Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2020-11-27Trend MicroLuis Magisa, Steven Du
@online{magisa:20201127:new:851ac9b, author = {Luis Magisa and Steven Du}, title = {{New MacOS Backdoor Connected to OceanLotus Surfaces}}, date = {2020-11-27}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/k/new-macos-backdoor-connected-to-oceanlotus-surfaces.html}, language = {English}, urldate = {2020-12-01} } New MacOS Backdoor Connected to OceanLotus Surfaces
OceanLotus APT32
2020-11-24Trend MicroJaromír Hořejší, David Fiser
@online{hoej:20201124:analysis:9e93ede, author = {Jaromír Hořejší and David Fiser}, title = {{Analysis of Kinsing Malware's Use of Rootkit}}, date = {2020-11-24}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/k/analysis-of-kinsing-malwares-use-of-rootkit.html}, language = {English}, urldate = {2020-11-25} } Analysis of Kinsing Malware's Use of Rootkit
Kinsing
2020-11-20Trend MicroAbraham Camba, Bren Matthew Ebriega, Gilbert Sison
@online{camba:20201120:weaponizing:e15699d, author = {Abraham Camba and Bren Matthew Ebriega and Gilbert Sison}, title = {{Weaponizing Open Source Software for Targeted Attacks}}, date = {2020-11-20}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/k/weaponizing-open-source-software-for-targeted-attacks.html}, language = {English}, urldate = {2020-11-23} } Weaponizing Open Source Software for Targeted Attacks
LaZagne Defray PlugX
2020-11-16Trend MicroTrendmicro
@online{trendmicro:20201116:malicious:b459c3f, author = {Trendmicro}, title = {{Malicious Actors Target Comm Apps such as Zoom, Slack, Discord}}, date = {2020-11-16}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/malicious-actors-target-comm-apps-such-as-zoom-slack-discord}, language = {English}, urldate = {2020-11-19} } Malicious Actors Target Comm Apps such as Zoom, Slack, Discord
WebMonitor RAT
2020-11-09Trend MicroZhengyu Dong
@online{dong:20201109:old:5454254, author = {Zhengyu Dong}, title = {{An Old Joker’s New Tricks: Using Github To Hide Its Payload}}, date = {2020-11-09}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/k/an-old-jokers-new-tricks--using-github-to-hide-its-payload.html}, language = {English}, urldate = {2020-11-19} } An Old Joker’s New Tricks: Using Github To Hide Its Payload
Joker
2020-10-28Trend MicroWilliam Gamazo Sanchez, Aliakbar Zahravi, Elliot Cao, Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Joseph C Chen, John Zhang
@online{sanchez:20201028:operation:7f4b906, author = {William Gamazo Sanchez and Aliakbar Zahravi and Elliot Cao and Cedric Pernet and Daniel Lunghi and Jaromír Hořejší and Joseph C Chen and John Zhang}, title = {{Operation Earth Kitsune: A Dance of Two New Backdoors}}, date = {2020-10-28}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/j/operation-earth-kitsune-a-dance-of-two-new-backdoors.html}, language = {English}, urldate = {2020-10-29} } Operation Earth Kitsune: A Dance of Two New Backdoors
AgfSpy DneSpy SLUB
2020-10-19Trend MicroNelson William Gamazo Sanchez, Aliakbar Zahravi, John Zhang, Eliot Cao, Cedric Pernet, Daniel Lunghi, Jaromír Hořejší, Joseph C. Chen
@techreport{sanchez:20201019:operation:e613dd2, author = {Nelson William Gamazo Sanchez and Aliakbar Zahravi and John Zhang and Eliot Cao and Cedric Pernet and Daniel Lunghi and Jaromír Hořejší and Joseph C. Chen}, title = {{Operation Earth Kitsune: Tracking SLUB’s Current Operations}}, date = {2020-10-19}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-operation-earth-kitsune.pdf}, language = {English}, urldate = {2020-10-21} } Operation Earth Kitsune: Tracking SLUB’s Current Operations
SLUB
2020-10-06Trend MicroCedric Pernet
@online{pernet:20201006:french:39018f2, author = {Cedric Pernet}, title = {{French companies Under Attack from Clever BEC Scam}}, date = {2020-10-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/j/french-companies-under-attack-from-clever-bec-scam.html}, language = {English}, urldate = {2020-10-07} } French companies Under Attack from Clever BEC Scam
2020-10-03Trend MicroJaromír Hořejší, Daniel Lunghi, Cedric Pernet, Kazuki Fujisawa
@techreport{hoej:20201003:earth:688aaf8, author = {Jaromír Hořejší and Daniel Lunghi and Cedric Pernet and Kazuki Fujisawa}, title = {{Earth Akhlut: Exploring the Tools, Tactics, and Procedures of an Advanced Threat Actor Operating a Large Infrastructure}}, date = {2020-10-03}, institution = {Trend Micro}, url = {https://vblocalhost.com/uploads/VB2020-Lunghi-Horejsi.pdf}, language = {English}, urldate = {2020-10-06} } Earth Akhlut: Exploring the Tools, Tactics, and Procedures of an Advanced Threat Actor Operating a Large Infrastructure
Dexbia TypeHash
2020-09-22Trend MicroDon Ladores, Raphael Centeno
@online{ladores:20200922:mispadu:8a2a4c1, author = {Don Ladores and Raphael Centeno}, title = {{Mispadu Banking Trojan Resurfaces}}, date = {2020-09-22}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/mispadu-banking-trojan-resurfaces}, language = {English}, urldate = {2020-09-24} } Mispadu Banking Trojan Resurfaces
Mispadu
