FreshRSS

🔒
❌ About FreshRSS
☷
△ 🔃
There are new available articles, click to refresh the page.
Before yesterdayhttp://blog.trendmicro.com/feed

Risk Decisions in an Imperfect World

By Mark Nunnikhoven (Vice President, Cloud Research)

Risk decisions are the foundation of information security. Sadly, they are also one of the most often misunderstood parts of information security.

This is bad enough on its own but can sink any effort at education as an organization moves towards a DevOps philosophy.

To properly evaluate the risk of an event, two components are required:

  1. An assessment of the impact of the event
  2. The likelihood of the event

Unfortunately, teams—and humans in general—are reasonably good at the first part and unreasonably bad at the second.

This is a problem.

It’s a problem that is amplified when security starts to integration with teams in a DevOps environment. Originally presented as part of AllTheTalks.online, this talk examines the ins and outs of risk decisions and how we can start to work on improving how our teams handle them.

 

The post Risk Decisions in an Imperfect World appeared first on .

Trend Micro’s Top Ten MITRE Evaluation Considerations

By Trend Micro

The introduction of the MITRE ATT&CK evaluations is a welcomed addition to the third-party testing arena. The ATT&CK framework, and the evaluations in particular, have gone such a long way in helping advance the security industry as a whole, and the individual security products serving the market.

The insight garnered from these evaluations is incredibly useful.  But let’s admit, for everyone except those steeped in the analysis, it can be hard to understand. The information is valuable, but dense. There are multiple ways to look at the data and even more ways to interpret and present the results (as no doubt you’ve already come to realize after reading all the vendor blogs and industry articles!) We have been looking at the data for the past week since it published, and still have more to examine over the coming days and weeks.

The more we assess the information, the clearer the story becomes, so we wanted to share with you Trend Micro’s 10 key takeaways for our results:

1. Looking at the results of the first run of the evaluation is important:

  • Trend Micro ranked first in initial overall detection. We are the leader in detections based on initial product configurations. This evaluation enabled vendors to make product adjustments after a first run of the test to boost detection rates on a re-test. The MITRE results show the final results after all product changes. If you assess what the product could detect as originally provided, we had the best detection coverage among the pool of 21 vendors.
  • This is important to consider because product adjustments can vary in significance and may or may not be immediately available in vendors’ current product. We also believe it is easier to do better, once you know what the attacker was doing – in the real world, customers don’t get a second try against an attack.
  • Having said that, we too took advantage of the retest opportunity since it allows us to identify product improvements, but our overall detections were so high, that even removing those associated with a configuration change, we still ranked first overall.

  • And so no one thinks we are just spinning… without making any kind of exclusions to the data at all, and just taking the MITRE results in their entirety, Trend Micro had the second highest detection rate, with 91+% detection coverage.

2. There is a hierarchy in the type of main detections – Techniques is most significant

  • There is a natural hierarchy in the value of the different types of main detections.
    • A general detection indicates that something was deemed suspicious but it was not assigned to a specific tactic or technique.
    • A detection on tactic means the detection can be attributed to a tactical goal (e.g. credential access).
    • Finally, a detection on technique means the detection can be attributed to a specific adversarial action (e.g. credential dumping).
  • We have strong detection on techniques, which is a better detection measure. With the individual MITRE technique identified, the associated tactic can be determined, as typically, there are only a handful of tactics that would apply to a specific technique. When comparing results, you can see that vendors had lower tactic detections on the whole, demonstrating a general acknowledgement of where the priority should lie.
  • Likewise, the fact that we had lower general detections compared to technique detections is a positive. General detections are typically associated with a signature; as such, this proves that we have a low reliance on AV.
  • It is also important to note that we did well in telemetry which gives security analysts access to the type and depth of visibility they need when looking into detailed attacker activity across assets.


https://attackevals.mitre.org/APT29/detection-categories.html 

3. More alerts does not equal better alerting – quite the opposite

  • At first glance, some may expect one should have the same number of alerts as detections. But not all detections are created equal, and not everything should have an alert (remember, these detections are for low level attack steps, not for separate attacks.)
  • Too many alerts can lead to alert fatigue and add to the difficulty of sorting through the noise to what is most important.
  • When you consider the alerts associated with our higher-fidelity detections (e.g. detection on technique), you can see that the results show that Trend Micro did very well at reducing the noise of all of the detections into a minimal volume of meaningful/actionable alerts.

