Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-08-06Trend MicroMarshall Chen, Loseway Lu, Yorkbing Yap, Fyodor Yarochkin
@online{chen:20200806:water:e7860e3, author = {Marshall Chen and Loseway Lu and Yorkbing Yap and Fyodor Yarochkin}, title = {{Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts}}, date = {2020-08-06}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/water-nue-campaign-targets-c-suites-office-365-accounts/}, language = {English}, urldate = {2020-08-13} } Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts
2020-07-28Trend MicroFernando Mercês
@online{mercs:20200728:mirai:3538243, author = {Fernando Mercês}, title = {{Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902}}, date = {2020-07-28}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902/}, language = {English}, urldate = {2020-07-30} } Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
Mirai
2020-07-27Trend MicroAliakbar Zahravi
@online{zahravi:20200727:ensiko:fe08ad9, author = {Aliakbar Zahravi}, title = {{Ensiko: A Webshell With Ransomware Capabilities}}, date = {2020-07-27}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/ensiko-a-webshell-with-ransomware-capabilities/}, language = {English}, urldate = {2020-07-30} } Ensiko: A Webshell With Ransomware Capabilities
Ensikology
2020-07-08Trend MicroTrend Micro
@online{micro:20200708:new:ee4cbf8, author = {Trend Micro}, title = {{New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173}}, date = {2020-07-08}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-mirai-variant-expands-arsenal-exploits-cve-2020-10173/}, language = {English}, urldate = {2020-07-13} } New Mirai Variant Expands Arsenal, Exploits CVE-2020-10173
Mirai
2020-07-08Trend MicroTrend Micro Threat Research Team
@online{team:20200708:ransomware:90c8636, author = {Trend Micro Threat Research Team}, title = {{Ransomware Report: Avaddon and New Techniques Emerge, Industrial Sector Targeted}}, date = {2020-07-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-report-avaddon-and-new-techniques-emerge-industrial-sector-targeted}, language = {English}, urldate = {2020-07-30} } Ransomware Report: Avaddon and New Techniques Emerge, Industrial Sector Targeted
Avaddon Ransomware
2020-06-26Trend MicroJoseph C Chen
@online{chen:20200626:us:8bce65c, author = {Joseph C Chen}, title = {{US Local Government Services Targeted by New Magecart Credit Card Skimming Attack}}, date = {2020-06-26}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/us-local-government-services-targeted-by-new-magecart-credit-card-skimming-attack/}, language = {English}, urldate = {2020-06-30} } US Local Government Services Targeted by New Magecart Credit Card Skimming Attack
magecart
2020-06-22Trend MicroAugusto Remillano II
@online{ii:20200622:xorddos:d41d1a7, author = {Augusto Remillano II}, title = {{XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers}}, date = {2020-06-22}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/xorddos-kaiji-botnet-malware-variants-target-exposed-docker-servers/}, language = {English}, urldate = {2020-06-24} } XORDDoS, Kaiji Botnet Malware Variants Target Exposed Docker Servers
Kaiji XOR DDoS
2020-06-11Trend MicroEcular Xu, Joseph C. Chen
@online{xu:20200611:new:016cec1, author = {Ecular Xu and Joseph C. Chen}, title = {{New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa}}, date = {2020-06-11}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-android-spyware-actionspy-revealed-via-phishing-attacks-from-earth-empusa/}, language = {English}, urldate = {2020-06-12} } New Android Spyware ActionSpy Revealed via Phishing Attacks from Earth Empusa
ActionSpy PoisonCarp
2020-06-05Trend MicroFord Qin
@online{qin:20200605:new:7251449, author = {Ford Qin}, title = {{New Tekya Ad Fraud Found on Google Play}}, date = {2020-06-05}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-tekya-ad-fraud-found-on-google-play/}, language = {English}, urldate = {2020-06-10} } New Tekya Ad Fraud Found on Google Play
2020-06-03Trend MicroDaniel Lunghi
@techreport{lunghi:20200603:how:4f28e63, author = {Daniel Lunghi}, title = {{How to perform long term monitoring of careless threat actors}}, date = {2020-06-03}, institution = {Trend Micro}, url = {https://www.sstic.org/media/SSTIC2020/SSTIC-actes/pivoter_tel_bernard_ou_comment_monitorer_des_attaq/SSTIC2020-Slides-pivoter_tel_bernard_ou_comment_monitorer_des_attaquants_ngligents-lunghi.pdf}, language = {English}, urldate = {2020-06-05} } How to perform long term monitoring of careless threat actors
BBSRAT HyperBro Trochilus RAT
2020-05-21Trend MicroRaphael Centeno, Llallum Victoria
