Trend Micro Research, News and Perspectives

This article by Trend Micro CEO Eva Chen brings focus back to striking the cybersecurity strategies balance between business C-suite and information technology (IT) departments.

Explore how the Cybersecurity Compass can guide various security professionals' and stakeholders' decision-making before, during, and after a breach.

We uncovered a malvertising campaign where the threat actor hijacks social media pages, renames them to mimic popular AI photo editors, then posts malicious links to fake websites.

The second edition of AI Pulse is all about AI regulation: what’s coming, why it matters, and what might happen without it. We look at Brazil’s hard não to Meta, how communities are pushing back against AI training data use, Interpol’s warnings about AI deepfakes, and more.

Trend Micro research uncovers new cybercrime tools posing increased threats to security, highlighting the rapid evolution of AI-powered hacking services and their potential for mass exploitation

It’s clear that generative AI is a permanent addition to the enterprise IT toolbox. For CISOs, the pressure is on to roll out AI security policies and technologies that can mitigate very real and present risks.

Security awareness and measures to detect and prevent sophisticated risks associated with QR code-based phishing attacks (quishing)

Intruders are drawn to enterprise IT environments the way mice are attracted to houses. And once either kind of invader is inside, they can be hard to get out. Network detection and response (NDR) lets you trace intruders’ pathways to find out where they’re coming in—and seal the gaps.

On July 19, 2024, a large-scale outage emerged affecting Windows computers for many industries across the globe from financial institutions to hospitals to airlines. The source of this outage came from a single content update from CrowdStrike.

Trend Micro threat hunters discovered that the Play ransomware group has been deploying a new Linux variant that targets ESXi environments. Read our blog entry to know more.

We check the OpenSSH vulnerabilities CVE-2024–6387 and CVE-2024-6409, examining their potential real-world impact and the possibility of exploitation for CVE-2024–6387 in x64 systems.

Trend Micro partners with IBM to offer advanced threat detection and response for protecting critical infrastructures running on IBM Power servers

Our threat hunters discovered CVE-2024-38112, which was used as a zero-day by APT group Void Banshee, to access and execute files through the disabled Internet Explorer using MSHTML. We promptly identified and reported this zero-day vulnerability to Microsoft, and it has been patched.

In 2023, the cryptocurrency industry faced a significant increase in illicit activities, including money laundering, fraud, and ransomware attacks. Ransomware attacks were especially prevalent and profitable for attackers. However, other forms of criminal activity also saw a rise.

Cybersecurity teams are well-equipped to handle threats to technology assets that they manage. But with unmanaged devices providing ideal spots for attackers to lurk unseen, network detection and response capabilities have become vitally important.

With every week bringing news of another AI advance, it’s becoming increasingly important for organizations to understand the risks before adopting AI tools. This look at 10 key areas of concern identified by the Open Worldwide Application Security Project (OWASP) flags risks enterprises should keep in mind through the back half of the year.

Cybersecurity is a growing concern in today's digital age, as more sensitive information is stored and transmitted online. With the rise of cryptocurrencies, there has also been a rise in crypto-crimes, which pose a significant threat to the security of both individuals and businesses.

In this blog entry, we will discuss how the Jenkins Script Console can be weaponized by attackers for cryptomining activity if not configured properly.

We’ve recently seen a surge in attacks involving the Mekotio banking trojan. In this blog entry, we'll provide an overview of the trojan and what it does.

AI Pulse is a new blog series from Trend Micro on the latest cybersecurity AI news. In this edition: Siri says hi to OpenAI, fraud hogs the AI cybercrime spotlight, and why the Paris Olympics could be a hotbed of deepfakery.