4. Managed Service detections are not exclusive

  • Our MDR analysts contributed to the “delayed detection” category. This is where the detection involved human action and may not have been initiated automatically.
  • Our results shows the strength of our MDR service as one way for detection and enrichment. If an MDR service was included in this evaluation, we believe you would want to see it provide good coverage, as it demonstrates that the team is able to detect based on the telemetry collected.
  • What is important to note though is that the numbers for the delayed detection don’t necessarily mean it was the only way a detection was/could be made; the same detection could be identified by other means. There are overlaps between detection categories.
  • Our detection coverage results would have remained strong without this human involvement – approximately 86% detection coverage (with MDR, it boosted it up to 91%).

5. Let’s not forget about the effectiveness and need for blocking!

  • This MITRE evaluation did not test for a product’s ability to block/protect from an attack, but rather exclusively looks at how effective a product is at detecting an event that has happened, so there is no measure of prevention efficacy included.
  • This is significant for Trend, as our philosophy is to block and prevent as much as you can so customers have less to clean up/mitigate.

6. We need to look through more than the Windows

  • This evaluation looked at Windows endpoints and servers only; it did not look at Linux for example, where of course Trend has a great deal of strength in capability.
  • We look forward to the expansion of the operating systems in scope. Mitre has already announced that the next round will include a linux system.

7. The evaluation shows where our product is going

  • We believe the first priority for this evaluation is the main detections (for example, detecting on techniques as discussed above). Correlation falls into the modifier detection category, which looks at what happens above and beyond an initial detection.
  • We are happy with our main detections, and see great opportunity to boost our correlation capabilities with Trend Micro XDR, which we have been investing in heavily and is at the core of the capabilities we will be delivering in product to customers as of late June 2020.
  • This evaluation did not assess our correlation across email security; so there is correlation value we can deliver to customers beyond what is represented here.

8. This evaluation is helping us make our product better

  • The insight this evaluation has provided us has been invaluable and has helped us identify areas for improvement and we have initiate product updates as a result.
  • As well, having a product with a “detection only” mode option helps augment the SOC intel, so our participation in this evaluation has enabled us to make our product even more flexible to configure; and therefore, a more powerful tool for the SOC.
  • While some vendors try to use it against us, our extra detections after config change show that we can adapt to the changing threat landscape quickly when needed.

9. MITRE is more than the evaluation

  • While the evaluation is important, it is important to recognize MITRE ATT&CK as an important knowledge base that the security industry can both align and contribute to.
  • Having a common language and framework to better explain how adversaries behave, what they are trying to do, and how they are trying to do it, makes the entire industry more powerful.
  • Among the many things we do with or around MITRE, Trend has and continues to contribute new techniques to the framework matrices and is leveraging it within our products using ATT&CK as a common language for alerts and detection descriptions, and for searching parameters.

10. It is hard not to get confused by the fud!

  • MITRE does not score, rank or provide side by side comparison of products, so unlike other tests or industry analyst reports, there is no set of “leaders” identified.
  • As this evaluation assesses multiple factors, there are many different ways to view, interpret and present the results (as we did here in this blog).
  • It is important that individual organizations understand the framework, the evaluation, and most importantly what their own priorities and needs are, as this is the only way to map the results to the individual use cases.
  • Look to your vendors to help explain the results, in the context that makes sense for you. It should be our responsibility to help educate, not exploit.

The post Trend Micro’s Top Ten MITRE Evaluation Considerations appeared first on .

Suddenly Teleworking, Securely

By Greg Young (Vice President for Cybersecurity)

So you suddenly have a lot of staff working remotely. Telework is not new and a good percentage of the workforce already does so. But the companies who have a distributed workforce had time to plan for it, and to plan for it securely.

A Lot of New Teleworkers All At Once

This event can’t be treated like a quick rollout of an application: there are business, infrastructure, and customer security impacts. There will be an increase of work for help desks as new teleworkers wrestle with remote working.

Additionally, don’t compound the problem. There is advice circulating to reset all passwords for remote workers. This opens the door for increased social engineering to attempt to lure overworked help desk staff into doing password resets that don’t comply with policy. Set expectations for staff that policy must be complied with, and to expect some delays while the help desk is overloaded.

Business continuity issues will arise as limited planning for remote workers could max out VPN licenses, firewall capacity, and application timeouts as many people attempt to use the same apps through a narrower network pipe.

