Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-09-29Trend MicroAliakbar Zahravi, William Gamazo Sanchez, Kamlapati Choubey, Peter Girnus
@online{zahravi:20210929:formbook:54b9f08, author = {Aliakbar Zahravi and William Gamazo Sanchez and Kamlapati Choubey and Peter Girnus}, title = {{FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal}}, date = {2021-09-29}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/formbook-adds-latest-office-365-0-day-vulnerability-cve-2021-404.html}, language = {English}, urldate = {2021-10-05} } FormBook Adds Latest Office 365 0-Day Vulnerability (CVE-2021-40444) to Its Arsenal
Formbook
2021-09-27Trend MicroRyan Maglaque, Joelson Soares, Gilbert Sison, Arianne Dela Cruz, Warren Sto.Tomas
@online{maglaque:20210927:fake:e02e3a3, author = {Ryan Maglaque and Joelson Soares and Gilbert Sison and Arianne Dela Cruz and Warren Sto.Tomas}, title = {{Fake Installers Drop Malware and Open Doors for Opportunistic Attackers}}, date = {2021-09-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/fake-installers-drop-malware-and-open-doors-for-opportunistic-attackers.html}, language = {English}, urldate = {2021-10-05} } Fake Installers Drop Malware and Open Doors for Opportunistic Attackers
RedLine Stealer Socelars vidar
2021-09-24Trend MicroWarren Sto.Tomas
@online{stotomas:20210924:examining:9165fe5, author = {Warren Sto.Tomas}, title = {{Examining the Cring Ransomware Techniques}}, date = {2021-09-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/examining-the-cring-ransomware-techniques.html}, language = {English}, urldate = {2021-09-29} } Examining the Cring Ransomware Techniques
Cobalt Strike Cring MimiKatz
2021-09-21Trend MicroNikki Madayag, Josefino Fajilago IV
@online{madayag:20210921:cryptominer:39afc6e, author = {Nikki Madayag and Josefino Fajilago IV}, title = {{Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage}}, date = {2021-09-21}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/cryptominer-z0miner-uses-newly-discovered-vulnerability-cve-2021.html}, language = {English}, urldate = {2021-09-28} } Cryptominer z0Miner Uses Newly Discovered Vulnerability CVE-2021-26084 to Its Advantage
2021-09-20Trend MicroAliakbar Zahravi, William Gamazo Sanchez
@online{zahravi:20210920:water:63df486, author = {Aliakbar Zahravi and William Gamazo Sanchez}, title = {{Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads}}, date = {2021-09-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/Water-Basilisk-Uses-New-HCrypt-Variant-to-Flood-Victims-with-RAT-Payloads.html}, language = {English}, urldate = {2021-09-22} } Water Basilisk Uses New HCrypt Variant to Flood Victims with RAT Payloads
Ave Maria BitRAT LimeRAT Nanocore RAT NjRAT Quasar RAT
2021-09-15Trend MicroMickey Jin
@online{jin:20210915:analyzing:9fb1dec, author = {Mickey Jin}, title = {{Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus (CVE-2021-30860)}}, date = {2021-09-15}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/analyzing-pegasus-spywares-zero-click-iphone-exploit-forcedentry.html}, language = {English}, urldate = {2021-09-19} } Analyzing The ForcedEntry Zero-Click iPhone Exploit Used By Pegasus (CVE-2021-30860)
Chrysaor
2021-09-13Trend MicroJaromír Hořejší, Daniel Lunghi
@online{hoej:20210913:aptc36:d6456f8, author = {Jaromír Hořejší and Daniel Lunghi}, title = {{APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs (IOCs)}}, date = {2021-09-13}, organization = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/i/apt-c-36-updates-its-long-term-spam-campaign-against-south-american-entities-with-commodity-rats/BlindEagleIOCList.txt}, language = {English}, urldate = {2021-09-14} } APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs (IOCs)
AsyncRAT Ave Maria BitRAT Imminent Monitor RAT LimeRAT NjRAT Remcos
2021-09-13Trend MicroJaromír Hořejší, Daniel Lunghi
@online{hoej:20210913:aptc36:9b97238, author = {Jaromír Hořejší and Daniel Lunghi}, title = {{APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs}}, date = {2021-09-13}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/apt-c-36-updates-its-long-term-spam-campaign-against-south-ameri.html}, language = {English}, urldate = {2021-09-14} } APT-C-36 Updates Its Spam Campaign Against South American Entities With Commodity RATs
AsyncRAT Ave Maria BitRAT Imminent Monitor RAT LimeRAT NjRAT Remcos
2021-09-09Trend MicroTrend Micro
@online{micro:20210909:remote:17382af, author = {Trend Micro}, title = {{Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs}}, date = {2021-09-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/i/remote-code-execution-zero-day--cve-2021-40444--hits-windows--tr.html}, language = {English}, urldate = {2021-09-12} } Remote Code Execution 0-Day (CVE-2021-40444) Hits Windows, Triggered Via Office Docs
Cobalt Strike
2021-09-03Trend MicroMohamad Mokbel
@techreport{mokbel:20210903:state:df86499, author = {Mohamad Mokbel}, title = {{The State of SSL/TLS Certificate Usage in Malware C&C Communications}}, date = {2021-09-03}, institution = {Trend Micro}, url = {https://www.trendmicro.com/content/dam/trendmicro/global/en/research/21/i/ssl-tls-technical-brief/ssl-tls-technical-brief.pdf}, language = {English}, urldate = {2021-09-19} } The State of SSL/TLS Certificate Usage in Malware C&C Communications
