Telecom Crimes Against the IoT and 5G

by: Trend Micro Research and Europol’s European Cybercrime Centre (EC3) Telecommunications or telecom technology is the underpinning of the modern internet, and consequently, the internet’s growing segment, the internet of things (IoT). Likewise, the global telecommunications network we enjoy today has been greatly influenced by the existence and growth of the internet. Between telecom and … [Read more…]

Third Party Testing of Security is a Very Big Deal for Customers

User Reviews + Test Results Peer reviews are an important part of product selection. Everything I buy on Amazon and most other things I buy I check for reviews first. That’s the “do I like it” or the test-drive part of the selection.  But the “how well does it work” part is lab testing. I’m … [Read more…]

How Radio Frequency Technology is Putting the Industrial Sector at Risk

Each industry has its own unique security risks. The banking and health care sectors, for example, deal with some considerably sensitive financial and client data, and therefore must put robust protections in place to ensure its safety. The industrial sector, however, is a bit different. For many years, security-conscious experts focused on other industries, but now … [Read more…]

This Week in Security News: Security Vulnerabilities

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn what critical approaches can protect your enterprise business from software vulnerabilities. Also, learn about vulnerabilities in IoT alarms that let hackers hijack cars. Read on: How … [Read more…]

CVE-2019-7238: Insufficient Access Controls in Sonatype Nexus Repository Manager 3 Allows Remote Code Execution

By Govind Sarda and Raghvendra Mishra A critical remote code execution (RCE) vulnerability (CVE-2019-7238) was found in Sonatype’s Nexus Repository Manager (NXRM) 3, an open source project that allows developers, such as DevOps professionals, to manage software components required for software development, application deployment, and automated hardware provisioning. This vulnerability in NXRM 3, which reportedly … [Read more…]

A Machine Learning Model to Detect Malware Variants

For a piece of malware to be able to do its intended malicious activity, it has to be able to sneak inside a machine’s system without being flagged by cybersecurity defenses. It camouflages and packages itself to look like a benign piece of code and, when it has cleared past security filters, unleashes its payload. … [Read more…]

How to get Ahead of Vulnerabilities and Protect your Enterprise Business

Security vulnerabilities are popping up all the time, and can put any business that uses technological assets at risk. In a nutshell, vulnerabilities represent the ideal opportunity for malicious actors to break into systems and wreak all types of havoc. From data theft to information compromise and beyond, vulnerabilities are a particularly pertinent issue for … [Read more…]

From Fileless Techniques to Using Steganography: Examining Powload’s Evolution

By: Augusto Remillano and Kiyoshi Obuchi (Threats Analysts) Powload’s staying power in the threat landscape shows how far it has come. In fact, the uptick of macro malware in the first half of 2018 was due to Powload, which was distributed via spam emails. Powload was also one of the most pervasive threats in the … [Read more…]

A $100,000 Commitment to Close the Gender Diversity Gap in Cybersecurity

Today as we celebrate International Women’s Day we’re filled with both admiration for strong women who inspire and a sense of responsibility to honor diversity in an industry that has traditionally been quite uniform, especially when it comes to gender. While we celebrate the achievements of women around the world today, it’s business-as-usual on the … [Read more…]

Beauty Out of Chaos: Elevating Cybersecurity to an Art Form – Part 2

Art and cybersecurity are not two worlds usually seen sharing the same orbit. But at Trend Micro we believe there’s a vision, a mastery of skill and a passion which unites both. It’s an approach we’ve spent the past three decades honing as serious barriers have emerged to challenge IT efforts to support the business. … [Read more…]