Category Archives: Cybercrime and Cyber Attacks

Why digital extortion works better than blackmail

Door David Sancho, Senior Antivirus Researcher, Trend Micro

Smart cybercriminals rely on rational decisions

Cybercriminals today are going all in with digital extortion. Their business model isn’t exactly new. “I want you to do this, or I’ll break your legs”, is easily translated to “I want you to do this, because I have your data.” Extortion has always existed and it’s a brilliant business model, albeit an unethical one. Therefore, I’m not at all surprised by the popularity of the digital variant today. You only have to look at the massive succes of ransomware to see wat I mean. Continue reading

Zero Day vulnerabilities and no updates? No reason to panic!

Guest blog by Chris Van Den Abbeele – Global Solution Architect Datacenter en Cloud Security, Trend Micro

Automated virtual patching raises your security level and lowers your operational expenses.

Updating can be a painful process. It takes a lot of time, isn’t without risk and inherently leads to downtime. Virtual updates are just as safe, immediately available and best of all, free of complications. Physical updates remain a necessity, but in order to address the most urgent issues, you’re better off going virtual. Continue reading

Revealing the True Cyber-Risks Facing Connected Healthcare Providers

Guest blog by Greg Young, VP cybersecurity Trend Micro

Technology is the beating heart of any modern hospital. Advances in cloud, IoT and digital IT systems have helped healthcare organizations (HCOs) greatly improve the quality of care offered to patients. Electronic health records are the backbone of an increasingly complex patient care network.  But it has also exposed them to even greater risks of data theft and operational outages. A new report from Trend Micro and HITRUST reveals that at any one time there could be at least as many as 80,000 exposed systems in hospitals worldwide. The biggest finding is we also found a worrying disconnect or gap between current perceptions versus reality. Continue reading

A Look Back: Reviewing the Worst Cyber Attacks of 2017 and the Lessons Learned

Unsurprisingly, 2017 was another year of record-high attacks and breaches.It seems that each year that passes is worse than the last in terms of hacking and cyber attacks, and 2017 was no exception.

“Surprising no one, 2017 was marked another ‘worst year ever’ in data breaches and cyber incidents around the world,” said Jeff Wilbur, director of the Internet Society’s Online Trust Alliance. Continue reading

Delving into the World of Business Email Compromise (BEC)

Business Email Compromise (BEC) attacks have expanded tremendously over the past few years, with a projected growth of over $9 billion in 2018. The combination of simplicity and effectiveness have ensured that BEC will continue to be one of the most popular attacks, especially for those who lack special tools and knowledge to pull off more complicated schemes. Continue reading

Why Stand-Alone IDPS Matters More Than Ever, and the 2018 Gartner Magic Quadrant

First, What is IDPS and Why Do We Care? 

Intrusion Prevention Systems (IPS) emerged as an improvement on Intrusion Detection Systems (IDS).  IDS are out-of-band collectors of network traffic that analyze the information and provide alerts.  Continue reading

Security Round-up: Five Things We’ve Learned in 2017

The past 12 months have been packed with geopolitical incident, global malware threats and ubiquitous big-name data breaches. From the CIA Vault7 and NSA Shadow Brokers leaks at the start of the year, to the WannaCry and NotPetya ‘ransomware’ campaigns, and Uber’s shock revelations just last month, there’s been plenty for CISOs to ruminate on. But now the year is nearly at an end, it might be useful to recap some of the biggest themes of 2017 — with an eye on fortifying systems for the 12 months to come. Continue reading

12 Threats of Christmas

There’s an old English Christmas carol “The 12 Days of Christmas”, a cumulative song about 12 gifts that keep getting ‘grander’. As our Christmas gift to you, we wanted to list the top threats to be aware of heading into 2018, from least to most pressing. Let’s look at the vulnerabilities and potential points of attack to take into account for next year’s priorities: Continue reading

Pacemaker security risks: the ‘heart of the matter’ brought by RTL … and explained by Trend Micro

The problem is not new to security specialists, but it gradually sinks in with the rest of the world as well: the more pacemakers are connected to the internet for any form of communication, the more security risks arise. Following a recall action by pacemaker manufacturer Abbott, thousands of Belgians had to come to the hospital to have their device upgraded, on order to shield it from possible hacking events. Continue reading