Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-03-08Trend MicroJaromír Hořejší, Cedric Pernet
@online{hoej:20220308:new:7d4d70f, author = {Jaromír Hořejší and Cedric Pernet}, title = {{New RURansom Wiper Targets Russia}}, date = {2022-03-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/c/new-ruransom-wiper-targets-russia.html}, language = {English}, urldate = {2022-03-10} } New RURansom Wiper Targets Russia
RURansom
2022-01-17Trend MicroJoseph Chen, Kenney Lu, Gloria Chen, Jaromír Hořejší, Daniel Lunghi, Cedric Pernet
@techreport{chen:20220117:delving:4cd2b1c, author = {Joseph Chen and Kenney Lu and Gloria Chen and Jaromír Hořejší and Daniel Lunghi and Cedric Pernet}, title = {{Delving Deep: An Analysis of Earth Lusca’s Operations}}, date = {2022-01-17}, institution = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/a/earth-lusca-employs-sophisticated-infrastructure-varied-tools-and-techniques/technical-brief-delving-deep-an-analysis-of-earth-lusca-operations.pdf}, language = {English}, urldate = {2022-07-25} } Delving Deep: An Analysis of Earth Lusca’s Operations
BIOPASS Cobalt Strike FunnySwitch JuicyPotato ShadowPad Winnti Earth Lusca
2021-04-30Trend MicroCedric Pernet, Fyodor Yarochkin, Vladimir Kropotov
@online{pernet:20210430:how:2434ac6, author = {Cedric Pernet and Fyodor Yarochkin and Vladimir Kropotov}, title = {{How Cybercriminals Abuse OpenBullet for Credential Stuffing}}, date = {2021-04-30}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/d/how-cybercriminals-abuse-openbullet-for-credential-stuffing-.html}, language = {English}, urldate = {2021-05-03} } How Cybercriminals Abuse OpenBullet for Credential Stuffing
2020-10-28Trend MicroWilliam Gamazo Sanchez, Aliakbar Zahravi, Elliot Cao, Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Joseph C Chen, John Zhang
@online{sanchez:20201028:operation:7f4b906, author = {William Gamazo Sanchez and Aliakbar Zahravi and Elliot Cao and Cedric Pernet and Daniel Lunghi and Jaromír Hořejší and Joseph C Chen and John Zhang}, title = {{Operation Earth Kitsune: A Dance of Two New Backdoors}}, date = {2020-10-28}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/j/operation-earth-kitsune-a-dance-of-two-new-backdoors.html}, language = {English}, urldate = {2020-10-29} } Operation Earth Kitsune: A Dance of Two New Backdoors
AgfSpy DneSpy SLUB
2020-10-19Trend MicroNelson William Gamazo Sanchez, Aliakbar Zahravi, John Zhang, Eliot Cao, Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Joseph C. Chen
@techreport{sanchez:20201019:operation:e613dd2, author = {Nelson William Gamazo Sanchez and Aliakbar Zahravi and John Zhang and Eliot Cao and Cedric Pernet and Daniel Lunghi and Jaromír Hořejší and Joseph C. Chen}, title = {{Operation Earth Kitsune: Tracking SLUB’s Current Operations}}, date = {2020-10-19}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-operation-earth-kitsune.pdf}, language = {English}, urldate = {2020-10-21} } Operation Earth Kitsune: Tracking SLUB’s Current Operations
SLUB
2020-10-06Trend MicroCedric Pernet
@online{pernet:20201006:french:39018f2, author = {Cedric Pernet}, title = {{French companies Under Attack from Clever BEC Scam}}, date = {2020-10-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/j/french-companies-under-attack-from-clever-bec-scam.html}, language = {English}, urldate = {2020-10-07} } French companies Under Attack from Clever BEC Scam
