News & Updates
- May 21, 2024Tools that aggregate access into multiple different environments, such as API gateways, pose a security risk for all these environments upon breach. In this article, we continue our journey through the security issues of the API Gateway landscape. Our new research focuses on another popular API gateway — Kong.
- May 14, 2024This report looks into the notable email threats of 2023, including the 45,261,542 high-risk email threats we detected and blocked using the Trend Micro™ Cloud App Security solution, also referred to as Trend Vision One™ — Email and Collaboration Protection solution, which is part of the Trend Vision One Email and Collaboration Security suite.
- May 07, 2024The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.
- May 02, 2024Container Advisor (cAdvisor) is an open-source monitoring tool for containers that is widely used in cloud services. It logs and monitors metrics like network input/output (I/O), disk I/O, and CPU usage. However, misconfigured deployments might inadvertently expose sensitive information, including environment variables such as Prometheus metrics. In this article, we share our findings of the risks we have uncovered and the vulnerable configurations users need to be aware of.
- April 25, 2024Despite positioning themselves as penetration testers, 8Base ransomware threat actors profit off their victims that are significantly comprised of small businesses. In this feature, we investigate how the gang operates to gain insights on how organizations can protect systems better from compromises that could result in financial loss.
- April 17, 2024Although a legitimate approach, sidecar containers can add even more complexity to Kubernetes (K8s) clusters, not only making it harder to manage but also to detect compromises. This article demonstrates that attackers can leverage the sidecar injection technique after compromising a K8s cluster to remain stealthy and avoid detection, and how to protect K8s clusters from this malicious activity.