Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-09-18Trend MicroJoseph Chen, Jaromír Hořejší
@online{chen:20230918:earth:e01f24c, author = {Joseph Chen and Jaromír Hořejší}, title = {{Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement}}, date = {2023-09-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html}, language = {English}, urldate = {2023-09-18} } Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
SprySOCKS
2023-08-14Trend MicroNathaniel Morales, Joshua Paul Ignacio
@online{morales:20230814:monti:0b3d5e7, author = {Nathaniel Morales and Joshua Paul Ignacio}, title = {{Monti Ransomware Unleashes a New Encryptor for Linux}}, date = {2023-08-14}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/h/monti-ransomware-unleashes-a-new-encryptor-for-linux.html}, language = {English}, urldate = {2023-08-16} } Monti Ransomware Unleashes a New Encryptor for Linux
Monti
2023-08-09Trend MicroTrend Micro Research
@online{research:20230809:overview:973753a, author = {Trend Micro Research}, title = {{An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector}}, date = {2023-08-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/h/an-overview-of-the-new-rhysida-ransomware.html}, language = {English}, urldate = {2023-08-10} } An Overview of the New Rhysida Ransomware Targeting the Healthcare Sector
Rhysida
2023-08-07Trend MicroJunestherry Dela Cruz
@online{cruz:20230807:latest:064e40e, author = {Junestherry Dela Cruz}, title = {{Latest Batloader Campaigns Use Pyarmor Pro for Evasion}}, date = {2023-08-07}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/h/batloader-campaigns-use-pyarmor-pro-for-evasion.html}, language = {English}, urldate = {2023-08-09} } Latest Batloader Campaigns Use Pyarmor Pro for Evasion
BATLOADER
2023-07-21TrendmicroTrend Micro Research
@online{research:20230721:ransomware:3c5345e, author = {Trend Micro Research}, title = {{Ransomware Spotlight: Play}}, date = {2023-07-21}, organization = {Trendmicro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-play}, language = {English}, urldate = {2023-07-24} } Ransomware Spotlight: Play
PLAY
2023-07-14Trend MicroDaniel Lunghi
@online{lunghi:20230714:possible:94fad78, author = {Daniel Lunghi}, title = {{Possible Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad}}, date = {2023-07-14}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/g/supply-chain-attack-targeting-pakistani-government-delivers-shad.html}, language = {English}, urldate = {2023-09-04} } Possible Supply-Chain Attack Targeting Pakistani Government Delivers Shadowpad
ShadowPad
2023-07-13Trend MicroFernando Mercês
@online{mercs:20230713:detecting:41237c5, author = {Fernando Mercês}, title = {{Detecting BPFDoor Backdoor Variants Abusing BPF Filters}}, date = {2023-07-13}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/g/detecting-bpfdoor-backdoor-variants-abusing-bpf-filters.html}, language = {English}, urldate = {2023-07-16} } Detecting BPFDoor Backdoor Variants Abusing BPF Filters
BPFDoor Symbiote
2023-06-06Trend MicroEarle Maui Earnshaw, Nathaniel Morales, Katherine Casona, Don Ovid Ladores
@online{earnshaw:20230606:xollam:289ed56, author = {Earle Maui Earnshaw and Nathaniel Morales and Katherine Casona and Don Ovid Ladores}, title = {{Xollam, the Latest Face of TargetCompany}}, date = {2023-06-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/f/xollam-the-latest-face-of-targetcompany.html}, language = {English}, urldate = {2023-09-13} } Xollam, the Latest Face of TargetCompany
TargetCompany
2023-05-31Trend MicroTrend Micro, Katherine Casona, Ivan Nicole Chavez, Ieriz Nicolle Gonzalez, Jeffrey Francis Bonaobra
@online{micro:20230531:investigating:77b7e51, author = {Trend Micro and Katherine Casona and Ivan Nicole Chavez and Ieriz Nicolle Gonzalez and Jeffrey Francis Bonaobra}, title = {{Investigating BlackSuit Ransomware’s Similarities to Royal}}, date = {2023-05-31}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/e/investigating-blacksuit-ransomwares-similarities-to-royal.html}, language = {English}, urldate = {2023-06-05} } Investigating BlackSuit Ransomware’s Similarities to Royal
BlackSuit BlackSuit
2023-05-30Trend MicroFeike Hacquebord, Stephen Hilt, Fernando Mercês, Lord Alfred Remorin
@online{hacquebord:20230530:void:83fcde4, author = {Feike Hacquebord and Stephen Hilt and Fernando Mercês and Lord Alfred Remorin}, title = {{Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals}}, date = {2023-05-30}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/e/void-rabisu-s-use-of-romcom-backdoor-shows-a-growing-shift-in-th.html}, language = {English}, urldate = {2023-05-30} } Void Rabisu’s Use of RomCom Backdoor Shows a Growing Shift in Threat Actors’ Goals
ROMCOM RAT
2023-05-26Trend MicroSarah Pearl Camiling, Paul John Bardon