2020-10-03Trend MicroJaromír Hořejší, Daniel Lunghi, Cedric Pernet, Kazuki Fujisawa
@techreport{hoej:20201003:earth:688aaf8, author = {Jaromír Hořejší and Daniel Lunghi and Cedric Pernet and Kazuki Fujisawa}, title = {{Earth Akhlut: Exploring the Tools, Tactics, and Procedures of an Advanced Threat Actor Operating a Large Infrastructure}}, date = {2020-10-03}, institution = {Trend Micro}, url = {https://vblocalhost.com/uploads/VB2020-Lunghi-Horejsi.pdf}, language = {English}, urldate = {2020-10-06} } Earth Akhlut: Exploring the Tools, Tactics, and Procedures of an Advanced Threat Actor Operating a Large Infrastructure
Dexbia TypeHash
2020-02-18Trend MicroDaniel Lunghi, Cedric Pernet, Kenney Lu, Jamz Yaneza
@online{lunghi:20200218:uncovering:93b0937, author = {Daniel Lunghi and Cedric Pernet and Kenney Lu and Jamz Yaneza}, title = {{Uncovering DRBControl: Inside the Cyberespionage Campaign Targeting Gambling Operations}}, date = {2020-02-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cyber-attacks/operation-drbcontrol-uncovering-a-cyberespionage-campaign-targeting-gambling-companies-in-southeast-asia}, language = {English}, urldate = {2020-02-20} } Uncovering DRBControl: Inside the Cyberespionage Campaign Targeting Gambling Operations
Cobalt Strike HyperBro PlugX Trochilus RAT
2020-02-18Trend MicroDaniel Lunghi, Cedric Pernet, Kenney Lu, Jamz Yaneza
@techreport{lunghi:20200218:uncovering:d96f725, author = {Daniel Lunghi and Cedric Pernet and Kenney Lu and Jamz Yaneza}, title = {{Uncovering DRBControl}}, date = {2020-02-18}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-uncovering-DRBcontrol.pdf}, language = {English}, urldate = {2020-04-01} } Uncovering DRBControl
Clambling
2019-12-12Trend MicroFeike Hacquebord, Cedric Pernet, Kenney Lu
@online{hacquebord:20191212:more:a1e84b7, author = {Feike Hacquebord and Cedric Pernet and Kenney Lu}, title = {{More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting}}, date = {2019-12-12}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/more-than-a-dozen-obfuscated-apt33-botnets-used-for-extreme-narrow-targeting/}, language = {English}, urldate = {2020-01-13} } More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting
APT33
2019-03-07Trend MicroCedric Pernet, Daniel Lunghi, Jaromír Hořejší, Joseph Chen
@online{pernet:20190307:new:593e5b1, author = {Cedric Pernet and Daniel Lunghi and Jaromír Hořejší and Joseph Chen}, title = {{New SLUB Backdoor Uses GitHub, Communicates via Slack}}, date = {2019-03-07}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-slub-backdoor-uses-github-communicates-via-slack/}, language = {English}, urldate = {2019-10-18} } New SLUB Backdoor Uses GitHub, Communicates via Slack
SLUB
2018-10-09Trend MicroDaniel Lunghi, Jaromír Hořejší, Cedric Pernet
@techreport{lunghi:20181009:untangling:348f703, author = {Daniel Lunghi and Jaromír Hořejší and Cedric Pernet}, title = {{Untangling the Patchwork Espionage Group}}, date = {2018-10-09}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/tech-brief-untangling-the-patchwork-cyberespionage-group.pdf}, language = {English}, urldate = {2020-01-06} } Untangling the Patchwork Espionage Group
BadNews SocksBot QUILTED TIGER
2017-12-11Trend MicroDaniel Lunghi, Jaromír Hořejší, Cedric Pernet
