Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-12-12Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20221212:linux:62f9491, author = {David Fiser and Alfredo Oliveira}, title = {{Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT}}, date = {2022-12-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/l/linux-cryptomining-enhanced-via-chaos-rat-.html}, language = {English}, urldate = {2022-12-14} } Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
Chaos
2022-09-08Trend MicroNitesh Surana, David Fiser, Alfredo Oliveira
@online{surana:20220908:how:a5c5cf6, author = {Nitesh Surana and David Fiser and Alfredo Oliveira}, title = {{How Malicious Actors Abuse Native Linux Tools in Attacks}}, date = {2022-09-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html}, language = {English}, urldate = {2022-09-19} } How Malicious Actors Abuse Native Linux Tools in Attacks
2022-07-21Trend MicroAlfredo Oliveira, David Fiser
@online{oliveira:20220721:alibaba:bef01c3, author = {Alfredo Oliveira and David Fiser}, title = {{Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography}}, date = {2022-07-21}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/g/alibaba-oss-buckets-compromised-to-distribute-malicious-shell-sc.html}, language = {English}, urldate = {2022-07-25} } Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography
2021-11-15Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20211115:groups:f889118, author = {David Fiser and Alfredo Oliveira}, title = {{Groups Target Alibaba ECS Instances for Cryptojacking}}, date = {2021-11-15}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_in/research/21/k/groups-target-alibaba-ecs-instances-for-cryptojacking.html}, language = {English}, urldate = {2021-11-19} } Groups Target Alibaba ECS Instances for Cryptojacking
2021-11-11Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20211111:teamtnt:fe67ef2, author = {David Fiser and Alfredo Oliveira}, title = {{TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments}}, date = {2021-11-11}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/k/teamtnt-upgrades-arsenal-refines-focus-on-kubernetes-and-gpu-env.html}, language = {English}, urldate = {2021-11-12} } TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
2021-11-03Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20211103:teamtnt:180af48, author = {David Fiser and Alfredo Oliveira}, title = {{TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments}}, date = {2021-11-03}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_ae/research/21/k/teamtnt-upgrades-arsenal-refines-focus-on-kubernetes-and-gpu-env.html}, language = {English}, urldate = {2021-11-08} } TeamTNT Upgrades Arsenal, Refines Focus on Kubernetes and GPU Environments
TeamTNT
2021-10-08Trend MicroAlfredo Oliveira, David Fiser
@online{oliveira:20211008:actors:329ccc0, author = {Alfredo Oliveira and David Fiser}, title = {{Actors Target Huawei Cloud Using Upgraded Linux Malware}}, date = {2021-10-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/j/actors-target-huawei-cloud-using-upgraded-linux-malware-.html}, language = {English}, urldate = {2021-10-24} } Actors Target Huawei Cloud Using Upgraded Linux Malware
2021-07-27Trend MicroAlfredo Oliveira, David Fiser
@online{oliveira:20210727:threat:dd84d57, author = {Alfredo Oliveira and David Fiser}, title = {{Threat Actors Exploit Misconfigured Apache Hadoop YARN}}, date = {2021-07-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/threat-actors-exploit-misconfigured-apache-hadoop-yarn.html}, language = {English}, urldate = {2021-08-31} } Threat Actors Exploit Misconfigured Apache Hadoop YARN
Kinsing
2021-07-20Trend MicroDavid Fiser, Alfredo Oliveira
@techreport{fiser:20210720:tracking:9085bb7, author = {David Fiser and Alfredo Oliveira}, title = {{Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group}}, date = {2021-07-20}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-tracking-the-activities-of-teamTNT.pdf}, language = {English}, urldate = {2021-07-26} } Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group
TeamTNT
2021-05-25Trend MicroMagno Logan, David Fiser
@online{logan:20210525:teamtnt:1f700b6, author = {Magno Logan and David Fiser}, title = {{TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack}}, date = {2021-05-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/teamtnt-targets-kubernetes--nearly-50-000-ips-compromised.html}, language = {English}, urldate = {2021-06-16} } TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack
2021-05-18Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20210518:teamtnts:ecbffb9, author = {David Fiser and Alfredo Oliveira}, title = {{TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software}}, date = {2021-05-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/teamtnt-extended-credential-harvester-targets-cloud-services-other-software.html}, language = {English}, urldate = {2021-05-19} } TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software
2021-04-22Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20210422:torbased:375fc9a, author = {David Fiser and Alfredo Oliveira}, title = {{Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools}}, date = {2021-04-22}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/d/tor-based-botnet-malware-targets-linux-systems-abuses-cloud-management-tools.html}, language = {English}, urldate = {2021-04-28} } Tor-Based Botnet Malware Targets Linux Systems, Abuses Cloud Management Tools
2021-02-09Trend MicroAlfredo Oliveira, David Fiser
@online{oliveira:20210209:threat:79b5467, author = {Alfredo Oliveira and David Fiser}, title = {{Threat actors now target Docker via container escape features}}, date = {2021-02-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/b/threat-actors-now-target-docker-via-container-escape-features.html}, language = {English}, urldate = {2021-02-10} } Threat actors now target Docker via container escape features
2020-12-18Trend MicroDavid Fiser
@online{fiser:20201218:teamtnt:3d5abe1, author = {David Fiser}, title = {{TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger}}, date = {2020-12-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/l/teamtnt-now-deploying-ddos-capable-irc-bot-tntbotinger.html}, language = {English}, urldate = {2020-12-23} } TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger
PerlBot TNTbotinger TeamTNT
2020-11-24Trend MicroJaromír Hořejší, David Fiser
@online{hoej:20201124:analysis:9e93ede, author = {Jaromír Hořejší and David Fiser}, title = {{Analysis of Kinsing Malware's Use of Rootkit}}, date = {2020-11-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/k/analysis-of-kinsing-malwares-use-of-rootkit.html}, language = {English}, urldate = {2020-11-25} } Analysis of Kinsing Malware's Use of Rootkit
Kinsing Kinsing