2020-09-21Trend MicroRaphael Centeno
@online{centeno:20200921:cybercriminals:0dbaa08, author = {Raphael Centeno}, title = {{Cybercriminals Distribute Backdoor With VPN Installer}}, date = {2020-09-21}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/i/wind-up-windscribe-vpn-bundled-with-backdoor.html}, language = {English}, urldate = {2020-09-23} } Cybercriminals Distribute Backdoor With VPN Installer
NjRAT
2020-09-18Trend MicroTrend Micro
@online{micro:20200918:us:7900e6a, author = {Trend Micro}, title = {{U.S. Justice Department Charges APT41 Hackers over Global Cyberattacks}}, date = {2020-09-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/i/u-s--justice-department-charges-apt41-hackers-over-global-cyberattacks.html}, language = {English}, urldate = {2020-09-23} } U.S. Justice Department Charges APT41 Hackers over Global Cyberattacks
Cobalt Strike ColdLock
2020-09-14Trend MicroAprilyn Borja, Abraham Camba, Khristoffer Jocson, Ryan Maglaque, Gilbert Sison, Jay Yaneza
@online{borja:20200914:analysis:36d3fee, author = {Aprilyn Borja and Abraham Camba and Khristoffer Jocson and Ryan Maglaque and Gilbert Sison and Jay Yaneza}, title = {{Analysis of a Convoluted Attack Chain Involving Ngrok}}, date = {2020-09-14}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/i/analysis-of-a-convoluted-attack-chain-involving-ngrok.html}, language = {English}, urldate = {2020-09-23} } Analysis of a Convoluted Attack Chain Involving Ngrok
2020-09-08Trend MicroAugusto Remillano II
@online{ii:20200908:exposed:baa98d4, author = {Augusto Remillano II}, title = {{Exposed Docker Server Abused to Drop Cryptominer, DDoS Bot}}, date = {2020-09-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/20/i/exposed-docker-server-abused-to-drop-cryptominer-ddos-bot-.html}, language = {English}, urldate = {2020-09-23} } Exposed Docker Server Abused to Drop Cryptominer, DDoS Bot
Kaiten
2020-08-13Trend MicroMac Threat Response and Mobile Research Team
@online{team:20200813:xcsset:f962581, author = {Mac Threat Response and Mobile Research Team}, title = {{XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits}}, date = {2020-08-13}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/xcsset-mac-malware-infects-xcode-projects-performs-uxss-attack-on-safari-other-browsers-leverages-zero-day-exploits/}, language = {English}, urldate = {2020-08-19} } XCSSET Mac Malware: Infects Xcode Projects, Performs UXSS Attack on Safari, Other Browsers, Leverages Zero-day Exploits
XCSSET
2020-08-13Trend MicroMac Threat Response and Mobile Research Team
@techreport{team:20200813:xcsset:8783900, author = {Mac Threat Response and Mobile Research Team}, title = {{The XCSSET Malware: Inserts Malicious Code Into Xcode Projects, Performs UXSS Backdoor Planting in Safari, and Leverages Two Zero-day Exploits (Technical Brief)}}, date = {2020-08-13}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/pdf/XCSSET_Technical_Brief.pdf}, language = {English}, urldate = {2020-08-20} } The XCSSET Malware: Inserts Malicious Code Into Xcode Projects, Performs UXSS Backdoor Planting in Safari, and Leverages Two Zero-day Exploits (Technical Brief)
XCSSET
2020-08-06Trend MicroMarshall Chen, Loseway Lu, Yorkbing Yap, Fyodor Yarochkin
@online{chen:20200806:water:e7860e3, author = {Marshall Chen and Loseway Lu and Yorkbing Yap and Fyodor Yarochkin}, title = {{Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts}}, date = {2020-08-06}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/water-nue-campaign-targets-c-suites-office-365-accounts/}, language = {English}, urldate = {2020-08-13} } Water Nue Phishing Campaign Targets C-Suite’s Office 365 Accounts
2020-07-28Trend MicroFernando Mercês
@online{mercs:20200728:mirai:3538243, author = {Fernando Mercês}, title = {{Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902}}, date = {2020-07-28}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/mirai-botnet-exploit-weaponized-to-attack-iot-devices-via-cve-2020-5902/}, language = {English}, urldate = {2020-07-30} } Mirai Botnet Exploit Weaponized to Attack IoT Devices via CVE-2020-5902
Mirai
2020-07-27Trend MicroAliakbar Zahravi
@online{zahravi:20200727:ensiko:fe08ad9, author = {Aliakbar Zahravi}, title = {{Ensiko: A Webshell With Ransomware Capabilities}}, date = {2020-07-27}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/ensiko-a-webshell-with-ransomware-capabilities/}, language = {English}, urldate = {2020-07-30} } Ensiko: A Webshell With Ransomware Capabilities
Ensikology
2020-07-08Trend MicroTrend Micro Threat Research Team
@online{team:20200708:ransomware:90c8636, author = {Trend Micro Threat Research Team}, title = {{Ransomware Report: Avaddon and New Techniques Emerge, Industrial Sector Targeted}}, date = {2020-07-08}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-report-avaddon-and-new-techniques-emerge-industrial-sector-targeted}, language = {English}, urldate = {2020-07-30} } Ransomware Report: Avaddon and New Techniques Emerge, Industrial Sector Targeted
Avaddon Ransomware