@online{lunghi:20171211:untangling:5f00f99, author = {Daniel Lunghi and Jaromír Hořejší and Cedric Pernet}, title = {{Untangling the Patchwork Cyberespionage Group}}, date = {2017-12-11}, organization = {Trend Micro}, url = {https://documents.trendmicro.com/assets/tech-brief-untangling-the-patchwork-cyberespionage-group.pdf?platform=hootsuite}, language = {English}, urldate = {2019-10-21} } Untangling the Patchwork Cyberespionage Group
Quasar RAT
2017-07-17Trend MicroLenart Bermejo, Jordan Pan, Cedric Pernet
@online{bermejo:20170717:android:593475f, author = {Lenart Bermejo and Jordan Pan and Cedric Pernet}, title = {{Android Backdoor GhostCtrl can Silently Record Your Audio, Video, and More}}, date = {2017-07-17}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/android-backdoor-ghostctrl-can-silently-record-your-audio-video-and-more/}, language = {English}, urldate = {2020-01-13} } Android Backdoor GhostCtrl can Silently Record Your Audio, Video, and More
GhostCtrl
2017-03-22Trend MicroCedric Pernet
@online{pernet:20170322:winnti:bfd35bc, author = {Cedric Pernet}, title = {{Winnti Abuses GitHub for C&C Communications}}, date = {2017-03-22}, organization = {Trend Micro}, url = {http://blog.trendmicro.com/trendlabs-security-intelligence/winnti-abuses-github/}, language = {English}, urldate = {2019-07-09} } Winnti Abuses GitHub for C&C Communications
Winnti
2017-03-22Trend MicroCedric Pernet
@online{pernet:20170322:winnti:44f428b, author = {Cedric Pernet}, title = {{Winnti Abuses GitHub for C&C Communications}}, date = {2017-03-22}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/winnti-abuses-github/}, language = {English}, urldate = {2020-01-07} } Winnti Abuses GitHub for C&C Communications
EASYNIGHT APT41
2015-09-01Trend MicroCedric Pernet, Eyal Sela
@techreport{pernet:20150901:spy:18a0fca, author = {Cedric Pernet and Eyal Sela}, title = {{The Spy Kittens Are Back:Rocket Kitten 2}}, date = {2015-09-01}, institution = {Trend Micro}, url = {https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-spy-kittens-are-back.pdf}, language = {English}, urldate = {2020-01-10} } The Spy Kittens Are Back:Rocket Kitten 2
Cleaver
2015-09-01Trend MicroCedric Pernet, Eyal Sela
@techreport{pernet:20150901:spy:66fcfab, author = {Cedric Pernet and Eyal Sela}, title = {{The Spy Kittens Are Back: Rocket Kitten 2}}, date = {2015-09-01}, institution = {Trend Micro}, url = {https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-the-spy-kittens-are-back.pdf}, language = {English}, urldate = {2020-01-08} } The Spy Kittens Are Back: Rocket Kitten 2
Rocket Kitten
2015-03-30Trend MicroCedric Pernet, Dark Luo
@online{pernet:20150330:fake:3b24447, author = {Cedric Pernet and Dark Luo}, title = {{Fake Judicial Spam Leads to Backdoor with Fake Certificate Authority}}, date = {2015-03-30}, organization = {Trend Micro}, url = {http://blog.trendmicro.com/trendlabs-security-intelligence/fake-judicial-spam-leads-to-backdoor-with-fake-certificate-authority/}, language = {English}, urldate = {2020-01-10} } Fake Judicial Spam Leads to Backdoor with Fake Certificate Authority
GootKit
2015-03-24Trend MicroCedric Pernet, Kenney Lu
@techreport{pernet:20150324:operation:65e881c, author = {Cedric Pernet and Kenney Lu}, title = {{Operation Woolen-Goldfish: When Kittens Go Phishing}}, date = {2015-03-24}, institution = {Trend Micro}, url = {http://www.trendmicro.it/media/wp/operation-woolen-goldfish-whitepaper-en.pdf}, language = {English}, urldate = {2019-07-09} } Operation Woolen-Goldfish: When Kittens Go Phishing
Ghole Woolger