- September 26, 2023In this entry, we will discuss publicly exposed registries, which are repositories or databases containing information accessible to the public without the need for authentication.
- September 21, 2023We delve into three of the most active ransomware families that dominated the first half of 2023: LockBit, Clop, and BlackCat. This report features data from ransomware-as-a-service (RaaS) and extortion groups’ leak sites, Trend Micro’s open-source intelligence (OSINT) research, and the Trend Micro™ Smart Protection Network™, collected from Jan. 1 to June 30, 2023.
- September 12, 2023In our first installment of a four-part series on post-quantum cryptography, we discuss contemporary cryptography and what defenders should know when it comes to developing a quantum-resistant cryptography plan.
- August 24, 2023In our previous entry, we examined how credentials were being stored and logged in cleartext on compute instances (CIs) created in Azure Machine Learning (AML) service and the risks posed by the same. This article examines an information disclosure bug we found in one of the cloud agents used in the AML service and sheds light on the importance of threat modeling the agents’ features to uncover silent and hidden attack surfaces.
- August 23, 2023We summarize the cybercriminal trends surrounding the Linux threat landscape last year, and what security teams and organizations can do to mitigate the risks and defend against attacks.
- August 17, 2023We probed the Azure Machine Learning (AML) service to identify security flaws and vulnerabilities and shed light on the unseen aspects of silent threats in managed services like AML.
- August 15, 2023This report discusses the state of generative artificial intelligence (AI) in the cybercriminal underground: how cybercriminals are using ChatGPT, how they're adding ChatGPT features to their criminal products, and how they’re trying to remove censorship to ask ChatGPT anything.
- August 10, 2023In this first installment in our series on the challenges of the cybersecurity industry, we explore the underlying causes of the workforce gaps that have long plagued SOC teams.
- August 08, 2023In this year’s Midyear Roundup, we look at the major events in the first half of 2023 and draw a picture of the threat landscape from behaviors and patterns observed in the threat landscape to stay ahead and prepare for risks in the second half of the year.