Security News

  • July 11, 2024
    While examining the exposed information in the metrics endpoint of cAdvisor, we noticed that it exposes container labels for all the running containers on the “/metrics” endpoint. Container labels are key value pairs that are stored as a string. They are used to store metadata such as licensing information, maintainer information, versioning about container objects such as container images, running containers, volumes, daemons, and networks.
  • July 04, 2024
    In the previous parts of this series, we have learned about cryptography, what makes quantum computers unique, and how quantum computers break this cryptography. In the fourth and final part of our study on post-quantum cryptography, we will look at quantum-resistant algorithms that could replace our existing cryptography.
  • June 28, 2024
    We have been looking at the hacktivism landscape to help the United Nations Interregional Crime and Justice Research Institute (UNICRI) understand this cybercriminal phenomenon for their paper on the topic. The UNICRI paper was released today at a launch event held at the United Nations headquarters where we gave an overview on emerging trends in the underground.
  • June 04, 2024
    This article discusses the importance of properly identifying and protecting AI model files and their associated assets, such as labels, from malicious or even unintended tampering.
  • May 23, 2024
    The increased adoption of technologies like artificial intelligence (AI), machine learning (ML), large language models (LLMs), and high-performance computing (HPC) underscores the growing need to prioritize the security of graphics processing units (GPUs).
  • May 21, 2024
    Tools that aggregate access into multiple different environments, such as API gateways, pose a security risk for all these environments upon breach. In this article, we continue our journey through the security issues of the API Gateway landscape. Our new research focuses on another popular API gateway — Kong.
  • May 14, 2024
    This report looks into the notable email threats of 2023, including the 45,261,542 high-risk email threats we detected and blocked using the Trend Micro™ Cloud App Security solution, also referred to as Trend Vision One™ — Email and Collaboration Protection solution, which is part of the Trend Vision One Email and Collaboration Security suite.
  • May 08, 2024
    Generative AI continues to be misused and abused by malicious individuals. In this article, we dive into new criminal LLMs, criminal services with ChatGPT-like capabilities, and deepfakes being offered on criminal sites.
  • May 07, 2024
    The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.