Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-06-08Trend MicroDon Ovid Ladores
@online{ladores:20220608:cuba:2b4a6df, author = {Don Ovid Ladores}, title = {{Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques}}, date = {2022-06-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/f/cuba-ransomware-group-s-new-variant-found-using-optimized-infect.html}, language = {English}, urldate = {2022-06-09} } Cuba Ransomware Group’s New Variant Found Using Optimized Infection Techniques
Cuba
2022-06-06Trend MicroTrend Micro
@online{micro:20220606:closing:7414aab, author = {Trend Micro}, title = {{Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme}}, date = {2022-06-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/f/closing-the-door-deadbolt-ransomware-locks-out-vendors-with-mult.html}, language = {English}, urldate = {2022-06-09} } Closing the Door: DeadBolt Ransomware Locks Out Vendors With Multitiered Extortion Scheme
DEADBOLT
2022-06-02Trend MicroIeriz Nicolle Gonzalez, Nathaniel Morales, Monte de Jesus
@online{gonzalez:20220602:yourcyanide:0e8d1cb, author = {Ieriz Nicolle Gonzalez and Nathaniel Morales and Monte de Jesus}, title = {{YourCyanide: A CMD-Based Ransomware With Multiple Layers of Obfuscation}}, date = {2022-06-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/f/yourcyanide-a-cmd-based-ransomware.html}, language = {English}, urldate = {2022-06-07} } YourCyanide: A CMD-Based Ransomware With Multiple Layers of Obfuscation
YourCyanide
2022-05-25Trend MicroArianne Dela Cruz, Byron Gelera, McJustine De Guzman, Warren Sto.Tomas
@online{cruz:20220525:new:43d8257, author = {Arianne Dela Cruz and Byron Gelera and McJustine De Guzman and Warren Sto.Tomas}, title = {{New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices}}, date = {2022-05-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/new-linux-based-ransomware-cheerscrypt-targets-exsi-devices.html}, language = {English}, urldate = {2022-05-29} } New Linux-Based Ransomware Cheerscrypt Targets ESXi Devices
2022-05-23Trend MicroMatsugaya Shingo
@online{shingo:20220523:lockbit:8d0fff2, author = {Matsugaya Shingo}, title = {{LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022}}, date = {2022-05-23}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-by-the-numbers/lockbit-conti-and-blackcat-lead-pack-amid-rise-in-active-raas-and-extortion-groups-ransomware-in-q1-2022}, language = {English}, urldate = {2022-05-24} } LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022
BlackCat Conti LockBit
2022-05-23Trend MicroTrend Micro Research
@techreport{research:20220523:lockbit:6eb72ce, author = {Trend Micro Research}, title = {{LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022 (PDF)}}, date = {2022-05-23}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/pdf/datasheet-ransomware-in-Q1-2022.pdf}, language = {English}, urldate = {2022-05-29} } LockBit, Conti, and BlackCat Lead Pack Amid Rise in Active RaaS and Extortion Groups: Ransomware in Q1 2022 (PDF)
BlackCat Conti LockBit
2022-05-19Trend MicroAdolph Christian Silverio, Jeric Miguel Abordo, Khristian Joseph Morales, Maria Emreen Viray
@online{silverio:20220519:bruised:f5c6775, author = {Adolph Christian Silverio and Jeric Miguel Abordo and Khristian Joseph Morales and Maria Emreen Viray}, title = {{Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware}}, date = {2022-05-19}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/bruised-but-not-broken--the-resurgence-of-the-emotet-botnet-malw.html}, language = {English}, urldate = {2022-05-25} } Bruised but Not Broken: The Resurgence of the Emotet Botnet Malware
Emotet QakBot
2022-05-18Trend MicroBuddy Tancio, Jed Valderama
@online{tancio:20220518:uncovering:2ee6eb7, author = {Buddy Tancio and Jed Valderama}, title = {{Uncovering a Kingminer Botnet Attack Using Trend Micro™ Managed XDR}}, date = {2022-05-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/uncovering-a-kingminer-botnet-attack-using-trend-micro-managed-x.html}, language = {English}, urldate = {2022-05-25} } Uncovering a Kingminer Botnet Attack Using Trend Micro™ Managed XDR
Kingminer
2022-05-17Trend MicroTrend Micro Research
@online{research:20220517:ransomware:7b86339, author = {Trend Micro Research}, title = {{Ransomware Spotlight: RansomEXX}}, date = {2022-05-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-ransomexx}, language = {English}, urldate = {2022-05-25} } Ransomware Spotlight: RansomEXX
LaZagne Cobalt Strike IcedID MimiKatz PyXie RansomEXX TrickBot
2022-05-16Trend MicroCifer Fang, Ford Qin, Zhengyu Dong
@online{fang:20220516:fake:f395f7d, author = {Cifer Fang and Ford Qin and Zhengyu Dong}, title = {{Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys}}, date = {2022-05-16}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/fake-mobile-apps-steal-facebook-credentials--crypto-related-keys.html}, language = {English}, urldate = {2022-05-17} } Fake Mobile Apps Steal Facebook Credentials, Cryptocurrency-Related Keys
FaceStealer
2022-05-09Trend MicroIeriz Nicolle Gonzalez, Ivan Nicole Chavez, Katherine Casona, Nathaniel Morales