Help Staff Make A Secure Home Office

In the best of times, remote workers are often left to their own devices (pun intended) for securing their work at home experience. Home offices are already usually much less secure than corporate offices: weak routers, unmanaged PCs, and multiple users means home offices become an easier attack path into the enterprise.

It doesn’t make sense to have workers operate in a less secure environment in this context. Give them the necessary security tools and operational tools to do their business. Teleworkers, even with a company-issued device, are likely to work on multiple home devices. Make available enterprise licensed storage and sharing tools, so employees don’t have to resort to ‘sketchy’ or weak options when they exceed the limits for free storage on Dropbox or related services.

A Secure Web Gateway as a service is a useful option considering that teleworkers using a VPN will still likely be split tunneling (i.e. not going through corporate security devices when browsing to non-corporate sites, etc.), unlike when they are in the corporate office and all connections are sanitized. That is especially important in cases where a weak home router gets compromised and any exfiltration or other ‘phone home’ traffic from malware needs to be spotted.

A simple way to get this information out to employees is to add remote working security tips to any regularly occurring executive outreach.

Operational Issues

With a large majority of businesses switching to a work-from-home model with less emphasis on in-person meetings, we also anticipate that malicious actors will start to impersonate digital tools, such as ‘free’ remote conferencing services and other cloud computing software.

Having a policy on respecting telework privacy is a good preventative step to minimize the risk of this type of attack being successful. Remote workers may be concerned about their digital privacy when working from home, so any way to inform them about likely attack methods can help.

Any steps to prevent staff trying to evade security measures out of a concern over privacy are likely a good investment.

Crisis Specific Risks

During any major event or crisis, socially engineered attacks and phishing will increase. Human engineering means using any lever to make it a little bit easier for targets to click on a link.

We’re seeing targeted email attacks taking advantage of this. Some will likely use tactics such as attachments named “attached is your Work At Home Allowance Voucher,” spoofed corporate guidelines, or HR documents.

Sadly, we expect hospitals and local governments will see increased targeting by ransomware due the expectation that payouts are likelier during an emergency.

But Hang On – It Is Not All Bad News

The good news is that none of these attacks are  new and we already have playbooks to defend against them. Give a reminder to all staff during this period to be more wary of phishing, but don’t overly depend on user education – back it up with security technology measures. Here are a few ways to do that.

  • Give your remote workers the security and productivity tools they need to protect themselves and their non-corporate IT resources.
  • Include an enterprise managed cloud storage account for work documents so employees don’t find free versions that may not be safe.
  • Enable customers and supply chain partners, who may also be teleworking, to interact with you securely.

The post Suddenly Teleworking, Securely appeared first on .

How to Manage Your Privacy On and Off Facebook

By Trend Micro

Social media has come a long way in a short space of time. In a little over a decade, it’s grown from being the preserve of a relatively small group of online enthusiasts to one of the defining trends of 21st century life. As the undisputed global leader in this field, Facebook now boasts nearly 1.7 billion daily active users.

Not only do we share personal and global news, photos and videos with each other every day on the site, we also log-in to our favorite third-party websites and apps via Facebook to shop, chat, play games and much more. In short, social media makes life more fun, more social, and more connected.

But at the same time, our digital lives have become more complicated. Sometimes we share without realizing the significance of the data we’re showing others — including strangers, trolls and maybe even fraudsters. Sometimes we sign-up for third-party apps/services that take advantage of small print agreements to sell our data on to others — possibly for uses we did not want. And often, the websites we visit independently of Facebook send data on our browsing behavior back to the social network without our knowledge.

Some of us view this kind of tracking as the price we pay for free internet services, and welcome the improved personalization it enables. But others may feel creeped out that their family’s every click and swipe is being silently monitored, logged, and shared.

Time for action

The good news is that Facebook has been listening (to some extent!) to regulators and consumers, and has started the new year by offering users more tools to shine a light on where and how their data is being used, and how they can protect their privacy. But we’re talking here about a platform that has been growing non-stop for the past 15 years. Complexity is everywhere, and it’s not always easy to find the tools you need to enhance your privacy on the site.

That’s why we’ve put together this short guide. It’ll teach you where your privacy is most at risk on Facebook, and what you can do to manage these risks, including an assist by Trend Micro’s own Privacy Scanner tool.

Why should I be worried?