@online{camiling:20230526:new:3fe96ae, author = {Sarah Pearl Camiling and Paul John Bardon}, title = {{New Info Stealer Bandit Stealer Targets Browsers, Wallets}}, date = {2023-05-26}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_in/research/23/e/new-info-stealer-bandit-stealer-targets-browsers-wallets.html}, language = {English}, urldate = {2023-08-01} } New Info Stealer Bandit Stealer Targets Browsers, Wallets
Bandit Stealer
2023-05-22Trend MicroMahmoud Zohdy, Sherif Magdy, Mohamed Fahmy, Bahaa Yamany
@online{zohdy:20230522:blackcat:d839f8e, author = {Mahmoud Zohdy and Sherif Magdy and Mohamed Fahmy and Bahaa Yamany}, title = {{BlackCat Ransomware Deploys New Signed Kernel Driver}}, date = {2023-05-22}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/e/blackcat-ransomware-deploys-new-signed-kernel-driver.html}, language = {English}, urldate = {2023-05-23} } BlackCat Ransomware Deploys New Signed Kernel Driver
BlackCat
2023-05-19Trend MicroNitesh Surana, Jaromír Hořejší
@online{surana:20230519:rustbased:b317fcd, author = {Nitesh Surana and Jaromír Hořejší}, title = {{Rust-Based Info Stealers Abuse GitHub Codespaces}}, date = {2023-05-19}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/e/rust-based-info-stealers-abuse-github-codespaces.html}, language = {English}, urldate = {2023-06-01} } Rust-Based Info Stealers Abuse GitHub Codespaces
DeltaStealer
2023-05-09TrendmicroKhristian Joseph Morales, Gilbert Sison
@online{morales:20230509:managed:63d09f1, author = {Khristian Joseph Morales and Gilbert Sison}, title = {{Managed XDR Investigation of Ducktail in Trend Micro Vision One}}, date = {2023-05-09}, organization = {Trendmicro}, url = {https://www.trendmicro.com/en_us/research/23/e/managed-xdr-investigation-of-ducktail-in-trend-micro-vision-one.html}, language = {English}, urldate = {2023-05-11} } Managed XDR Investigation of Ducktail in Trend Micro Vision One
DUCKTAIL
2023-05-02Trend MicroTed Lee, Hara Hiroaki
@online{lee:20230502:attack:c33db79, author = {Ted Lee and Hara Hiroaki}, title = {{Attack on Security Titans: Earth Longzhi Returns With New Tricks}}, date = {2023-05-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/e/attack-on-security-titans-earth-longzhi-returns-with-new-tricks.html}, language = {English}, urldate = {2023-05-04} } Attack on Security Titans: Earth Longzhi Returns With New Tricks
Croxloader SPHijacker
2023-04-28Trend MicroDon Ovid Ladores, Ian Kenefick, Earle Maui Earnshaw
@online{ladores:20230428:rapture:fbc5047, author = {Don Ovid Ladores and Ian Kenefick and Earle Maui Earnshaw}, title = {{Rapture, a Ransomware Family With Similarities to Paradise}}, date = {2023-04-28}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/d/rapture-a-ransomware-family-with-similarities-to-paradise.html}, language = {English}, urldate = {2023-05-03} } Rapture, a Ransomware Family With Similarities to Paradise
Paradise
2023-04-18Trend MicroDon Ovid Ladores
@online{ladores:20230418:analysis:66f6ed6, author = {Don Ovid Ladores}, title = {{An Analysis of the BabLock (aka Rorschach) Ransomware (IoCs)}}, date = {2023-04-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/23/d/an-analysis-of-the-bablock-ransomware-/iocs-an-analysis-of-the-babLock-ransomware.txt}, language = {English}, urldate = {2023-04-25} } An Analysis of the BabLock (aka Rorschach) Ransomware (IoCs)
Rorschach Ransomware
2023-04-18Trend MicroDon Ovid Ladores
@online{ladores:20230418:analysis:311d003, author = {Don Ovid Ladores}, title = {{An Analysis of the BabLock (aka Rorschach) Ransomware}}, date = {2023-04-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/d/an-analysis-of-the-bablock-ransomware.html}, language = {English}, urldate = {2023-04-25} } An Analysis of the BabLock (aka Rorschach) Ransomware
Rorschach Ransomware
2023-03-30Trend MicroTrend Micro Research
@online{research:20230330:developing:2895b8a, author = {Trend Micro Research}, title = {{Developing Story: Information on Attacks Involving 3CX Desktop App}}, date = {2023-03-30}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/c/information-on-attacks-involving-3cx-desktop-app.html}, language = {English}, urldate = {2023-04-02} } Developing Story: Information on Attacks Involving 3CX Desktop App
3CX Backdoor IconicStealer
2023-03-29Trend MicroJaromír Hořejší, Joseph C Chen
@online{hoej:20230329:new:705592f, author = {Jaromír Hořejší and Joseph C Chen}, title = {{New OpcJacker Malware Distributed via Fake VPN Malvertising}}, date = {2023-03-29}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/c/new-opcjacker-malware-distributed-via-fake-vpn-malvertising.html}, language = {English}, urldate = {2023-04-25} } New OpcJacker Malware Distributed via Fake VPN Malvertising
NetSupportManager RAT OpcJacker