Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-04-12Trend MicroRaphael Centeno, Don Ovid Ladores, Lala Manly, Junestherry Salvador, Frankylnn Uy
@online{centeno:20210412:spike:d67dcb0, author = {Raphael Centeno and Don Ovid Ladores and Lala Manly and Junestherry Salvador and Frankylnn Uy}, title = {{A Spike in BazarCall and IcedID Activity Detected in March}}, date = {2021-04-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/d/a-spike-in-bazarcall-and-icedid-activity.html}, language = {English}, urldate = {2021-04-14} } A Spike in BazarCall and IcedID Activity Detected in March
BazarBackdoor IcedID
2021-04-09Trend MicroDaniel Lunghi, Kenney Lu
@online{lunghi:20210409:iron:402e62f, author = {Daniel Lunghi and Kenney Lu}, title = {{Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware}}, date = {2021-04-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/d/iron-tiger-apt-updates-toolkit-with-evolved-sysupdate-malware-va.html}, language = {English}, urldate = {2021-04-09} } Iron Tiger APT Updates Toolkit With Evolved SysUpdate Malware
HyperBro HyperSSL
2021-03-05Trend MicroAdi Peretz, Erick Thek
@online{peretz:20210305:earth:54153f7, author = {Adi Peretz and Erick Thek}, title = {{Earth Vetala – MuddyWater Continues to Target Organizations in the Middle East}}, date = {2021-03-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/c/earth-vetala---muddywater-continues-to-target-organizations-in-t.html}, language = {English}, urldate = {2021-03-10} } Earth Vetala – MuddyWater Continues to Target Organizations in the Middle East
2021-03-04Trend MicroJunestherry Salvador, Don Ovid Ladores, Raphael Centeno
@online{salvador:20210304:new:d226c2a, author = {Junestherry Salvador and Don Ovid Ladores and Raphael Centeno}, title = {{New in Ransomware: AlumniLocker, Humble Feature Different Extortion Techniques}}, date = {2021-03-04}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/c/new-in-ransomware-alumnilocker-humble-feature-different-extortio.html}, language = {English}, urldate = {2021-03-10} } New in Ransomware: AlumniLocker, Humble Feature Different Extortion Techniques
2021-03-01Trend MicroDon Ovid Ladores
@online{ladores:20210301:povlsomware:d683693, author = {Don Ovid Ladores}, title = {{Povlsomware Ransomware Features Cobalt Strike Compatibility}}, date = {2021-03-01}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/c/povlsomware-ransomware-features-cobalt-strike-compatibility.html}, language = {English}, urldate = {2021-04-06} } Povlsomware Ransomware Features Cobalt Strike Compatibility
Povlsomware
2021-02-23Trend MicroByron Gelera, Janus Agcaoili
@online{gelera:20210223:analysis:a4c0c51, author = {Byron Gelera and Janus Agcaoili}, title = {{An Analysis of the Nefilim Ransomware}}, date = {2021-02-23}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/b/nefilim-ransomware.html}, language = {English}, urldate = {2021-02-25} } An Analysis of the Nefilim Ransomware
Nefilim Ransomware
2021-02-09Trend MicroAlfredo Oliveira, David Fiser
@online{oliveira:20210209:threat:79b5467, author = {Alfredo Oliveira and David Fiser}, title = {{Threat actors now target Docker via container escape features}}, date = {2021-02-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/b/threat-actors-now-target-docker-via-container-escape-features.html}, language = {English}, urldate = {2021-02-10} } Threat actors now target Docker via container escape features
2021-02-05Trend MicroRaphael Centeno, Monte de Jesus, Don Ovid Ladores, Junestherry Salvador, Nikko Tamana, Llalum Victoria
@online{centeno:20210205:new:33e89f1, author = {Raphael Centeno and Monte de Jesus and Don Ovid Ladores and Junestherry Salvador and Nikko Tamana and Llalum Victoria}, title = {{New in Ransomware: Seth-Locker, Babuk Locker, Maoloa, TeslaCrypt, and CobraLocker}}, date = {2021-02-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/b/new-in-ransomware.html}, language = {English}, urldate = {2021-02-09} } New in Ransomware: Seth-Locker, Babuk Locker, Maoloa, TeslaCrypt, and CobraLocker
Babuk Ransomware TeslaCrypt
2021-02-02Trend MicroAbraham Camba, Byron Gelera, Catherine Loveria
@online{camba:20210202:finding:67f5c6b, author = {Abraham Camba and Byron Gelera and Catherine Loveria}, title = {{Finding and Decoding Multi-Step Obfuscated Malware}}, date = {2021-02-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/b/finding-multi-step-obfuscated-malware.html}, language = {English}, urldate = {2021-02-09} } Finding and Decoding Multi-Step Obfuscated Malware
2021-01-29Trend MicroTrend Micro
@online{micro:20210129:chopper:6dfb7c6, author = {Trend Micro}, title = {{Chopper ASPX web shell used in targeted attack}}, date = {2021-01-29}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/targeted-attack-using-chopper-aspx-web-shell-exposed-via-managed.html}, language = {English}, urldate = {2021-02-02} } Chopper ASPX web shell used in targeted attack
