Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-04-05Trend MicroEarle Maui Earnshaw, Mohamed Fahmy, Ian Kenefick, Ryan Maglaque, Abdelrhman Sharshar, Lucas Silva
@online{earnshaw:20220405:thwarting:af5a4fd, author = {Earle Maui Earnshaw and Mohamed Fahmy and Ian Kenefick and Ryan Maglaque and Abdelrhman Sharshar and Lucas Silva}, title = {{Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload}}, date = {2022-04-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/Thwarting-Loaders-From-SocGholish-to-BLISTERs-LockBit-Payload.html}, language = {English}, urldate = {2022-05-05} } Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
FAKEUPDATES Blister LockBit
2022-04-05Trend MicroEarle Maui Earnshaw, Mohamed Fahmy, Ian Kenefick, Ryan Maglaque, Abdelrhman Sharshar, Lucas Silva
@online{earnshaw:20220405:thwarting:03a6217, author = {Earle Maui Earnshaw and Mohamed Fahmy and Ian Kenefick and Ryan Maglaque and Abdelrhman Sharshar and Lucas Silva}, title = {{Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload (IoCs)}}, date = {2022-04-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/d/thwarting-loaders-from-socgholish-to-blisters-lockbit-payload/iocs-thwarting-loaders-socgholish-blister.txt}, language = {English}, urldate = {2022-05-05} } Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload (IoCs)
FAKEUPDATES Blister LockBit
2022-01-21Trend MicroIan Kenefick
@online{kenefick:20220121:emotet:daddaf1, author = {Ian Kenefick}, title = {{Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware}}, date = {2022-01-21}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/a/emotet-spam-abuses-unconventional-ip-address-formats-spread-malware.html}, language = {English}, urldate = {2022-01-25} } Emotet Spam Abuses Unconventional IP Address Formats to Spread Malware
Emotet
2021-11-23Trend MicroIan Kenefick
@online{kenefick:20211123:bazarloader:794de7c, author = {Ian Kenefick}, title = {{BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors}}, date = {2021-11-23}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/k/bazarloader-adds-compromised-installers-iso-to-arrival-delivery-vectors.html}, language = {English}, urldate = {2021-11-26} } BazarLoader Adds Compromised Installers, ISO to Arrival and Delivery Vectors
BazarBackdoor
2021-11-13Trend MicroIan Kenefick, Vladimir Kropotov
@online{kenefick:20211113:qakbot:3138b93, author = {Ian Kenefick and Vladimir Kropotov}, title = {{QAKBOT Loader Returns With New Techniques and Tools}}, date = {2021-11-13}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/k/qakbot-loader-returns-with-new-techniques-and-tools.html}, language = {English}, urldate = {2021-11-17} } QAKBOT Loader Returns With New Techniques and Tools
QakBot
2021-11-12Trend MicroIan Kenefick, Vladimir Kropotov
@techreport{kenefick:20211112:prelude:781d4d7, author = {Ian Kenefick and Vladimir Kropotov}, title = {{The Prelude to Ransomware: A Look into Current QAKBOT Capabilities and Global Activities}}, date = {2021-11-12}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/pdf/Technical-Brief---The-Prelude-to-Ransomware-A-Look-into-Current-QAKBOT-Capabilities-and-Activity.pdf}, language = {English}, urldate = {2021-11-17} } The Prelude to Ransomware: A Look into Current QAKBOT Capabilities and Global Activities
QakBot
2021-06-08Trend MicroMayra Fuentes, Feike Hacquebord, Stephen Hilt, Ian Kenefick, Vladimir Kropotov, Robert McArdle, Fernando Mercês, David Sancho
@techreport{fuentes:20210608:modern:a5dd52c, author = {Mayra Fuentes and Feike Hacquebord and Stephen Hilt and Ian Kenefick and Vladimir Kropotov and Robert McArdle and Fernando Mercês and David Sancho}, title = {{Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them}}, date = {2021-06-08}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-modern-ransomwares-double-extortion-tactics.pdf}, language = {English}, urldate = {2021-06-16} } Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them
Nefilim
2021-04-05Trend MicroEarle Earnshaw, Mohamed Fahmy, Ian Kenefick, Ryan Maglaque, Abdelrhman Sharshar, Lucas Silva
@online{earnshaw:20210405:thwarting:26d6d77, author = {Earle Earnshaw and Mohamed Fahmy and Ian Kenefick and Ryan Maglaque and Abdelrhman Sharshar and Lucas Silva}, title = {{Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload}}, date = {2021-04-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_no/research/22/d/Thwarting-Loaders-From-SocGholish-to-BLISTERs-LockBit-Payload.html}, language = {English}, urldate = {2022-05-04} } Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
Blister LockBit
2018-09-10Trend MicroIan Kenefick
@online{kenefick:20180910:closer:b2e9b2a, author = {Ian Kenefick}, title = {{A Closer Look at the Locky Poser, PyLocky Ransomware}}, date = {2018-09-10}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/a-closer-look-at-the-locky-poser-pylocky-ransomware/}, language = {English}, urldate = {2020-01-13} } A Closer Look at the Locky Poser, PyLocky Ransomware
PyLocky