Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023-03-16Trend MicroCedric Pernet, Jaromír Hořejší, Loseway Lu
@online{pernet:20230316:ipfs:6f479ce, author = {Cedric Pernet and Jaromír Hořejší and Loseway Lu}, title = {{IPFS: A New Data Frontier or a New Cybercriminal Hideout?}}, date = {2023-03-16}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ipfs-a-new-data-frontier-or-a-new-cybercriminal-hideout}, language = {English}, urldate = {2023-03-20} } IPFS: A New Data Frontier or a New Cybercriminal Hideout?
Agent Tesla Formbook RedLine Stealer Remcos
2023-03-01Trend MicroDaniel Lunghi
@online{lunghi:20230301:iron:20d88cd, author = {Daniel Lunghi}, title = {{Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting}}, date = {2023-03-01}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/c/iron-tiger-sysupdate-adds-linux-targeting.html}, language = {English}, urldate = {2023-03-13} } Iron Tiger’s SysUpdate Reappears, Adds Linux Targeting
HyperSSL HyperSSL
2023-02-24Trend MicroBuddy Tancio, Jed Valderama, Catherine Loveria
@online{tancio:20230224:investigating:94d8b43, author = {Buddy Tancio and Jed Valderama and Catherine Loveria}, title = {{Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool}}, date = {2023-02-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/b/investigating-the-plugx-trojan-disguised-as-a-legitimate-windows.html}, language = {English}, urldate = {2023-03-22} } Investigating the PlugX Trojan Disguised as a Legitimate Windows Debugger Tool
PlugX
2023-02-17Trend MicroJoseph C Chen, Jaromír Hořejší
@online{chen:20230217:earth:1066266, author = {Joseph C Chen and Jaromír Hořejší}, title = {{Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack}}, date = {2023-02-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/b/earth-kitsune-delivers-new-whiskerspy-backdoor.html}, language = {English}, urldate = {2023-02-24} } Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
WhiskerSpy
2023-02-16Trend MicroHara Hiroaki, Yuka Higashi, Masaoki Shoji
@online{hiroaki:20230216:invitation:19ecea0, author = {Hara Hiroaki and Yuka Higashi and Masaoki Shoji}, title = {{Invitation to a Secret Event: Uncovering Earth Yako’s Campaigns}}, date = {2023-02-16}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/b/invitation-to-secret-event-uncovering-earth-yako-campaigns.html}, language = {English}, urldate = {2023-02-17} } Invitation to a Secret Event: Uncovering Earth Yako’s Campaigns
MirrorKey TransBox
2023-02-09Trend MicroAliakbar Zahravi, Peter Girnus
@online{zahravi:20230209:enigma:71c3a6f, author = {Aliakbar Zahravi and Peter Girnus}, title = {{Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs}}, date = {2023-02-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/b/enigma-stealer-targets-cryptocurrency-industry-with-fake-jobs.html}, language = {English}, urldate = {2023-02-13} } Enigma Stealer Targets Cryptocurrency Industry with Fake Jobs
Enigma Loader
2023-02-02Trend MicroMohamed Fahmy, Sherif Magdy, Mahmoud Zohdy
@online{fahmy:20230202:new:7d997ea, author = {Mohamed Fahmy and Sherif Magdy and Mahmoud Zohdy}, title = {{New APT34 Malware Targets The Middle East}}, date = {2023-02-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/b/new-apt34-malware-targets-the-middle-east.html}, language = {English}, urldate = {2023-02-03} } New APT34 Malware Targets The Middle East
Karkoff Saitama Backdoor
2023-01-17Trend MicroPeter Girnus, Aliakbar Zahravi
@online{girnus:20230117:earth:f1cba60, author = {Peter Girnus and Aliakbar Zahravi}, title = {{Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures}}, date = {2023-01-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/23/a/earth-bogle-campaigns-target-middle-east-with-geopolitical-lures.html}, language = {English}, urldate = {2023-01-19} } Earth Bogle: Campaigns Target the Middle East with Geopolitical Lures
NjRAT
2022-12-20Trend MicroChristopher Daniel So
@online{so:20221220:raspberry:3d29aad, author = {Christopher Daniel So}, title = {{Raspberry Robin Malware Targets Telecom, Governments}}, date = {2022-12-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/fr_fr/research/22/l/raspberry-robin-malware-targets-telecom-governments.html}, language = {English}, urldate = {2023-03-13} } Raspberry Robin Malware Targets Telecom, Governments
Raspberry Robin Roshtyak
2022-12-12Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20221212:linux:62f9491, author = {David Fiser and Alfredo Oliveira}, title = {{Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT}}, date = {2022-12-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/l/linux-cryptomining-enhanced-via-chaos-rat-.html}, language = {English}, urldate = {2022-12-14} } Linux Cryptocurrency Mining Attacks Enhanced via CHAOS RAT
Chaos
2022-09-14Trend MicroSunil Bharti
