Security News

  • April 17, 2024
    Although a legitimate approach, sidecar containers can add even more complexity to Kubernetes (K8s) clusters, not only making it harder to manage but also to detect compromises. This article demonstrates that attackers can leverage the sidecar injection technique after compromising a K8s cluster to remain stealthy and avoid detection, and how to protect K8s clusters from this malicious activity.
  • March 28, 2024
    This article discusses two O-RAN vulnerabilities that attackers can exploit. One vulnerability stems from insufficient access control, and the other arises from faulty message handling
  • March 27, 2024
    We cover the key trends that defined the ransomware threat landscape in the second half of 2023. Data from RaaS and extortion groups’ leak sites, open-source intelligence (OSINT) research, and the Trend Micro telemetry shows that LockBit, BlackCat, and Clop continued to rank among the active RaaS and extortion groups with the highest victim counts during this period.
  • March 08, 2024
    This article focuses on the Apache APISIX API gateway and its security implications.
  • March 06, 2024
    Our continuous surveillance and research of the threat landscape in 2023 showed patterns suggesting that as cybercriminals take advantage of the expanding attack surface, they are also learning to prioritize substance over size.
  • February 21, 2024
    The threat actors behind the Rhysida ransomware targeted multiple industries by posing as a cybersecurity team that offered to help its victims identify security weaknesses in their networks and systems. Although the group’s activity was first observed back in May 2023, its leak site was established as early as March 2023. Like other ransomware groups, it employs double extortion tactics to pressure its victims into paying a ransom demand in Bitcoin.
  • February 20, 2024
    The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.
  • February 08, 2024
    We delve into the multifaceted nature of cloud cyberthreats in 2024, from the stealthy dangers of data poisoning in machine learning models to the complexities of securing APIs, and more.
  • January 31, 2024
    Attackers abuse different supply-chain scenarios to indirectly compromise organizations and applications. We delve into how a software pipeline works, where attacks could come from, and how to improve security.