Guest blog by Chris Van Den Abbeele – Global Solution Architect Datacenter en Cloud Security, Trend Micro
Automated virtual patching raises your security level and lowers your operational expenses.
Updating can be a painful process. It takes a lot of time, isn’t without risk and inherently leads to downtime. Virtual updates are just as safe, immediately available and best of all, free of complications. Physical updates remain a necessity, but in order to address the most urgent issues, you’re better off going virtual. Continue reading →
Trend Micro has been named a Leader in the Gartner 2018 Magic Quadrant for Intrusion Detection and Prevention Systems (IDPS) again. We have improved our position in both Completeness of Vision and Ability to Execute from last year, and we believe that placement in the Leaders’ quadrant illustrates our commitment to meeting the growing security and performance requirements of data centers and high-performance enterprise networks. Continue reading →
The effectiveness of a zero-day quickly deteriorates as an attack tool after it gets discovered and patched by the affected software vendors. Within the time between the discovery of the vulnerability and the release of the fix, a bad actor might try to get the most out of his previously valuable attack assets. This is exactly what we saw in late October and early November 2016, when the espionage group Pawn Storm (also known as Fancy Bear, APT28, Sofacy, and STRONTIUM) ramped up its spear-phishing campaigns against various governments and embassies around the world. In these campaigns, Pawn Storm used a previously unknown zero-day in Adobe’s Flash (CVE-2016-7855, fixed on October 26, 2016 with an emergency update) in combination with a privilege escalation in Microsoft’s Windows Operating System (CVE-2016-7255) that was fixed on November 8, 2016. Continue reading →