@online{bharti:20220914:postexploitation:3baee2f, author = {Sunil Bharti}, title = {{A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities}}, date = {2022-09-14}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/a-post-exploitation-look-at-coinminers-abusing-weblogic-vulnerab.html}, language = {English}, urldate = {2022-09-16} } A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities
Kinsing
2022-09-12Trend MicroNitesh Surana
@online{surana:20220912:security:14e0203, author = {Nitesh Surana}, title = {{Security Breaks: TeamTNT’s DockerHub Credentials Leak}}, date = {2022-09-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/security-breaks-teamtnts-dockerhub-credentials-leak.html}, language = {English}, urldate = {2022-09-19} } Security Breaks: TeamTNT’s DockerHub Credentials Leak
2022-09-08Trend MicroNitesh Surana, David Fiser, Alfredo Oliveira
@online{surana:20220908:how:a5c5cf6, author = {Nitesh Surana and David Fiser and Alfredo Oliveira}, title = {{How Malicious Actors Abuse Native Linux Tools in Attacks}}, date = {2022-09-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html}, language = {English}, urldate = {2022-09-19} } How Malicious Actors Abuse Native Linux Tools in Attacks
2022-09-06Trend MicroDon Ovid Ladores, Lucas Silva, Scott Burden, Janus Agcaoili, Ivan Nicole Chavez, Ian Kenefick, Ieriz Nicolle Gonzalez, Paul Pajares
@online{ladores:20220906:play:9f034be, author = {Don Ovid Ladores and Lucas Silva and Scott Burden and Janus Agcaoili and Ivan Nicole Chavez and Ian Kenefick and Ieriz Nicolle Gonzalez and Paul Pajares}, title = {{Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa}}, date = {2022-09-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html}, language = {English}, urldate = {2022-09-07} } Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa
PLAY
2022-09-02Trend MicroVickie Su, Ted Lee, Nick Dai
@online{su:20220902:buzzing:b0ee3d2, author = {Vickie Su and Ted Lee and Nick Dai}, title = {{Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm}}, date = {2022-09-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/buzzing-in-the-background-bumblebee-a-new-modular-backdoor-evolv.html}, language = {English}, urldate = {2022-09-19} } Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm
2022-09-01Trend MicroTrend Micro
@online{micro:20220901:ransomware:8eda6e4, author = {Trend Micro}, title = {{Ransomware Spotlight Black Basta}}, date = {2022-09-01}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-blackbasta}, language = {English}, urldate = {2022-09-19} } Ransomware Spotlight Black Basta
Black Basta Cobalt Strike MimiKatz QakBot
2022-08-25Trend MicroMohamed Fahmy, Nathaniel Gregory Ragasa, Earle Maui Earnshaw, Bahaa Yamany, Jeffrey Francis Bonaobra, Jay Yaneza
@online{fahmy:20220825:new:62162e8, author = {Mohamed Fahmy and Nathaniel Gregory Ragasa and Earle Maui Earnshaw and Bahaa Yamany and Jeffrey Francis Bonaobra and Jay Yaneza}, title = {{New Golang Ransomware Agenda Customizes Attacks}}, date = {2022-08-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/h/new-golang-ransomware-agenda-customizes-attacks.html}, language = {English}, urldate = {2022-08-30} } New Golang Ransomware Agenda Customizes Attacks
AgendaCrypt
2022-08-25Trend MicroMohamed Fahmy, Nathaniel Gregory Ragasa, Earle Maui Earnshaw, Bahaa Yamany, Jeffrey Francis Bonaobra, Jay Yaneza
@online{fahmy:20220825:new:6f3ec79, author = {Mohamed Fahmy and Nathaniel Gregory Ragasa and Earle Maui Earnshaw and Bahaa Yamany and Jeffrey Francis Bonaobra and Jay Yaneza}, title = {{New Golang Ransomware Agenda Customizes Attacks (IoCs)}}, date = {2022-08-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/new-golang-ransomware-agenda-customizes-attacks/IOCs-blog-New%20Golang%20Ransomware%20Agenda%20Customizes%20Attacks.txt}, language = {English}, urldate = {2022-08-30} } New Golang Ransomware Agenda Customizes Attacks (IoCs)
AgendaCrypt
2022-08-24Trend MicroRyan Soliven, Hitomi Kimura
@online{soliven:20220824:ransomware:a88ee05, author = {Ryan Soliven and Hitomi Kimura}, title = {{Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus}}, date = {2022-08-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html}, language = {English}, urldate = {2022-09-20} } Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
Babuk
2022-08-24Trend MicroRyan Soliven, Hitomi Kimura
@online{soliven:20220824:ransomware:20db707, author = {Ryan Soliven and Hitomi Kimura}, title = {{Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus (IoCs)}}, date = {2022-08-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus/IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt}, language = {English}, urldate = {2022-08-30} } Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus (IoCs)
Babuk