How to better manage your digital attack surface risk
As organizations shift to the cloud in droves, their digital attack surface continues to rapidly expand. And with the number...
News
Cybersecurity Predictions for 2022
Explore Trend Micro Research’s security insights and predictions for 2022 to enable more informed and proactive decision-making. If you like...
Unified Cybersecurity Platform: Why CISOs are Shifting
Our global study polled more than 2,300 IT security decision makers to discover how to best assist and support SecOps...
How XDR Security Aids in Cyber Risk Management
Trend Micro's VP of Threat Intelligence, Jon Clay, explores the latest trends in today's threat landscape and why XDR is...
Aligning the c-suite with cyber risk management
As we creep toward a post-pandemic world, organizations need to plan accordingly. Explore Trend Micro’s latest cyber risk research to...
Watch out for this SMS phish promising a tax refund
Imagine logging into your bank’s website after responding to a text message claiming you’re due a refund, only to see...
Iran announced to have foiled massive cyberattacks on public services
State television announced that Iran has foiled massive cyberattacks that targeted public services operated by both government and private organizations....
Why our software has so many vulnerabilities, with Tanya Janca: Lock and Code S03E09
Less than one year ago, the worst ransomware attack in history struck dozens of organizations. Threat actors had exploited a...
Apple’s child safety features are coming to a Messages app near you
Apple will soon be rolling out its promised child safety features in the Messages app for users in Australia, Canada,...
Why MITRE matters to SMBs
Running a small- to medium-sized business (SMB) requires expertise in everything, from marketing and sales to management and hiring, but...
A week in security (April 18 – 24)
Last week on Malwarebytes Labs: Why you shouldn’t automate your VirusTotal uploadsNorth Korean Lazarus APT group targets blockchain tech companiesWatch out...
BlackCat Ransomware gang breached over 60 orgs worldwide
At least 60 entities worldwide have been breached by BlackCat ransomware, warns a flash report published by the U.S. FBI....
Experts warn of a surge in zero-day flaws observed and exploited in 2021
The number of zero-day vulnerabilities exploited in cyberattacks in the wild exploded in the last years, security firm report. Google...
Atlassian addresses a critical Jira authentication bypass flaw
Atlassian fixed a critical flaw in its Jira software, tracked as CVE-2022-0540, that could be exploited to bypass authentication. Atlassian...
Since declaring cyber war on Russia Anonymous leaked 5.8 TB of Russian data
OpRussia continues unabated, since declaring ‘cyber war’ on Russia Anonymous has now published approximately 5.8 TB of Russian data. The...
Apr 17 – Apr 23 Ukraine – Russia the silent cyber conflict
This post provides a timeline of the events related to the Russian invasion of Ukraine from the cyber security perspective....
Security Affairs newsletter Round 362 by Pierluigi Paganini
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs free...
T-Mobile confirms Lapsus$ had access its systems
Telecommunication giant T-Mobile confirmed the LAPSUS$ extortion group gained access to its networks in March. Telecom company T-Mobile on Friday revealed that...
Are you using Java 15/16/17 or 18 in production? Patch them now!
A researcher has released proof-of-concept (PoC) code for a digital signature bypass vulnerability in Java. Security researcher Khaled Nassar released...
Phishing attacks using the topic “Azovstal” targets entities in Ukraine
Ukraine CERT-UA warns of phishing attacks on state organizations of Ukraine using the topic “Azovstal” and Cobalt Strike Beacon. The...
Conti ransomware claims responsibility for the attack on Costa Rica
Conti ransomware gang claimed responsibility for a ransomware attack that hit the government infrastructure of Costa Rica. Last week a...
Cryptomining Overview for DevOps
Learn the impacts of cryptomining attacks for DevOps as well as mitigation strategies to bolster security without impacting time to...
Cyber Insurance and the Changing Global Risk Environment
When security fails, cyber insurance can become crucial for ensuring continuity. Cyber has changed everything around us – even the...
A stored XSS flaw in RainLoop allows stealing users’ emails
Experts disclose an unpatched vulnerability in the RainLoop webmail client, tracked as CVE-2022-29360, that can be exploited to steal users’...