CHINACHOPPER MimiKatz
2021-01-26Trend MicroTrend Micro Research
@online{research:20210126:examining:c893112, author = {Trend Micro Research}, title = {{Examining a Sodinokibi Attack}}, date = {2021-01-26}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/sodinokibi-ransomware.html}, language = {English}, urldate = {2021-01-27} } Examining a Sodinokibi Attack
REvil
2021-01-25Trend MicroMatsukawa Bakuei, Marshall Chen, Vladimir Kropotov, Loseway Lu, Fyodor Yarochkin
@online{bakuei:20210125:fake:eeac584, author = {Matsukawa Bakuei and Marshall Chen and Vladimir Kropotov and Loseway Lu and Fyodor Yarochkin}, title = {{Fake Office 365 Used for Phishing Attacks on C-Suite Targets}}, date = {2021-01-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/fake-office-365-used-for-phishing-attacks-on-c-suite-targets.html}, language = {English}, urldate = {2021-01-27} } Fake Office 365 Used for Phishing Attacks on C-Suite Targets
2021-01-20Trend MicroGilbert Sison, Abraham Camba, Ryan Maglaque
@online{sison:20210120:xdr:8ea19cc, author = {Gilbert Sison and Abraham Camba and Ryan Maglaque}, title = {{XDR investigation uncovers PlugX, unique technique in APT attack}}, date = {2021-01-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/xdr-investigation-uncovers-plugx-unique-technique-in-apt-attack.html}, language = {English}, urldate = {2021-01-27} } XDR investigation uncovers PlugX, unique technique in APT attack
PlugX
2021-01-19Trend MicroStephen Hilt, Fernando Mercês
@online{hilt:20210119:vpnfilter:7d2a08a, author = {Stephen Hilt and Fernando Mercês}, title = {{VPNFilter Two Years Later: Routers Still Compromised}}, date = {2021-01-19}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/vpnfilter-two-years-later-routers-still-compromised-.html}, language = {English}, urldate = {2021-01-21} } VPNFilter Two Years Later: Routers Still Compromised
elf.vpnfilter
2021-01-06Trend MicroLeandro Froes
@online{froes:20210106:expanding:c61590d, author = {Leandro Froes}, title = {{Expanding Range and Improving Speed: A RansomExx Approach}}, date = {2021-01-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/expanding-range-and-improving-speed-a-ransomexx-approach.html}, language = {English}, urldate = {2021-01-11} } Expanding Range and Improving Speed: A RansomExx Approach
RansomEXX
2021-01-05Trend MicroTrend Micro Research
@online{research:20210105:overview:1f90b7c, author = {Trend Micro Research}, title = {{An Overview of the DoppelPaymer Ransomware}}, date = {2021-01-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/an-overview-of-the-doppelpaymer-ransomware.html}, language = {English}, urldate = {2021-01-11} } An Overview of the DoppelPaymer Ransomware
DoppelPaymer
2021-01-05Trend MicroTrend Micro Research
@online{research:20210105:earth:d7bb547, author = {Trend Micro Research}, title = {{Earth Wendigo Injects JavaScript Backdoor to Service Worker for Mailbox Exfiltration}}, date = {2021-01-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/a/earth-wendigo-injects-javascript-backdoor-to-service-worker-for-.html}, language = {English}, urldate = {2021-01-10} } Earth Wendigo Injects JavaScript Backdoor to Service Worker for Mailbox Exfiltration
Cobalt Strike
2020-12-18Trend MicroDavid Fiser
@online{fiser:20201218:teamtnt:3d5abe1, author = {David Fiser}, title = {{TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger}}, date = {2020-12-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/l/teamtnt-now-deploying-ddos-capable-irc-bot-tntbotinger.html}, language = {English}, urldate = {2020-12-23} } TeamTNT Now Deploying DDoS-Capable IRC Bot TNTbotinger
PerlBot TNTbotinger TeamTNT
2020-12-18Trend MicroMatthew Camacho, Raphael Centeno, Junestherry Salvador
@online{camacho:20201218:negasteal:e5b291f, author = {Matthew Camacho and Raphael Centeno and Junestherry Salvador}, title = {{Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware}}, date = {2020-12-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/negasteal-uses-hastebin-for-fileless-delivery-of-crysis-ransomware}, language = {English}, urldate = {2020-12-26} } Negasteal Uses Hastebin for Fileless Delivery of Crysis Ransomware
Agent Tesla Dharma
2020-12-17Trend MicroFeike Hacquebord, Lord Alfred Remorin
@online{hacquebord:20201217:pawn:0e42861, author = {Feike Hacquebord and Lord Alfred Remorin}, title = {{Pawn Storm’s Lack of Sophistication as a Strategy}}, date = {2020-12-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/l/pawn-storm-lack-of-sophistication-as-a-strategy.html}, language = {English}, urldate = {2020-12-19} } Pawn Storm’s Lack of Sophistication as a Strategy
DriveOcean