Security News

While examining the exposed information in the metrics endpoint of cAdvisor, we noticed that it exposes container labels for all the running containers on the “/metrics” endpoint. Container labels are key value pairs that are stored as a string. They are used to store metadata such as licensing information, maintainer information, versioning about container objects such as container images, running containers, volumes, daemons, and networks.

In the previous parts of this series, we have learned about cryptography, what makes quantum computers unique, and how quantum computers break this cryptography. In the fourth and final part of our study on post-quantum cryptography, we will look at quantum-resistant algorithms that could replace our existing cryptography.

We have been looking at the hacktivism landscape to help the United Nations Interregional Crime and Justice Research Institute (UNICRI) understand this cybercriminal phenomenon for their paper on the topic. The UNICRI paper was released today at a launch event held at the United Nations headquarters where we gave an overview on emerging trends in the underground.

This article discusses the importance of properly identifying and protecting AI model files and their associated assets, such as labels, from malicious or even unintended tampering.

The increased adoption of technologies like artificial intelligence (AI), machine learning (ML), large language models (LLMs), and high-performance computing (HPC) underscores the growing need to prioritize the security of graphics processing units (GPUs).

Tools that aggregate access into multiple different environments, such as API gateways, pose a security risk for all these environments upon breach. In this article, we continue our journey through the security issues of the API Gateway landscape. Our new research focuses on another popular API gateway — Kong.

This report looks into the notable email threats of 2023, including the 45,261,542 high-risk email threats we detected and blocked using the Trend Micro™ Cloud App Security solution, also referred to as Trend Vision One™ — Email and Collaboration Protection solution, which is part of the Trend Vision One Email and Collaboration Security suite.

Generative AI continues to be misused and abused by malicious individuals. In this article, we dive into new criminal LLMs, criminal services with ChatGPT-like capabilities, and deepfakes being offered on criminal sites.

The LockBit intrusion set, tracked by Trend Micro as Water Selkie, has one of the most active ransomware operations today. With LockBit’s strong malware capabilities and affiliate program, organizations should keep abreast of its machinations to effectively spot risks and defend against attacks.