@online{centeno:20200521:backdoor:d6d37a9, author = {Raphael Centeno and Llallum Victoria}, title = {{Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers}}, date = {2020-05-21}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/backdoor-devil-shadow-botnet-hidden-in-fake-zoom-installers/}, language = {English}, urldate = {2020-05-23} } Backdoor, Devil Shadow Botnet Hidden in Fake Zoom Installers
2020-05-18Trend MicroKaren Victor
@online{victor:20200518:netwalker:91f6d65, author = {Karen Victor}, title = {{Netwalker Fileless Ransomware Injected via Reflective Loading}}, date = {2020-05-18}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/netwalker-fileless-ransomware-injected-via-reflective-loading/}, language = {English}, urldate = {2020-05-20} } Netwalker Fileless Ransomware Injected via Reflective Loading
Mailto
2020-05-14Trend MicroMatthew Stewart
@online{stewart:20200514:qnodeservice:603306e, author = {Matthew Stewart}, title = {{QNodeService: Node.js Trojan Spread via Covid-19 Lure}}, date = {2020-05-14}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/qnodeservice-node-js-trojan-spread-via-covid-19-lure/}, language = {English}, urldate = {2020-05-18} } QNodeService: Node.js Trojan Spread via Covid-19 Lure
QNodeService
2020-05-12Trend MicroJoey Chen
@techreport{chen:20200512:tropic:a3285d0, author = {Joey Chen}, title = {{Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments (Technical Brief)}}, date = {2020-05-12}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/Tech-Brief-Tropic-Trooper-s-Back-USBferry-Attack-Targets-Air-gapped-Environments.pdf}, language = {English}, urldate = {2020-05-14} } Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments (Technical Brief)
USBferry
2020-05-12Trend MicroJoey Chen
@online{chen:20200512:tropic:8fff7a4, author = {Joey Chen}, title = {{Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments}}, date = {2020-05-12}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/tropic-troopers-back-usbferry-attack-targets-air-gapped-environments/}, language = {English}, urldate = {2020-05-14} } Tropic Trooper’s Back: USBferry Attack Targets Air-gapped Environments
USBferry
2020-05-11Trend MicroGabrielle Joyce Mabutas, Kazuki Fujisawa
@online{mabutas:20200511:new:aa2bbd7, author = {Gabrielle Joyce Mabutas and Kazuki Fujisawa}, title = {{New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability}}, date = {2020-05-11}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-macos-dacls-rat-backdoor-show-lazarus-multi-platform-attack-capability}, language = {English}, urldate = {2020-06-03} } New MacOS Dacls RAT Backdoor Shows Lazarus’ Multi-Platform Attack Capability
Dacls
2020-05-11Trend MicroGabrielle Joyce Mabutas, Kazuki Fujisawa
@online{mabutas:20200511:new:e25ce4e, author = {Gabrielle Joyce Mabutas and Kazuki Fujisawa}, title = {{New MacOS Dacls RAT Backdoor Show Lazarus’ Multi-Platform Attack Capability}}, date = {2020-05-11}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-macos-dacls-rat-backdoor-show-lazarus-multi-platform-attack-capability/}, language = {English}, urldate = {2020-05-11} } New MacOS Dacls RAT Backdoor Show Lazarus’ Multi-Platform Attack Capability
Dacls
2020-04-28Trend MicroMiguel Ang
@online{ang:20200428:loki:169b27e, author = {Miguel Ang}, title = {{Loki Info Stealer Propagates through LZH Files}}, date = {2020-04-28}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/loki-info-stealer-propagates-through-lzh-files}, language = {English}, urldate = {2020-08-14} } Loki Info Stealer Propagates through LZH Files
Loki Password Stealer (PWS)
2020-04-27Trend MicroTrend Micro
@online{micro:20200427:behind:da9ae72, author = {Trend Micro}, title = {{Group Behind TrickBot Spreads Fileless BazarBackdoor}}, date = {2020-04-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/hk-en/security/news/cybercrime-and-digital-threats/group-behind-trickbot-spreads-fileless-bazarbackdoor}, language = {English}, urldate = {2020-05-02} } Group Behind TrickBot Spreads Fileless BazarBackdoor
BazarBackdoor
2020-03-24Trend MicroElliot Cao, Joseph Chen, William Gamazo Sanchez, Lilang Wu, Ecular Xu
@techreport{cao:20200324:technical:dc23839, author = {Elliot Cao and Joseph Chen and William Gamazo Sanchez and Lilang Wu and Ecular Xu}, title = {{Technical Brief: Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links}}, date = {2020-03-24}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/Tech-Brief-Operation-Poisoned-News-Hong-Kong-Users-Targeted-with-Mobile-Malware-via-Local-News-Links.pdf}, language = {English}, urldate = {2020-03-25} } Technical Brief: Operation Poisoned News: Hong Kong Users Targeted with Mobile Malware via Local News Links
dmsSpy lightSpy