Trend Cloud Security Blog – Cloud Computing Experts

Currently Browsing: Security

Spear Phishing and Advanced Targeted Attacks

Posted by Erica Benton in Cyber crime, Security Nov 28th, 2012 | 2 Comments
As the saying goes, everything old is new again. Spear phishing may be a timeworn technique, but it continues to be effective even in today’s Web 2.0 landscape. In modern hacking, the practice is finding resurgence as an infiltration method for advanced targeted attacks. Recent research shows that spear phishing is now the #1 method of introducing APTs to corporate and government environments. A whopping 91% of advanced targeted attacks reviewed arrive via spear phished emails. In Spear Phishing Email: Most Favored APT Attack Bait, this new report digs into the use of spear phishing to introduce... read more

Join the conversation: Blog@ Trend Micro

Posted by Erica Benton in Cloud, Security Sep 19th, 2012 | No Comments
Upcoming Change to the Cloud Security Blog – the new Trend Micro consolidated Blog site Starting today, Trend Micro is launching the Blog@ Trend Micro site, which will showcase the Cloud Security Blog, alongside all the other great content produced by the other teams here at Trend Micro. Each of the blogs will be a “conversation” under the main Trend Micro blog, making it easier for readers to access and participate in discussions across a range of topics. Our dear readers can still count on receiving the same top-quality news, information, and commentary on the latest in cloud security... read more

10 Steps to Securing Your Journey to the Cloud

Posted by Jonathan Gershater in Cloud, Cloud-based Security, public cloud, Securing the Cloud, Security Sep 17th, 2012 | No Comments
Consumers are understandably hesitant about using applications and storing data in the public cloud. Concerns such as: “Is my data secure?” “Who has access to my data?” “What happens if the public cloud provider suffers a breach?” or “Who is responsible if my data is exposed?” are common as they consider making the journey to the cloud. Despite an inherent loss of control with cloud computing, the consumer still bears some responsibility for their use of these services. The Cloud Standards Customer Council published the “Security for Cloud Computing: 10 Steps to Ensure Success”... read more

UDID Primer: Breaking down Apple’s leaky situation

Posted by Erica Benton in Cloud, Security Sep 14th, 2012 | No Comments
When news broke last week that one million Apple UDIDs had been stolen by hacktivists, users panicked: What is a UDID? How did personally identifiable info get leaked along with the UDIDs? How can I protect my personally identifiable information? What is a UDID? On its own, the UDID is just a glorified unique serial number for all iPhones, iPads and iPod Touches, consisting of a long string of numbers and letters. As such, it’s virtually useless to a hacker and no privacy or security threat to a user. It has, until recently, been freely available to developers – collected without permission... read more

Google and VirusTotal? A big win for the security industry.

Posted by Eva Chen in Security Sep 7th, 2012 | No Comments
Like many of you, I saw today’s news of Google’s announced acquisition of VirusTotal. I had some thoughts that I wanted to share about this. Quite simply, I think this is excellent news for Trend Micro, for the industry and everyone. Why is that, you might ask? Two reasons: First, Google is definitely not trying to make money from stand-alone security.  Google acquired Postini, an email security company, for $625 million in 2007, but they recently announced that they will be retiring Postini, and will instead be offering its security and archiving features in some of their Google Apps products... read more

How to Thwart the Digital Insider: an Advanced Persistent Response to targeted attacks

Posted by Tom Kellermann in Cyber crime, Deep Security, Security Aug 13th, 2012 | No Comments
One of the oft-repeated themes in media reporting of cyber security events is that the “threat landscape is constantly evolving,” that attacks are becoming increasingly sophisticated and targeted and the men and women behind them are better resourced than ever before. Trend Micro research has found that over 90 percent of enterprise networks contain active, malicious malware with one new threat created every second. It’s certainly true, but begs for a deeper and more nuanced analysis. How are these attacks getting more sophisticated? How can a digital insider lay hidden, undetected within... read more

Why the Silicon Valley Moved East

Posted by JD Sherry in Cloud, Security Aug 2nd, 2012 | No Comments
Although the recent legislation for the Cybersecurity Act of 2012 did not have enough support in congress to pass, the greater Washington DC area is making a clear statement that it wants to be the next Silicon Valley.  The Federal government, its defense contractors and hardware/software manufactures from around the globe are forming alliances to build better castles and dungeons within the Clouds.  This is to establish a new and improved protocol for protecting our national security interests and our deepest secrets from miscreants.  The recruitment, education and mobilization of cyber forces... read more

Offense Must Inform Defense: The Importance of Continuous Monitoring

Posted by Tom Kellermann in Security, Threats Jul 20th, 2012 | 3 Comments
In light of the introduction yesterday of the seminal Cyber Security Act and the Presidents OP-Ed in the WSJ: Taking the Cyberthreat Seriously. It is time we learn a lesson from those learned by the Federal Government in Cybersecurity. For the last 6 years the United States government has been struggling to determine how nation state and non-state hackers have bypassed perimeter defenses.   After the Comprehensive National Cyber Initiative (CNCI) it was determined that most government agencies over rely on their perimeter defenses. The gauntlet was thrown down to determine how the offensive tactics... read more

Join me online for the BS-free “Future of Cloud Computing” Think Tank with Dell, VMware, and 15 top cloud leaders

Posted by Dave Asprey in Cloud, Security Jun 25th, 2012 | 1 Comment
I go to cloud computing and security conferences about 40 times a year as a part of my job as VP of cloud security at Trend Micro. To be an effective technology evangelist, you have to know a lot of things that are outside your core technology expertise, and going to these conferences to stay informed gives me the opportunity to share my work in the form of keynotes and technical presentations. Here’s the secret to getting the most out of conferences: hang out in the hallway outside the sessions and talk to the people you meet. The “Clouderati” like me are very selective about... read more

HIPAA hiccups

Posted by Jonathan Gershater in Cloud, Deep Security, Malware, Privacy, Compliance and Identity, public cloud, Securing the Cloud, Security, Threats Apr 2nd, 2012 | Comments Off
Not a month goes by when there isn’t an announcement of a breach of electronic health records thereby disclosing personal and financial data; and that excludes breaches that are not publicly acknowledged.  In a recent report  from the American National Standards Institute (ANSI), 18 million Americans have had their personal health information stolen over the past two years. So one has to ask: considering the financial and legal implications of a breach of health records, why don’t organizations deploy security solutions to protect electronic health records? Answers often offered by CIOs... read more

« Previous Entries