Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-07-13Trend MicroFernando Mercês
@online{mercs:20230713:detecting:41237c5, author = {Fernando Mercês}, title = {{Detecting BPFDoor Backdoor Variants Abusing BPF Filters}}, date = {2023-07-13}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.html}, language = {English}, urldate = {2023-07-16} } Detecting BPFDoor Backdoor Variants Abusing BPF Filters
BPFDoor Symbiote
2023-05-30Trend MicroFeike Hacquebord, Stephen Hilt, Fernando Mercês, Lord Alfred Remorin
@online{hacquebord:20230530:void:83fcde4, author = {Feike Hacquebord and Stephen Hilt and Fernando Mercês and Lord Alfred Remorin}, title = {{Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals}}, date = {2023-05-30}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/e/void-rabisu-s-use-of-romcom-backdoor-shows-a-growing-shift-in-th.html}, language = {English}, urldate = {2023-05-30} } Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals
ROMCOM RAT
2022-11-08Feike Hacquebord, Stephen Hilt, Fernando Mercês
@online{hacquebord:20221108:deimosc2:961543e, author = {Feike Hacquebord and Stephen Hilt and Fernando Mercês}, title = {{DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework}}, date = {2022-11-08}, url = {https://www.trendmicro.com/en_us/research/22/k/deimosc2-what-soc-analysts-and-incident-responders-need-to-know.html}, language = {English}, urldate = {2023-02-21} } DeimosC2: What SOC Analysts and Incident Responders Need to Know About This C&C Framework
DeimosC2
2022-03-17TrendmicroFeike Hacquebord, Stephen Hilt, Fernando Mercês
@online{hacquebord:20220317:cyclops:14c374f, author = {Feike Hacquebord and Stephen Hilt and Fernando Mercês}, title = {{Cyclops Blink Sets Sights on Asus Routers}}, date = {2022-03-17}, organization = {Trendmicro}, url = {https://www.trendmicro.com/en_us/research/22/c/cyclops-blink-sets-sights-on-asus-routers--.html}, language = {English}, urldate = {2022-03-17} } Cyclops Blink Sets Sights on Asus Routers
CyclopsBlink
2022-03-17TrendmicroFeike Hacquebord, Stephen Hilt, Fernando Mercês
@techreport{hacquebord:20220317:cyclops:dea832b, author = {Feike Hacquebord and Stephen Hilt and Fernando Mercês}, title = {{Cyclops Blink Sets Sights on Asus Routers (Appendix)}}, date = {2022-03-17}, institution = {Trendmicro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/c/cyclops-blink-sets-sights-on-asus-routers/Appendix_Cyclops%20Blink%20Sets%20Sights%20on%20ASUS%20Routers.pdf}, language = {English}, urldate = {2022-03-17} } Cyclops Blink Sets Sights on Asus Routers (Appendix)
CyclopsBlink
2022-01-20Trend MicroStephen Hilt, Fernando Mercês
@techreport{hilt:20220120:backing:9498542, author = {Stephen Hilt and Fernando Mercês}, title = {{Backing Your Backup Defending NAS Devices Against Evolving Threats}}, date = {2022-01-20}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/pdf/wp-backing-your-backup-defending-nas-devices-against-evolving-threats.pdf}, language = {English}, urldate = {2022-01-24} } Backing Your Backup Defending NAS Devices Against Evolving Threats
QNAPCrypt QSnatch
2021-10-15Trend MicroFernando Mercês
@online{mercs:20211015:ransomware:c944933, author = {Fernando Mercês}, title = {{Ransomware Operators Found Using New "Franchise" Business Model}}, date = {2021-10-15}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/j/ransomware-operators-found-using-new-franchise-business-model.html}, language = {English}, urldate = {2021-10-24} } Ransomware Operators Found Using New "Franchise" Business Model
Glupteba IcedID Mount Locker
2021-06-08Trend MicroMayra Fuentes, Feike Hacquebord, Stephen Hilt, Ian Kenefick, Vladimir Kropotov, Robert McArdle, Fernando Mercês, David Sancho
@techreport{fuentes:20210608:modern:a5dd52c, author = {Mayra Fuentes and Feike Hacquebord and Stephen Hilt and Ian Kenefick and Vladimir Kropotov and Robert McArdle and Fernando Mercês and David Sancho}, title = {{Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them}}, date = {2021-06-08}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-modern-ransomwares-double-extortion-tactics.pdf}, language = {English}, urldate = {2021-06-16} } Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them
