Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2022-09-14Trend MicroSunil Bharti
@online{bharti:20220914:postexploitation:3baee2f, author = {Sunil Bharti}, title = {{A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities}}, date = {2022-09-14}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/a-post-exploitation-look-at-coinminers-abusing-weblogic-vulnerab.html}, language = {English}, urldate = {2022-09-16} } A Post-exploitation Look at Coinminers Abusing WebLogic Vulnerabilities
Kinsing
2022-09-12Trend MicroNitesh Surana
@online{surana:20220912:security:14e0203, author = {Nitesh Surana}, title = {{Security Breaks: TeamTNT’s DockerHub Credentials Leak}}, date = {2022-09-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/security-breaks-teamtnts-dockerhub-credentials-leak.html}, language = {English}, urldate = {2022-09-19} } Security Breaks: TeamTNT’s DockerHub Credentials Leak
2022-09-08Trend MicroNitesh Surana, David Fiser, Alfredo Oliveira
@online{surana:20220908:how:a5c5cf6, author = {Nitesh Surana and David Fiser and Alfredo Oliveira}, title = {{How Malicious Actors Abuse Native Linux Tools in Attacks}}, date = {2022-09-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html}, language = {English}, urldate = {2022-09-19} } How Malicious Actors Abuse Native Linux Tools in Attacks
2022-09-06Trend MicroDon Ovid Ladores, Lucas Silva, Scott Burden, Janus Agcaoili, Ivan Nicole Chavez, Ian Kenefick, Ieriz Nicolle Gonzalez, Paul Pajares
@online{ladores:20220906:play:9f034be, author = {Don Ovid Ladores and Lucas Silva and Scott Burden and Janus Agcaoili and Ivan Nicole Chavez and Ian Kenefick and Ieriz Nicolle Gonzalez and Paul Pajares}, title = {{Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa}}, date = {2022-09-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/play-ransomware-s-attack-playbook-unmasks-it-as-another-hive-aff.html}, language = {English}, urldate = {2022-09-07} } Play Ransomware's Attack Playbook Similar to that of Hive, Nokoyawa
PLAY
2022-09-02Trend MicroVickie Su, Ted Lee, Nick Dai
@online{su:20220902:buzzing:b0ee3d2, author = {Vickie Su and Ted Lee and Nick Dai}, title = {{Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm}}, date = {2022-09-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/i/buzzing-in-the-background-bumblebee-a-new-modular-backdoor-evolv.html}, language = {English}, urldate = {2022-09-19} } Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm
2022-09-01Trend MicroTrend Micro
@online{micro:20220901:ransomware:8eda6e4, author = {Trend Micro}, title = {{Ransomware Spotlight Black Basta}}, date = {2022-09-01}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/ransomware-spotlight/ransomware-spotlight-blackbasta}, language = {English}, urldate = {2022-09-19} } Ransomware Spotlight Black Basta
Black Basta Cobalt Strike MimiKatz QakBot
2022-08-25Trend MicroMohamed Fahmy, Nathaniel Gregory Ragasa, Earle Maui Earnshaw, Bahaa Yamany, Jeffrey Francis Bonaobra, Jay Yaneza
@online{fahmy:20220825:new:62162e8, author = {Mohamed Fahmy and Nathaniel Gregory Ragasa and Earle Maui Earnshaw and Bahaa Yamany and Jeffrey Francis Bonaobra and Jay Yaneza}, title = {{New Golang Ransomware Agenda Customizes Attacks}}, date = {2022-08-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/h/new-golang-ransomware-agenda-customizes-attacks.html}, language = {English}, urldate = {2022-08-30} } New Golang Ransomware Agenda Customizes Attacks
AgendaCrypt
2022-08-25Trend MicroMohamed Fahmy, Nathaniel Gregory Ragasa, Earle Maui Earnshaw, Bahaa Yamany, Jeffrey Francis Bonaobra, Jay Yaneza
@online{fahmy:20220825:new:6f3ec79, author = {Mohamed Fahmy and Nathaniel Gregory Ragasa and Earle Maui Earnshaw and Bahaa Yamany and Jeffrey Francis Bonaobra and Jay Yaneza}, title = {{New Golang Ransomware Agenda Customizes Attacks (IoCs)}}, date = {2022-08-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/new-golang-ransomware-agenda-customizes-attacks/IOCs-blog-New%20Golang%20Ransomware%20Agenda%20Customizes%20Attacks.txt}, language = {English}, urldate = {2022-08-30} } New Golang Ransomware Agenda Customizes Attacks (IoCs)
AgendaCrypt
2022-08-24Trend MicroRyan Soliven, Hitomi Kimura
@online{soliven:20220824:ransomware:a88ee05, author = {Ryan Soliven and Hitomi Kimura}, title = {{Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus}}, date = {2022-08-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus.html}, language = {English}, urldate = {2022-09-20} } Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus
Babuk
2022-08-24Trend MicroTrend Micro
@online{micro:20220824:looking:d8aa41d, author = {Trend Micro}, title = {{Looking into the Void - Targeting Bulletproof Hosts to Block Attacks Early in the Kill Chain}}, date = {2022-08-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/no/security/news/cybercrime-and-digital-threats/looking-into-the-void-probing-a-top-bulletproof-hosting-service}, language = {English}, urldate = {2022-08-30} } Looking into the Void - Targeting Bulletproof Hosts to Block Attacks Early in the Kill Chain
2022-08-24Trend MicroRyan Soliven, Hitomi Kimura
