Credit to Author: Trend Micro Research| Date: Tue, 07 Mar 2023 00:00:00 +0000
In this blog entry, we shine a spotlight on some of the most critical cybersecurity concerns of 2022, which we discuss in full in our annual cybersecurity report, “Rethinking Tactics: 2022 Annual Security Report.”
Read moreCredit to Author: Kazuhisa Tagaya| Date: Fri, 03 Mar 2023 00:00:00 +0000
This blog introduces discussions from S4x23, the ICS security conference in Miami over several posts. The first installment will cover two topics from the academic interviews.
Read moreCredit to Author: Daniel Lunghi| Date: Wed, 01 Mar 2023 00:00:00 +0000
We detail the update that advanced persistent threat (APT) group Iron Tiger made on the custom malware family SysUpdate. In this version, we also found components that enable the malware to compromise Linux systems.
Read moreCredit to Author: Lonny Huffar| Date: Fri, 24 Feb 2023 00:00:00 +0000
Transformation to a SaaS-based cybersecurity vendor
Read moreCredit to Author: Vincenzo Ciancaglini| Date: Tue, 21 Feb 2023 00:00:00 +0000
Amidst the uproar and opinions since November 2022, we look at the possibilities and implications of what OpenAI’s ChatGPT presents to the cybersecurity industry using a comparison to earlier products, like its predecessor GPT-3.
Read moreCredit to Author: Hara Hiroaki| Date: Thu, 16 Feb 2023 00:00:00 +0000
We detail the intrusion set Earth Yako, attributed to the campaign Operation RestyLink or EneLink. This analysis was presented in full at the JSAC 2023 in January 2023.
Read moreCredit to Author: Mike Milner| Date: Mon, 06 Feb 2023 00:00:00 +0000
Trend Micro named one of 2023’s coolest cloud security companies
Read moreCredit to Author: Jon Clay| Date: Wed, 01 Feb 2023 00:00:00 +0000
Stay informed and stay ahead
Read moreCredit to Author: David Fiser| Date: Wed, 25 Jan 2023 00:00:00 +0000
In this proof of concept, we look into one of several attack vectors that can be abused to attack the supply chain: targeting the developer. With a focus on the local integrated developer environment (IDE), this proof considers the execution of malicious build scripts via injecting commands when the project or build is incorrectly “trusted”.
Read moreCredit to Author: Fyodor Yarochkin| Date: Wed, 18 Jan 2023 00:00:00 +0000
In this entry, we discuss a Web3 fraud scenario where scammers target potential victims via fake smart contracts, and then take over their digital assets, such as NFT tokens, without paying. We named this scam “Payzero”.
Read more