Vulnerabilities and their exploitation are still the root cause of most breaches. Astonishingly, Gartner predicts that through 2020, 99% of the vulnerabilities exploited will continue to be the ones known by security and IT professionals for at least one year!
The problem is not new to security specialists, but it gradually sinks in with the rest of the world as well: the more pacemakers are connected to the internet for any form of communication, the more security risks arise. Following a recall action by pacemaker manufacturer Abbott, thousands of Belgians had to come to the hospital to have their device upgraded, on order to shield it from possible hacking events. Continue reading
In September, we announced our new email security technologies powered by XGen™ and a new product, Smart Protection for Office 365. One key technology introduced was our new AI based Email fraud, or Business Email Compromise (BEC), detection technique. Continue reading
The need for more technologists with cybersecurity skills is undeniable. That may be an awkward way to phrase it, but it’s a better representation that “cybersecurity professionals.” In today’s world, everyone who works on and with technology needs to be aware of cybersecurity challenges. This week as part of National Cyber Security Awareness Month (NCSAM), let’s take a closer look at what a career in cybersecurity looks like. Continue reading
In spiteof a rapidly evolving landscape, databreaches remain among the most common and damaging cyber-threats facing organizations today. As digital transformation efforts take hold, so the corporate attacks surface grows, offering more opportunities for the bad guys to take aim at highly prized IP and customer data. They also have the element of surprise, putting IT teams in a reactive or defensive posture. In this context, you need a provider that’s proven to offer industry leading protection against breaches.
That’s why we’re delighted that Trend Micro Deep Discovery has been Recommended for the fourth year in a row by NSS Labs Breach Detection Systems report – scoring an unbeatable 100% detection rate. Continue reading
A growing concern of security professionals is internal phishing attacks – phishing emails sent from one trusted user to another of the same organization. Internal phishing emails are used in multi-stage attacks in which an email account is owned either by controlling the users device with previously installed malware or by compromising the account credentials of the user. Internal phishing emails are used in both targeted attacks, where the aim is to steal information or commit extortion, and common with Business Email Compromise (BEC) schemes designed to steal money. Because the sender is an internal and trusted user, the recipient is more likely to take action on the email. Continue reading
Summer holiday is officially over, and we are in for a challenging last quarter of the year. Plenty of challenges: we are all working towards a more open and mobile digital environment, while the cyber-baddies are preparing plenty of new attacks. And the time to comply with GDPR is shrinking daily.
This may seem scary, but meanwhile an entire security industry is working hard to keep one step ahead of the bad guys. In handy interactive sessions of no more than 60 minutes just before lunchtime (11am to 12 pm), you can find out all about the latest security trends and get an answer to all of your questions. And we will organize each session twice, so you don’t have to miss any of them. Get up to speed in 60 minutes, by signing up for our webinars! Continue reading
by David Sancho and Numaan Huq (Trend Micro Forward-Looking Threat Research Team), Massimiliano Michenzi (Europol EC3)
Infecting automated teller machines (ATMs) with malware is nothing new. It’s concerning, yes. But new? Not really. We’ve been seeing physical attacks against ATMs since 2009. By physical, we mean opening the target machine’s casing, accessing the motherboard and connecting USB drives or CD-ROMs in order to infect the operating system. Once infected, the ATM is at the attackers’ mercy, which normally means that they are able to empty the money cassettes and walk away with fully loaded wallets. In 2016, we released a joint paper with Europol’s European Cybercrime Centre (EC3) that discussed the shift from physical to digital means of emptying an ATM and described the different ATM malware families that had been seen in the wild by then. Continue reading
Everything can be hacked, even democracy itself. Andrés Sepúlveda described in an interview how for a decade he helped political parties in South-America to win elections. He hacked other political parties for them, got all their secrets, … Continue reading
Ever since the law enforcement takedown of the Silk Road underground marketplace in 2013, there has been increasing interest in the depth and breadth of the Dark Web. This portion of the internet has been largely shrouded from the public eye. But it represents an environment in which hackers can converse or share malicious code and strategies. And make a profit from the information stolen during the ever-increasing cyber attacks taking place.