@online{soliven:20220824:ransomware:20db707, author = {Ryan Soliven and Hitomi Kimura}, title = {{Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus (IoCs)}}, date = {2022-08-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/ransomware-actor-abuses-genshin-impact-anti-cheat-driver-to-kill-antivirus/IOCs-blog-Ransomware%20Actor%20Abuses%20Genshin%20Impact%20Anti-Cheat%20Driver%20to%20Kill%20Antivirus.txt}, language = {English}, urldate = {2022-08-30} } Ransomware Actor Abuses Genshin Impact Anti-Cheat Driver to Kill Antivirus (IoCs)
Babuk
2022-08-12Trend MicroDaniel Lunghi, Jaromír Hořejší
@online{lunghi:20220812:iron:c55d0cd, author = {Daniel Lunghi and Jaromír Hořejší}, title = {{Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users}}, date = {2022-08-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/h/irontiger-compromises-chat-app-Mimi-targets-windows-mac-linux-users.html}, language = {English}, urldate = {2022-08-18} } Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users
Rshell HyperBro
2022-08-12Trend MicroDaniel Lunghi, Jaromír Hořejší
@online{lunghi:20220812:iron:38c15d7, author = {Daniel Lunghi and Jaromír Hořejší}, title = {{Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users (IOCs)}}, date = {2022-08-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/22/h/iron-tiger-compromises-chat-application-mimi,-targets-windows,-mac,-and-linux-users/IOCs-IronTiger-compromises-chat-application-mimi-targets-windows-mac-linux-users.txt}, language = {English}, urldate = {2022-08-18} } Iron Tiger Compromises Chat Application Mimi, Targets Windows, Mac, and Linux Users (IOCs)
HyperBro
2022-08-11Trend MicroJaromír Hořejší, Joseph C Chen
@online{hoej:20220811:copperstealer:9382550, author = {Jaromír Hořejší and Joseph C Chen}, title = {{CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies}}, date = {2022-08-11}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/h/copperstealer-distributes-malicious-chromium-browser-extension-steal-cryptocurrencies.html}, language = {English}, urldate = {2022-08-15} } CopperStealer Distributes Malicious Chromium-based Browser Extension to Steal Cryptocurrencies
CopperStealer
2022-08-02Trend MicroNathaniel Morales, Ivan Nicole Chavez, Monte de Jesus, Lala Manly, Nathaniel Gregory Ragasa
@online{morales:20220802:solidbit:a4f9af7, author = {Nathaniel Morales and Ivan Nicole Chavez and Monte de Jesus and Lala Manly and Nathaniel Gregory Ragasa}, title = {{SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant}}, date = {2022-08-02}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/h/solidbit-ransomware-enters-the-raas-scene-and-takes-aim-at-gamer.html}, language = {English}, urldate = {2022-08-08} } SolidBit Ransomware Enters the RaaS Scene and Takes Aim at Gamers and Social Media Users With New Variant
SolidBit
2022-07-29Trend MicroTrend Micro Mobile Team
@online{team:20220729:examining:6d98af2, author = {Trend Micro Mobile Team}, title = {{Examining New DawDropper Banking Dropper and DaaS on the Dark Web}}, date = {2022-07-29}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/g/examining-new-dawdropper-banking-dropper-and-daas-on-the-dark-we.html}, language = {English}, urldate = {2022-08-12} } Examining New DawDropper Banking Dropper and DaaS on the Dark Web
Coper DawDropper
2022-07-27Trend MicroBuddy Tancio, Jed Valderama
@online{tancio:20220727:gootkit:f1c63fa, author = {Buddy Tancio and Jed Valderama}, title = {{Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike}}, date = {2022-07-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/g/gootkit-loaders-updated-tactics-and-fileless-delivery-of-cobalt-strike.html}, language = {English}, urldate = {2022-07-29} } Gootkit Loader’s Updated Tactics and Fileless Delivery of Cobalt Strike
Cobalt Strike GootKit Kronos REvil SunCrypt
2022-07-25Trend MicroIvan Nicole Chavez, Byron Gelera, Katherine Casona, Nathaniel Morales, Ieriz Nicolle Gonzalez, Nathaniel Gregory Ragasa
@online{chavez:20220725:lockbit:a660282, author = {Ivan Nicole Chavez and Byron Gelera and Katherine Casona and Nathaniel Morales and Ieriz Nicolle Gonzalez and Nathaniel Gregory Ragasa}, title = {{LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities}}, date = {2022-07-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/g/lockbit-ransomware-group-augments-its-latest-variant--lockbit-3-.html}, language = {English}, urldate = {2022-08-11} } LockBit Ransomware Group Augments Its Latest Variant, LockBit 3.0, With BlackMatter Capabilities
BlackMatter LockBit
2022-07-21Trend MicroAlfredo Oliveira, David Fiser
@online{oliveira:20220721:alibaba:bef01c3, author = {Alfredo Oliveira and David Fiser}, title = {{Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography}}, date = {2022-07-21}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/g/alibaba-oss-buckets-compromised-to-distribute-malicious-shell-sc.html}, language = {English}, urldate = {2022-07-25} } Alibaba OSS Buckets Compromised to Distribute Malicious Shell Scripts via Steganography
2022-07-20Trend MicroJoelson Soares, Buddy Tancio, Erika Mendoza, Jessie Prevost, Nusrath Iqra
@online{soares:20220720:analyzing:8753d99, author = {Joelson Soares and Buddy Tancio and Erika Mendoza and Jessie Prevost and Nusrath Iqra}, title = {{Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data}}, date = {2022-07-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/22/g/analyzing-penetration-testing-tools-that-threat-actors-use-to-br.html}, language = {English}, urldate = {2022-07-25} } Analyzing Penetration-Testing Tools That Threat Actors Use to Breach Systems and Steal Data