Although social media offers much to enrich and improve our lives, there are multiple levels of privacy risk involved in using it. For many of us, the stakes have risen almost silently in the background over the past few years. We can split these into three basic areas:

Oversharing: At a very basic level Facebook allows you to share news, pictures, stories and more with the world. But would you want your boss, prospective employer, law enforcement, credit agencies and other users to see every little thing about you? Yes, they increasingly use Facebook as a source of intelligence gathering, so you may want to limit who can view your information to just those in your friendship network.

Among the most prodigious collectors and monetizers of our private data are cyber-criminals. A Facebook account is a trove of sensitive personal information: everything from email addresses and phone numbers to partners and political preferences. It could all be leveraged to commit identity fraud or craft convincing phishing emails which trick you into giving away even more details. Something as innocuous as a photo of a family pet could provide hackers with some useful intel for guessing your online passwords. Or what about a real-time update from the beach? It might be all an opportunistic burglar needs to raid your home.

Third-party apps and websites: One of the most controversial aspects of data collection and use on Facebook relates to partner sites and services. Often, users sign-up for these apps without being fully aware of how their data will be used, or even what profile data the app may be gaining permission to harvest. It was data on 87 million Facebook users and their friends collected by a popular third-party personality test app that ended up being sold to Cambridge Analytica. It was then controversially used to target US voters ahead of the last Presidential election.

Following a huge FTC fine, Facebook is now more rigorous in ensuring third-party developers comply with its privacy and data use policies. But some users may still balk at their private data being sold on to third parties.

Other Off-Facebook activity: Apps and websites that you log into with your Facebook ID technically count as “off-Facebook activity”: that is, stuff that happens outside of the social site. But there’s more. Did you know, for example, that Facebook collects data from a huge number of additional sites and apps that aren’t obviously connected to the platform?

It uses code embedded on these sites to track what you do there, in order to make advertising on Facebook more targeted and personalized. So accurate and covert is this technology that it has given rise to a conspiracy theory that Facebook is somehow listening in to its users’ phone calls. It’s not. Users simply don’t know that, when they visit many sites and apps on the web, those same sites are secretly sending data back to Facebook, which then serves up relevant ads. Just bought Season One of your favorite show on a streaming app? You may get an ad for Season Two when you next visit your Facebook account.

Some people may be fine with this trade-off: privacy for a more tailored user experience. But many others may not. It’s one thing monitoring what you bought off an e-commerce site, quite another to track who you swiped left on when you were last on a dating site.

How can I manage my privacy better?

Fortunately, Facebook provides tools to help you to manage your privacy. Let’s go through some of them, from the newest to the oldest.

Off-Facebook
Facebook has just released a way of checking which sites/apps track and send data on your web usage back to the social network, clearing your data sharing history with them, and disconnecting for the future.

  • The Off-Facebook Activity tool can be reached here, or you can go to Settings > Your Facebook Information > Off-Facebook Activity.
  • Click Manage Your Off-Facebook Activity and you’ll see a list of the (possibly many) apps and sites that have shared info about you with Facebook, including how they shared the data, and what kind of data it is.
  • You can turn off this activity by going to Clear History. However, to prevent such data sharing in future, you will need to go to Manage Future Activity and then toggle it Off.

There are some caveats. Disconnecting in this way will log you out of any apps/sites you used Facebook to log into. In addition, it will not stop Facebook serving you advertising — you’ll get the same number of ads, except these won’t be as personalized as before. Facebook will also continue to receive information about your interactions on various sites, but this will be anonymized.

Particular apps, games and websites

You can also directly edit the privacy and settings of particular apps, games and websites you’ve logged into with your Facebook account.

  • Go here, or click Settings, then Apps and Websites in the menu on the left.
  • Click the name of the app, game or website you want to update, or Search Apps and Websites with the Search tool on the upper right to find it.
  • Once you’ve found the app, game, or website in question, update the information you’re sharing, who can see that you use it, and the notifications you receive.
  • Click Save to save your changes.

Basic privacy settings

Facebook has also overhauled its most basic privacy settings. Its Privacy Checkup tool features four distinct sections.

  • Click at the top of any page on Facebook and select Privacy Checkup. Then choose
  • Who Can See What You Share to review and change who can view your profile info and posts, and to block individuals if you wish.
  • How to Keep Your Account Secure to choose a stronger password and turn on login alerts.
  • How People Can Find You On Facebook enables you to choose who can look you up and send friend requests.
  • Your Data Settings on Facebook provides a list of apps and sites you’ve used Facebook to log-in to and allows you to remove these.

