Gartner Research: How to Prioritize and Remediate Active Vulnerabilities

Vulnerabilities and their exploitation are still the root cause of most breaches. Astonishingly, Gartner predicts that through 2020, 99% of the vulnerabilities exploited will continue to be the ones known by security and IT professionals for at least one year!

 

Continue reading

Pacemaker security risks: the ‘heart of the matter’ brought by RTL … and explained by Trend Micro

The problem is not new to security specialists, but it gradually sinks in with the rest of the world as well: the more pacemakers are connected to the internet for any form of communication, the more security risks arise. Following a recall action by pacemaker manufacturer Abbott, thousands of Belgians had to come to the hospital to have their device upgraded, on order to shield it from possible hacking events. Continue reading

You Can’t Outsource Accountability: Uber Breach Highlights Firms’ Cloud Security Responsibilities

Consumers and cybersecurity professionals around the world have been stunned by Uber’s revelation that it paid hackers $100,000 to delete data on 57 million users stolen last year. There are many strands to the case, and more details are likely to emerge over time. But fundamentally it highlights the need for firms to secure their cloud environments as rigorously as anything on premise.

With the EU GDPR promising huge fines for firms that fail to suitably protect customer data, companies must realise that when it comes to the cloud, you simply can’t outsource accountability. Continue reading

Beyond Catching Sender Spoofing – using AI to stop email fraud and Business Email Compromise

In September, we announced our new email security technologies powered by XGen™ and a new product, Smart Protection for Office 365. One key technology introduced was our new AI based Email fraud, or Business Email Compromise (BEC), detection technique. Continue reading

From GDPR to Game of Thrones: ‘winter is coming’ for security officers?

Astonishing results in our GDPR survey among top managers in Europe and the United States: most managers excel at foolhardiness and ignorance. Equally astonishing news last summer for Game of Thrones fans: the plot of the season 7 finale was leaked online weeks before the tv broadcast. If you think these two facts are unrelated, think again! Continue reading

Here’s Why You Should Consider A Career In Cybersecurity

The need for more technologists with cybersecurity skills is undeniable. That may be an awkward way to phrase it, but it’s a better representation that “cybersecurity professionals.” In today’s world, everyone who works on and with technology needs to be aware of cybersecurity challenges. This week as part of National Cyber Security Awareness Month (NCSAM), let’s take a closer look at what a career in cybersecurity looks like. Continue reading

Trend Micro Top Again for Breach Detection, Says NSS Labs

In spiteof a rapidly evolving landscape, databreaches remain among the most common and damaging cyber-threats facing organizations today. As digital transformation efforts take hold, so the corporate attacks surface grows, offering more opportunities for the bad guys to take aim at highly prized IP and customer data. They also have the element of surprise, putting IT teams in a reactive or defensive posture. In this context, you need a provider that’s proven to offer industry leading protection against breaches.

That’s why we’re delighted that Trend Micro Deep Discovery has been Recommended for the fourth year in a row by NSS Labs Breach Detection Systems report – scoring an unbeatable 100% detection rate. Continue reading

When Phishing Starts from the Inside

A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials of the user. Internal phishing emails are used in both targeted attacks, where the aim is to steal information or commit extortion, and common with Business Email Compromise (BEC) schemes designed to steal money. Because the sender is an internal and trusted user, the recipient is more likely to take action on the email. Continue reading

Security seminars coming up: get up to speed in 60 minutes

Summer holiday is officially over, and we are in for a challenging last quarter of the year. Plenty of challenges: we are all working towards a more open and mobile digital environment, while the cyber-baddies are preparing plenty of new attacks. And the time to comply with GDPR is shrinking daily.

This may seem scary, but meanwhile an entire security industry is working hard to keep one step ahead of the bad guys. In handy interactive sessions of no more than 60 minutes just before lunchtime (11am to 12 pm), you can find out all about the latest security trends and get an answer to all of your questions. And we will organize each session twice, so you don’t have to miss any of them. Get up to speed in 60 minutes, by signing up for our webinars!    Continue reading

An Elaborate ATM Threat Crops Up: Network-based ATM Malware Attacks

by David Sancho and Numaan Huq (Trend Micro Forward-Looking Threat Research Team), Massimiliano Michenzi (Europol EC3)

Infecting automated teller machines (ATMs) with malware is nothing new. It’s concerning, yes. But new? Not really. We’ve been seeing physical attacks against ATMs since 2009. By physical, we mean opening the target machine’s casing, accessing the motherboard and connecting USB drives or CD-ROMs in order to infect the operating system. Once infected, the ATM is at the attackers’ mercy, which normally means that they are able to empty the money cassettes and walk away with fully loaded wallets. In 2016, we released a joint paper with Europol’s European Cybercrime Centre (EC3) that discussed the shift from physical to digital means of emptying an ATM and described the different ATM malware families that had been seen in the wild by then. Continue reading