Free App Infected by Malware Steals Keychain Data (lien direct) |
Open-source applications are a practical way to save money while keeping up with your productivity. However, this can be abused by threat actors to steal your data. Find out how one app was used to gather information of Apple users. |
Threat
Malware
|
|
|
|
2022-11-15 00:00:00 |
Complete Guide to Protecting 7 Attack Vectors (lien direct) |
The quicker a cyberattack is identified, the less it costs. Jon Clay, VP of Threat Intelligence, reviews 7 key initial attack vendors and provides proactive security tips to help you reduce cyber risk across the attack surface. |
Threat
|
|
|
|
2022-11-11 00:00:00 |
CVE-2019-8561: A Hard-to-Banish PackageKit Framework Vulnerability in macOS (lien direct) |
This blog entry details our investigation of CVE-2019-8561, a vulnerability that exists in the macOS PackageKit framework, a component used to install software installer packages (PKG files). |
Vulnerability
|
|
★★★★
|
|
2022-11-10 00:00:00 |
4 Types of Cyber Crime Groups (lien direct) |
Discover the four main types of cyber crime groups: access as a service, ransomware as a service, bulletproof hosting, and crowd sourcing as well as tips to strengthen your defense strategy. |
Ransomware
|
|
|
|
2022-11-09 00:00:00 |
Hack the Real Box: APT41\'s New Subgroup Earth Longzhi (lien direct) |
We looked into the campaigns deployed by a new subgroup of advanced persistent threat (APT) group APT41, Earth Longzhi. This entry breaks down the technical details of the campaigns in full as presented at HITCON PEACE 2022 in August. |
Threat
Guideline
|
APT 41
|
|
|
2022-11-08 00:00:00 |
(Déjà vu) Hybrid Cloud Management Security Tools (lien direct) |
Explore hybrid cloud management security challenges, components, and tips to minimize your cyber risk. |
|
|
|
|
2022-11-08 00:00:00 |
DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework (lien direct) |
This report provides defenders and security operations center teams with the technical details they need to know should they encounter the DeimosC2 C&C framework. |
|
|
|
|
2022-11-07 00:00:00 |
Are Containers Affected by OpenSSL Vulnerabilities? (lien direct) |
Find out if your container-based applications are vulnerable to the new OpenSSL vulnerabilities and the recommendations to help ensure you are protected. |
|
|
|
|
2022-11-07 00:00:00 |
Massive Phishing Campaigns Target India Banks\' Clients (lien direct) |
We found five banking malware families targeting customers of seven banks in India to steal personal and credit card information via phishing campaigns. |
Malware
|
|
|
|
2022-11-03 00:00:00 |
Improve Post-Quantum Cryptography Security with CSPM (lien direct) |
Gain valuable insight into the emerging world of post-quantum computing. Understand the threats attackers with access to quantum computers pose. Learn how harnessing the power of cloud security posture management (CSPM) can mitigate these looming dangers. |
|
|
|
|
2022-11-03 00:00:00 |
Guide to Better Threat Detection and Response (lien direct) |
50% of teams in a Trend Micro global study said they're overwhelmed by the number of alerts surfaced by disconnected point products and SIEMs. Discover how XDR can reduce false positives and enhance threat detection and response. |
Threat
|
|
|
|
2022-11-01 00:00:00 |
Cybersecurity Posture & Insurance Outlook with Advisen (lien direct) |
Trend Micro's Eric Skinner, and Advisen, an insurance data and analytics company, discuss the current threat landscape, cyber risk management, and how vendors and cyber insurers can champion enhanced cybersecurity posture. |
Threat
|
|
|
|
2022-10-28 00:00:00 |
PCI Compliance Requirements: Network Security (lien direct) |
There are many challenges that accompany implementing PCI compliance within your organization. And, these challenges can be particularly tough to navigate alone, given their importance. This article explores how Trend Micro Cloud One – Network Security helps you overcome the complexities of maintaining PCI compliance and audit readiness. |
|
|
|
|
2022-10-28 00:00:00 |
Comprehensive Traceability for Android Supply-Chain Security (lien direct) |
We discuss the importance of traceability in the world of mobile operating systems. |
|
|
|
|
2022-10-27 00:00:00 |
(Déjà vu) Attack Surface Management 2022 Midyear Review Part 2 (lien direct) |
In our 2022 midyear roundup, we examine the most significant trends and incidents that influenced the cybersecurity landscape in the first half of the year. |
|
|
|
|
2022-10-27 00:00:00 |
How a Cloud Security Broker Reduces SaaS App Risks - SASE Part 4 (lien direct) |
Responsibility for protecting users and critical data in cloud applications falls to the organizations that use them. Discover how to maintain data control with Cloud Application Security Broker (CASB) technology. |
|
|
|
|
2022-10-26 00:00:00 |
Threat Actors Target AWS EC2 Workloads to Steal Credentials (lien direct) |
We found malicious samples attempting to steal Amazon Elastic Compute Cloud (EC2) Workloads' access keys and tokens via typosquatting and the abuse of legitimate tools. |
|
|
|
|
2022-10-25 00:00:00 |
LV Ransomware Exploits ProxyShell in Attack on a Jordan-based Company (lien direct) |
Our blog entry provides a look at an attack involving the LV ransomware on a Jordan-based company from an intrusion analysis standpoint |
Ransomware
|
|
|
|
2022-10-25 00:00:00 |
Top Cloud Security Challenges & How to Beat Them (lien direct) |
The ongoing shift of traditional IT functions to the cloud brings new cyber risks for enterprises. Discover three current cloud security challenges and how to prevent them from causing financial, operational, and reputational damage. |
|
|
|
|
2022-10-21 00:00:00 |
Infographic: How CNAPP Consolidate Cybersecurity Tools (lien direct) |
A cloud-native application protection platform (CNAPP) consolidates your security tools, helping development, DevOps, cloud, and security teams sort each piece and see the big picture. |
|
|
|
|
2022-10-20 00:00:00 |
Ransomware Insurance Security Strategies (lien direct) |
Ransomware accounts for 75% of all cyber insurance claims yet 40% of business currently lack the coverage needed. Discover how to improve your ransomware prevention strategy to reduce cyber risk and meet insurance requirements. |
Ransomware
|
|
|