@online{gonzalez:20220509:examining:c372e74, author = {Ieriz Nicolle Gonzalez and Ivan Nicole Chavez and Katherine Casona and Nathaniel Morales}, title = {{Examining the Black Basta Ransomware’s Infection Routine}}, date = {2022-05-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/examining-the-black-basta-ransomwares-infection-routine.html}, language = {English}, urldate = {2022-05-17} } Examining the Black Basta Ransomware’s Infection Routine
Black Basta
2022-05-05Trend MicroAliakbar Zahravi, Leandro Froes, Trend Micro Research
@online{zahravi:20220505:netdooka:93197bf, author = {Aliakbar Zahravi and Leandro Froes and Trend Micro Research}, title = {{NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service}}, date = {2022-05-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/netdooka-framework-distributed-via-privateloader-ppi.html}, language = {English}, urldate = {2022-05-05} } NetDooka Framework Distributed via PrivateLoader Malware as Part of Pay-Per-Install Service
NetDooka PrivateLoader
2022-05-02Trend MicroChristoper Ordonez, Alvin Nieto
@online{ordonez:20220502:avoslocker:3e0cddd, author = {Christoper Ordonez and Alvin Nieto}, title = {{AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell}}, date = {2022-05-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/e/avoslocker-ransomware-variant-abuses-driver-file-to-disable-anti-Virus-scans-log4shell.html}, language = {English}, urldate = {2022-05-04} } AvosLocker Ransomware Variant Abuses Driver File to Disable Anti-Virus, Scans for Log4shell
AvosLocker
2022-04-27Trend MicroDaniel Lunghi, Jaromír Hořejší
@online{lunghi:20220427:new:9068f6e, author = {Daniel Lunghi and Jaromír Hořejší}, title = {{New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware}}, date = {2022-04-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/new-apt-group-earth-berberoka-targets-gambling-websites-with-old.html}, language = {English}, urldate = {2022-05-04} } New APT Group Earth Berberoka Targets Gambling Websites With Old and New Malware
AsyncRAT Ghost RAT PlugX Quasar RAT
2022-04-26Trend MicroRyan Flores, Stephen Hilt, Lord Alfred Remorin
@online{flores:20220426:how:28d9476, author = {Ryan Flores and Stephen Hilt and Lord Alfred Remorin}, title = {{How Cybercriminals Abuse Cloud Tunneling Services}}, date = {2022-04-26}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/how-cybercriminals-abuse-cloud-tunneling-services}, language = {English}, urldate = {2022-05-03} } How Cybercriminals Abuse Cloud Tunneling Services
AsyncRAT Cobalt Strike DarkComet Meterpreter Nanocore RAT
2022-04-20Trend MicroNitesh Surana, Ashish Verma
@online{surana:20220420:analyzing:e777903, author = {Nitesh Surana and Ashish Verma}, title = {{Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners}}, date = {2022-04-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/spring4shell-exploited-to-deploy-cryptocurrency-miners.html}, language = {English}, urldate = {2022-05-04} } Analyzing Attempts to Exploit the Spring4Shell Vulnerability CVE-2022-22965 to Deploy Cryptocurrency Miners
2022-04-18Trend MicroLucas Silva, Leandro Froes
@online{silva:20220418:investigation:a2d3046, author = {Lucas Silva and Leandro Froes}, title = {{An Investigation of the BlackCat Ransomware via Trend Micro Vision One}}, date = {2022-04-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/an-investigation-of-the-blackcat-ransomware.html}, language = {English}, urldate = {2022-04-20} } An Investigation of the BlackCat Ransomware via Trend Micro Vision One
BlackCat
2022-04-08Trend MicroDeep Patel, Nitesh Surana, Ashish Verma
@online{patel:20220408:cve202222965:53968ea, author = {Deep Patel and Nitesh Surana and Ashish Verma}, title = {{CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware}}, date = {2022-04-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/cve-2022-22965-analyzing-the-exploitation-of-spring4shell-vulner.html}, language = {English}, urldate = {2022-04-13} } CVE-2022-22965: Analyzing the Exploitation of Spring4Shell Vulnerability in Weaponizing and Executing the Mirai Botnet Malware
Mirai
2022-04-05Trend MicroEarle Maui Earnshaw, Mohamed Fahmy, Ian Kenefick, Ryan Maglaque, Abdelrhman Sharshar, Lucas Silva
@online{earnshaw:20220405:thwarting:03a6217, author = {Earle Maui Earnshaw and Mohamed Fahmy and Ian Kenefick and Ryan Maglaque and Abdelrhman Sharshar and Lucas Silva}, title = {{Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload (IoCs)}}, date = {2022-04-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/d/thwarting-loaders-from-socgholish-to-blisters-lockbit-payload/iocs-thwarting-loaders-socgholish-blister.txt}, language = {English}, urldate = {2022-05-05} } Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload (IoCs)
FAKEUPDATES Blister LockBit
2022-04-05Trend MicroEarle Maui Earnshaw, Mohamed Fahmy, Ian Kenefick, Ryan Maglaque, Abdelrhman Sharshar, Lucas Silva
@online{earnshaw:20220405:thwarting:af5a4fd, author = {Earle Maui Earnshaw and Mohamed Fahmy and Ian Kenefick and Ryan Maglaque and Abdelrhman Sharshar and Lucas Silva}, title = {{Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload}}, date = {2022-04-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/d/Thwarting-Loaders-From-SocGholish-to-BLISTERs-LockBit-Payload.html}, language = {English}, urldate = {2022-05-05} } Thwarting Loaders: From SocGholish to BLISTER’s LockBit Payload
FAKEUPDATES Blister LockBit