The 2023 Cloud Security Report is a comprehensive study based on an extensive survey conducted among 351 cybersecurity professionals in the European Union (EU). By analyzing the latest trends in cloud adoption, identifying prevalent security challenges, and highlighting best practices, this report provides insights for organizations seeking to fortify their cloud environments.

Our annual cybersecurity report sheds light on the major security concerns that surfaced and prevailed in 2022. We also discuss how cybercriminals, specifically ransomware actors, are taking their cue from legitimate organizations when it comes to diversifying their portfolios and rebranding their image, and the top vulnerabilities that malicious actors have abused last year.

This research paper is a joint effort between Trend Micro and Waratah Analytics, a data-modeling, risk-analysis, and exposure management services provider. It analyzes the modern ransomware ecosystem using data-science approaches and leverages information collected from network-based and host-based telemetry, underground forums, bitcoin and financial transactions, and chat logs - together with a deep analysis of criminal business processes - to find trends, new developments, and choke points in the ransomware ecosystem.

This report examines the most important stories, issues, and trends that affected the cybersecurity landscape in 2020.

This report looks at the present state of Malicious uses of AI, then makes predictions for the future. It ends with recommendations to prevent malicious use of AI.

This report takes a look at the most significant stories and trends in order to determine what has changed and what to expect for the second half of 2020 in the cybersecurity industry.

As more organizations move to the cloud and public cloud platforms gain more users and offer more services, cybercriminals will find ways to launch attacks and profit from compromise. As we’ve demonstrated in this research, misconfiguration in cloud services opens an organization to risks like cryptojacking, e-skimming, and data exfiltration. Container technologies in the cloud, when exposed, also pose similar risks. Finally, mismanagement of credentials and other secrets have costs that can grow as threats move across the cloud stack.

In this midyear report, TrendMicro tracks the tendency of security risks to emerge from aspects of computing that are often overlooked and show how costly they can be especially for enterprises.

CopyKittens is a cyberespionage group that has been operating since at least 2013. In November 2015, ClearSky and Minerva Labs published1 the first public report exposing its activity. In March 2017, ClearSky published a second report2 exposing further incidents, some of which impacted the German Bundestag. In this report, Trend Micro and ClearSky expose a vast espionage apparatus spanning the entire time the group has been active. It includes recent incidents as well as older ones that have not been publicly reported; new malware; exploitation, delivery and command and control infrastructure; and the group’s modus operandi. We dubbed this activity Operation Wilted Tulip

This paper surveys some of the existing smart technologies currently used in smart cities worldwide. Much like our previous reports on exposed smart devices and the hacking of robots in smart factories, this paper will discuss the risks of using smart technologies in critical sectors and will provide actionable steps to help local governments and urban developers design more secure smart cities.

This report offers Security Predictions for 2018

Trend Micro researchers’ in-depth explorations of the cybercriminal underworld— from Germany1, Brazil2, Japan3, North America4, and China5 to Russia6—have shown how financial gain motivates the way malware, crimeware, personally identifiable information (PII), and stolen commodities change hands. While their marketplaces are profit-driven and focused on flaunting their wares, we observed that the Middle Eastern and North African (MENA) underground was somewhat different with its ironic mix of ideology and felony.

There is currently very little published research discussing the cybersecurity threats against ITS. In this paper, we first explored real-world ITS cyberattacks and their impact. As cyberattacks and attackers go hand-in-hand, we discussed the most likely perpetrators and their goals and motivations for attacking ITS. We then applied our knowledge of current cyberattacks to develop and analyze future cyberattack scenarios against ITS and Smart Roads.

In this report, we round up all the significant security stories during the first half of 2016 to encourage businesses to check for vulnerabilities cybercriminals may abuse. Our report also aims to highlight the need for enterprises to be vigilant in finding solutions that would stop cybercriminals from winning and letting our prediction become their reality.