AdWind ostap AsyncRAT BazarBackdoor BitRAT Buer Chthonic CloudEyE Cobalt Strike DCRat Dridex FindPOS GootKit Gozi IcedID ISFB Nanocore RAT Orcus RAT PandaBanker Qadars QakBot Quasar RAT Rockloader ServHelper Shifu SManager TorrentLocker TrickBot Vawtrak Zeus Zloader
2021-08-25Trend MicroWilliam Gamazo Sanchez, Bin Lin
@online{sanchez:20210825:new:f09ef7d, author = {William Gamazo Sanchez and Bin Lin}, title = {{New Campaign Sees LokiBot Delivered Via Multiple Methods}}, date = {2021-08-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/h/new-campaign-sees-lokibot-delivered-via-multiple-methods.html}, language = {English}, urldate = {2021-08-31} } New Campaign Sees LokiBot Delivered Via Multiple Methods
Loki Password Stealer (PWS)
2021-08-25Trend MicroHara Hiroaki, Ted Lee
@techreport{hiroaki:20210825:earth:776384f, author = {Hara Hiroaki and Ted Lee}, title = {{Earth Baku An APT Group Targeting Indo-Pacific Countries With New Stealth Loaders and Backdoor}}, date = {2021-08-25}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-earth-baku-an-apt-group-targeting-indo-pacific-countries.pdf}, language = {English}, urldate = {2021-08-31} } Earth Baku An APT Group Targeting Indo-Pacific Countries With New Stealth Loaders and Backdoor
Cobalt Strike SideWalk
2021-08-17Trend MicroDaniel Lunghi
@online{lunghi:20210817:confucius:f0f4578, author = {Daniel Lunghi}, title = {{Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military}}, date = {2021-08-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/h/confucius-uses-pegasus-spyware-related-lures-to-target-pakistani.html}, language = {English}, urldate = {2021-08-23} } Confucius Uses Pegasus Spyware-related Lures to Target Pakistani Military
Chrysaor Confucius
2021-08-16Trend MicroJett Paulo Bernardo, Jayson Chong, Nikki Madayag, Mark Marti, Cris Tomboc, Sean Torre, Byron Gelera
@online{bernardo:20210816:lockbit:d709d4c, author = {Jett Paulo Bernardo and Jayson Chong and Nikki Madayag and Mark Marti and Cris Tomboc and Sean Torre and Byron Gelera}, title = {{LockBit Resurfaces With Version 2.0 Ransomware Detections in Chile, Italy, Taiwan, UK}}, date = {2021-08-16}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/h/lockbit-resurfaces-with-version-2-0-ransomware-detections-in-chi.html}, language = {English}, urldate = {2021-08-23} } LockBit Resurfaces With Version 2.0 Ransomware Detections in Chile, Italy, Taiwan, UK
LockBit
2021-08-10Trend MicroMonte de Jesus, Don Ovid Ladores
@online{jesus:20210810:chaos:153f943, author = {Monte de Jesus and Don Ovid Ladores}, title = {{Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications}}, date = {2021-08-10}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/h/chaos-ransomware-a-dangerous-proof-of-concept.html}, language = {English}, urldate = {2021-08-23} } Chaos Ransomware: A Proof of Concept With Potentially Dangerous Applications
Chaos
2021-08-09Trend MicroJaromír Hořejší, Joseph C. Chen
@online{hoej:20210809:cinobi:8d229dc, author = {Jaromír Hořejší and Joseph C. Chen}, title = {{Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising}}, date = {2021-08-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/h/cinobi-banking-trojan-targets-users-of-cryptocurrency-exchanges-.html}, language = {English}, urldate = {2021-08-09} } Cinobi Banking Trojan Targets Cryptocurrency Exchange Users via Malvertising
Cinobi
2021-08-04Trend MicroRyan Maglaque, Jessie Prevost, Joelson Soares, Janus Agcaoili
@online{maglaque:20210804:supply:1b4bee6, author = {Ryan Maglaque and Jessie Prevost and Joelson Soares and Janus Agcaoili}, title = {{Supply Chain Attacks from a Managed Detection and Response Perspective}}, date = {2021-08-04}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/h/supply-chain-attacks-from-a-managed-detection-and-response-persp.html}, language = {English}, urldate = {2021-08-31} } Supply Chain Attacks from a Managed Detection and Response Perspective
REvil
2021-07-27Trend MicroAlfredo Oliveira, David Fiser
@online{oliveira:20210727:threat:dd84d57, author = {Alfredo Oliveira and David Fiser}, title = {{Threat Actors Exploit Misconfigured Apache Hadoop YARN}}, date = {2021-07-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/threat-actors-exploit-misconfigured-apache-hadoop-yarn.html}, language = {English}, urldate = {2021-08-31} } Threat Actors Exploit Misconfigured Apache Hadoop YARN
Kinsing
2021-07-22Trend MicroMickey Jin, Steven Du
@online{jin:20210722:updated:1a824a7, author = {Mickey Jin and Steven Du}, title = {{Updated XCSSET Malware Targets Telegram, Other Apps}}, date = {2021-07-22}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/updated-xcsset-malware-targets-telegram--other-apps.html}, language = {English}, urldate = {2021-07-26} } Updated XCSSET Malware Targets Telegram, Other Apps
XCSSET
2021-07-22Trend MicroKatsuyuki Okamoto
@online{okamoto:20210722:analysis:486a6f2, author = {Katsuyuki Okamoto}, title = {{Analysis of "[Urgent] Damage report regarding the occurrence of cyber attacks, etc. associated with the Tokyo Olympics.exe"}}, date = {2021-07-22}, organization = {Trend Micro}, url = {https://blog.trendmicro.co.jp/archives/28319}, language = {Japanese}, urldate = {2021-08-20} } Analysis of "[Urgent] Damage report regarding the occurrence of cyber attacks, etc. associated with the Tokyo Olympics.exe"
VIGILANT CLEANER