Trend Micro Research, News and Perspectives

This blog entry provides an analysis of the Noodle RAT backdoor, which is likely being used by multiple Chinese-speaking groups engaged in espionage and other types of cybercrime.

We analyze a cryptojacking attack campaign exploiting exposed Docker remote API servers to deploy cryptocurrency miners, using Docker images from the open-source Commando project.

In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution.

In its ninth year, the annual SANS Threat Hunting Survey delves into global organizational practices in threat hunting, shedding light on the challenges and adaptations in the landscape over the past year.

Discover how XDR can enhance threat detection and response to improve a SecOps team’s efficiency and outcomes.

You may have EDR, but did you know you can add threat detection and response to improve a SecOps team’s efficiency and outcomes - read more.

Discover Trend Micro's integration of NVIDIA NIM to deliver an AI-driven cybersecurity solution for next-generation data centers. Engage with experts, explore demos, and learn strategies for securing AI data centers and optimizing cloud performance.

Water Sigbin (aka the 8220 Gang) exploited the Oracle WebLogic vulnerabilities CVE-2017-3506 and CVE-2023-21839 to deploy a cryptocurrency miner using a PowerShell script. The threat actor also adopted new techniques to conceal its activities, making attacks harder to defend against.

Get our take on the RSA 2024 conference where we review some of the major topics covered such as AI and data governance.

In the ever-evolving landscape of cybersecurity, staying ahead of malicious actors requires a multifaceted approach.

This report describes how Waterbear and Deuterbear — two of the tools in Earth Hundun's arsenal — operate, based on a campaign from 2024.

Cheap and easy access to AI makes it harder to detect state-sponsored and homegrown campaigns during this election year

This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.

In this blog entry, we discuss Trend Micro's contributions to an Interpol-coordinated operation to help Brazilian and Spanish law enforcement agencies analyze malware samples of the Grandoreiro banking trojan.

On April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.

Delve into the crucial practice of file scanning within uploader applications, and learn defensive measures to safeguards against malicious threats like malware.

Learn how far cybersecurity has come from scattered resources to consolidation the future.

Discover how Trend is strengthening its endpoint solutions to detect fileless attacks earlier. By leveraging Intel Threat Detection Technology, Trend enhances the scalability and resiliency of its solutions.

Delve into the world of red team exercises, their vital role in enhancing organizational security through simulated cyberattacks, including tactics like phishing and lateral movement within networks, and understand the need for regular testing and improvement to counter evolving threats effectively.