Nefilim
2021-01-19Trend MicroStephen Hilt, Fernando Mercês
@online{hilt:20210119:vpnfilter:7d2a08a, author = {Stephen Hilt and Fernando Mercês}, title = {{VPNFilter Two Years Later: Routers Still Compromised}}, date = {2021-01-19}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/vpnfilter-two-years-later-routers-still-compromised-.html}, language = {English}, urldate = {2021-01-21} } VPNFilter Two Years Later: Routers Still Compromised
VPNFilter
2020-07-28Trend MicroFernando Mercês
@online{mercs:20200728:mirai:3538243, author = {Fernando Mercês}, title = {{Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902}}, date = {2020-07-28}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902/}, language = {English}, urldate = {2020-07-30} } Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
Mirai
2018-06-07Trend MicroFernando Mercês
@online{mercs:20180607:new:760f179, author = {Fernando Mercês}, title = {{New KillDisk Variant Hits Latin American Financial Organizations Again}}, date = {2018-06-07}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/new-killdisk-variant-hits-latin-american-financial-organizations-again/}, language = {English}, urldate = {2020-01-09} } New KillDisk Variant Hits Latin American Financial Organizations Again
BOOTWRECK
2017-12-14Trend MicroDavid Sancho, Fernando Mercês
@online{sancho:20171214:dissecting:b2287cd, author = {David Sancho and Fernando Mercês}, title = {{Dissecting PRILEX and CUTLET MAKER ATM Malware Families}}, date = {2017-12-14}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/dissecting-prilex-cutlet-maker-atm-malware-families/}, language = {English}, urldate = {2019-12-17} } Dissecting PRILEX and CUTLET MAKER ATM Malware Families
Prilex
2016-09-05Trend MicroFernando Mercês
@online{mercs:20160905:pokmonthemed:6bf567c, author = {Fernando Mercês}, title = {{Pokémon-themed Umbreon Linux Rootkit Hits x86, ARM Systems}}, date = {2016-09-05}, organization = {Trend Micro}, url = {http://blog.trendmicro.com/trendlabs-security-intelligence/pokemon-themed-umbreon-linux-rootkit-hits-x86-arm-systems/}, language = {English}, urldate = {2020-01-10} } Pokémon-themed Umbreon Linux Rootkit Hits x86, ARM Systems
Umbreon
2014-10-27Trend MicroLoucif Kharouni, Feike Hacquebord, Numaan Huq, Jim Gogolinski, Fernando Mercês, Alfred Remorin, Douglas Otis
@techreport{kharouni:20141027:operation:1b13f15, author = {Loucif Kharouni and Feike Hacquebord and Numaan Huq and Jim Gogolinski and Fernando Mercês and Alfred Remorin and Douglas Otis}, title = {{Operation Pawn Storm: Using Decoys to Evade Detection}}, date = {2014-10-27}, institution = {Trend Micro}, url = {https://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-operation-pawn-storm.pdf}, language = {English}, urldate = {2020-09-15} } Operation Pawn Storm: Using Decoys to Evade Detection
Sedreco Seduploader APT28
2014-10Trend MicroLoucif Kharouni, Feike Hacquebord, Numaan Huq, Jim Gogolinski, Fernando Mercês, Alfred Remorin, Douglas Otis
@techreport{kharouni:201410:operation:f1d1705, author = {Loucif Kharouni and Feike Hacquebord and Numaan Huq and Jim Gogolinski and Fernando Mercês and Alfred Remorin and Douglas Otis}, title = {{Operation Pawn Storm: Using Decoys to Evade Detection}}, date = {2014-10}, institution = {Trend Micro}, url = {http://www.trendmicro.com/cloud-content/us/pdfs/security-intelligence/white-papers/wp-operation-pawn-storm.pdf}, language = {English}, urldate = {2019-11-28} } Operation Pawn Storm: Using Decoys to Evade Detection
2014-01-27Trend MicroFernando Mercês
@techreport{mercs:20140127:cpl:3e3d5a8, author = {Fernando Mercês}, title = {{CPL Malware: Malicious Control Panel Items}}, date = {2014-01-27}, institution = {Trend Micro}, url = {https://www.trendmicro.de/cloud-content/us/pdfs/security-intelligence/white-papers/wp-cpl-malware.pdf}, language = {English}, urldate = {2021-11-19} } CPL Malware: Malicious Control Panel Items
Banload Mevade