How Trend Micro can help

An easier option for managing your basic privacy on Facebook is the Trend Micro Privacy Scanner, which is available within Trend Micro Security on Windows and Mac, and within Mobile Security on Android and iOS. It automates the process of finding and fixing any potentially risky settings to keep your personal data safe from prying eyes.

It’s turned on by default in Trend Micro Internet and Maximum Security, as well as in Mobile Security.

  • Either click on the Privacy icon in the TMS Console, or in the PC or Mac browser click the Trend Micro Toolbar and select Check Your Online Privacy/Check Social Network Privacy
  • In Mobile Security, tap the panel for Social Network Privacy > Facebook.
  • Once you’re signed-in to Facebook, See Scan Results, and then click or tap Fix All, or click or tap on the drop down to view and edit each issue separately.

Facebook is getting better at privacy, but its controls can be hard to find, and functionality is constantly being updated. That’s why we recommend a privacy audit every few months. Check in with your Facebook Privacy settings directly or via the Privacy Scanner to make sure you’re not leaking personal data. Privacy is subjective, but we’re all getting more critical about how big corporations use our data — and that’s not a bad thing.

Go here for more information on Trend Micro Security and Trend Micro Mobile Security.

The post How to Manage Your Privacy On and Off Facebook appeared first on .

The Everyday Cyber Threat Landscape: Trends from 2019 to 2020

By Trend Micro

The past 12 months have been another bumper year for cybercrime affecting everyday users of digital technology. Trend Micro blocked more than 26.8 billion of these threats in the first half of 2019 alone. The bad news is that there are many more out there waiting to steal your personal data for identity fraud, access your bank account, hold your computer to ransom, or extort you in other ways.

To help you stay safe over the coming year we’ve listed some of the biggest threats from 2019 and some trends to keep an eye on as we hit the new decade. As you’ll see, many of the most dangerous attacks will look a lot like the ones we warned about in 2019.

As we enter 2020 the same rules apply: stay alert, stay sceptical, and stay safe by staying protected.

Top five threats of 2019

Cybercrime is a chaotic, volatile world. So to make sense of the madness of the past 12 months, we’ve broken down the main type of threats consumers encountered into five key areas:

Home network threats: Our homes are increasingly powered by online technologies. Over two-thirds (69%) of US households now own at least one smart home device: everything from voice assistant-powered smart speakers to home security systems and connected baby monitors. But gaps in protection can expose them to hackers. As the gateway to our home networks, routers are particularly at risk. It’s a concern that 83% are vulnerable to attack. There were an estimated 105m smart home attacks in the first half of 2019 alone.

Endpoint threats: These are attacks aimed squarely at you the user, usually via the email channel. Trend Micro detected and blocked more than 26 billion such email threats in the first half of 2019, nearly 91% of the total number of cyber-threats. These included phishing attacks designed to trick you into clicking on a malicious link to steal your personal data and log-ins or begin a ransomware download. Or they could be designed to con you into handing over your personal details, by taking you to legit-looking but spoofed sites. Endpoint threats sometimes include social media phishing messages or even legitimate websites that have been booby-trapped with malware.

Mobile security threats: Hackers are also targeting our smartphones and tablets with greater gusto. Malware is often unwittingly downloaded by users, since it’s hidden in normal-looking Android apps, like the Agent Smith adware that infected over 25 million handsets globally this year. Users are also extra-exposed to social media attacks and those leveraging unsecured public Wi-Fi when using their devices. Once again, the end goal for the hackers is to make money: either by stealing your personal data and log-ins; flooding your screen with adverts; downloading ransomware; or forcing your device to contact expensive premium rate phone numbers that they own.

Online accounts under attack: Increasingly, hackers are after our log-ins: the virtual keys that unlock our digital lives. From Netflix to Uber, webmail to online banking, access to these accounts can be sold on the dark web or they can be raided for our personal identity data. Individual phishing attacks is one way to get these log-ins. But an increasingly popular method in 2019 was to use automated tools that try tens of thousands of previously breached log-ins to see if any of them work on your accounts. From November 2017 through the end of March 2019, over 55 billion such attacks were detected.

Breaches are everywhere: The raw materials needed to unlock your online accounts and help scammers commit identity fraud are stored by the organizations you interact with online. Unfortunately, these companies continued to be successfully targeted by data thieves in 2019. As of November 2019, there were over 1,200 recorded breaches in the US, exposing more than 163 million customer records. Even worse, hackers are now stealing card data direct from the websites you shop with as they are entered in, via “digital skimming” malware.

What to look out for in 2020

Smart homes under siege: As we invest more money in smart gadgets for our families, expect hackers to double down on network attacks. There’s a rich bounty for those that do: they can use an exposed smart endpoint as a means to sneak into your network and rifle through your personal data and online accounts. Or they could monitor your house via hacked security cameras to understand the best time to break in. Your hacked devices could even be recruited into botnets to help the bad guys attack others.

Social engineering online and by phone: Attacks that target user credulity are some of the most successful. Expect them to continue in 2020: both traditional phishing emails and a growing number of phone-based scams. Americans are bombarded by 200 million automated “robocalls” each day, 30% of which are potentially fraudulent. Sometimes phone fraud can shift quickly online; for example, tech support scams that convince the user there’s something wrong with their PC. Social engineering can also be used to extort money, such as in sextortion scams designed to persuade victims that the hacker has and is about to release a webcam image of them in a “compromising position.” Trend Micro detected a 319% increase in these attacks from 2H 2018 to the first half of 2019.

Threats on the move: Look out for more mobile threats in 2020. Many of these will come from unsecured public Wi-Fi which can let hackers eavesdrop on your web sessions and steal identity data and log-ins. Even public charging points can be loaded with malware, something LA County recently warned about. This comes on top of the escalating threat from malicious mobile apps.

All online accounts are fair game: Be warned that almost any online account you open and store personal data in today will be a target for hackers tomorrow. For 2020, this means of course you will need to be extra careful about online banking. But also watch out for attacks on gaming accounts.  Not only your personal identity data and log-ins but also lucrative in-game tokens will become highly sought after. Twelve billion of those recorded 55 billion credential stuffing attacks were directed at the gaming industry.

Worms make a comeback: Computer worms are dangerous because they self-replicate, allowing hackers to spread attacks without user interaction. This is what happened with the WannaCry ransomware attacks of 2017. A Microsoft flaw known as Bluekeep offers a new opportunity to cause havoc in 2020. There may be more out there.

How to stay safe

Given the sheer range of online threats facing computer users in 2020, you’ll need to cover all bases to keep your systems and data safe. That means:

Protecting the smart home with network monitoring solutions, regular checks for security updates on gadgets/router, changing the factory default logins to strong passwords, and putting all gadgets onto a guest network.

Tackling data-stealing malware, ransomware and other worm-style threats with strong AV from a reputable vendor, regular patching of your PC/mobile device, and strong password security (as given below).

Staying safe on the move by always using VPNs with public Wi-Fi, installing AV on your device, only frequenting official app stores, and ensuring you’re always on the latest device OS version. And steer clear of public USB charging points.

Keeping accounts secure by using a password manager for creating and storing strong passwords and/or switching on two-factor authentication where available. This will stop credential stuffing in its tracks and mitigate the impact of a third-party breach of your log-ins. Also, never log-in to webmail or other accounts on shared computers.

Taking on social engineering by never clicking on links or opening attachments in unsolicited emails, texts or social media messages and never giving out personal info over the phone.

How Trend Micro can help

Fortunately, Trend Micro fully understands the multiple sources for modern threats. It offers a comprehensive range of security products to protect all aspects of your digital life — from your smart home, home PCs, and mobile devices to online accounts including email and social networks, as well as when browsing the web itself.

Trend Micro Home Network Security: Provides protection against network intrusions, router hacks, web threats, dangerous file downloads and identity theft for every device connected to the home network.

Trend Micro Security: Protects your PCs and Macs against web threats, phishing, social network threats, data theft, online banking threats, digital skimmers, ransomware and other malware. Also guards against over-sharing on social media.

Trend Micro Mobile Security: Protects against malicious app downloads, ransomware, dangerous websites, and unsafe Wi-Fi networks.

Trend Micro Password Manager: Provides a secure place to store, manage and update your passwords. It remembers your log-ins, enabling you to create long, secure and unique credentials for each site/app you need to sign-in to.

Trend Micro WiFi Protection: Protects you on unsecured public WiFi by providing a virtual private network (VPN) that encrypts your traffic and ensures protection against man-in-the-middle (MITM) attacks.

Trend Micro ID Security (Android, iOS): Monitors underground cybercrime sites to securely check if your personal information is being traded by hackers on the Dark Web and sends you immediate alerts if so.

The post The Everyday Cyber Threat Landscape: Trends from 2019 to 2020 appeared first on .

❌