Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2021-07-22Trend MicroMickey Jin, Steven Du
@online{jin:20210722:updated:1a824a7, author = {Mickey Jin and Steven Du}, title = {{Updated XCSSET Malware Targets Telegram, Other Apps}}, date = {2021-07-22}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/updated-xcsset-malware-targets-telegram--other-apps.html}, language = {English}, urldate = {2021-07-26} } Updated XCSSET Malware Targets Telegram, Other Apps
XCSSET
2021-07-21Trend MicroZhengyu Dong, Fyodor Yarochkin, Steven Du
@online{dong:20210721:strongpity:f87c7bd, author = {Zhengyu Dong and Fyodor Yarochkin and Steven Du}, title = {{StrongPity APT Group Deploys Android Malware for the First Time}}, date = {2021-07-21}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/strongpity-apt-group-deploys-android-malware-for-the-first-time.html}, language = {English}, urldate = {2021-07-26} } StrongPity APT Group Deploys Android Malware for the First Time
2021-07-20Trend MicroDavid Fiser, Alfredo Oliveira
@techreport{fiser:20210720:tracking:9085bb7, author = {David Fiser and Alfredo Oliveira}, title = {{Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group}}, date = {2021-07-20}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-tracking-the-activities-of-teamTNT.pdf}, language = {English}, urldate = {2021-07-26} } Tracking the Activities of TeamTNT: A Closer Look at a Cloud-Focused Malicious Actor Group
TeamTNT
2021-07-07Trend MicroJoseph C Chen, Kenney Lu, Jaromír Hořejší, Gloria Chen
@online{chen:20210707:biopass:88dcdc2, author = {Joseph C Chen and Kenney Lu and Jaromír Hořejší and Gloria Chen}, title = {{BIOPASS RAT: New Malware Sniffs Victims via Live Streaming}}, date = {2021-07-07}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/biopass-rat-new-malware-sniffs-victims-via-live-streaming.html}, language = {English}, urldate = {2021-07-19} } BIOPASS RAT: New Malware Sniffs Victims via Live Streaming
win.BIOPASS Cobalt Strike Derusbi
2021-07-05Trend MicroAbraham Camba, Catherine Loveria, Ryan Maglaque, Buddy Tancio
@online{camba:20210705:tracking:6ae6ad5, author = {Abraham Camba and Catherine Loveria and Ryan Maglaque and Buddy Tancio}, title = {{Tracking Cobalt Strike: A Trend Micro Vision One Investigation}}, date = {2021-07-05}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/tracking_cobalt_strike_a_vision_one_investigation.html}, language = {English}, urldate = {2021-07-19} } Tracking Cobalt Strike: A Trend Micro Vision One Investigation
Cobalt Strike
2021-07-01Trend MicroWilliam Gamazo Sanchez
@online{sanchez:20210701:purplefox:fb8c3c4, author = {William Gamazo Sanchez}, title = {{PurpleFox Using WPAD to Target Indonesian Users}}, date = {2021-07-01}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/g/purplefox-using-wpad-to-targent-indonesian-users.html}, language = {English}, urldate = {2021-07-02} } PurpleFox Using WPAD to Target Indonesian Users
win.purplefox
2021-06-28Trend MicroTrend Micro
@online{micro:20210628:nefilim:1a904b2, author = {Trend Micro}, title = {{Nefilim Ransomware Attack Through a MITRE Att&ck Lens}}, date = {2021-06-28}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/f/nefilim-modern-ransomware-attack-story.html}, language = {English}, urldate = {2021-07-05} } Nefilim Ransomware Attack Through a MITRE Att&ck Lens
Nefilim
2021-06-22Trend MicroLuis Magisa, Ariel Neimond Lazaro
@online{magisa:20210622:nukesped:533d027, author = {Luis Magisa and Ariel Neimond Lazaro}, title = {{NukeSped Copies Fileless Code From Bundlore, Leaves It Unused}}, date = {2021-06-22}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_hk/research/21/f/nukesped-copies-fileless-code-from-bundlore--leaves-it-unused.html}, language = {English}, urldate = {2021-06-23} } NukeSped Copies Fileless Code From Bundlore, Leaves It Unused
Bundlore
2021-06-17Trend MicroAliakbar Zahravi
@online{zahravi:20210617:bash:de8ec4a, author = {Aliakbar Zahravi}, title = {{Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions}}, date = {2021-06-17}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html}, language = {English}, urldate = {2021-06-21} } Bash Ransomware DarkRadiation Targets Red Hat- and Debian-based Linux Distributions
2021-06-15Trend MicroJanus Agcaoili, Miguel Ang, Earle Earnshaw, Byron Gelera, Nikko Tamana
@online{agcaoili:20210615:ransomware:41013af, author = {Janus Agcaoili and Miguel Ang and Earle Earnshaw and Byron Gelera and Nikko Tamana}, title = {{Ransomware Double Extortion and Beyond: REvil, Clop, and Conti}}, date = {2021-06-15}, organization = {Trend Micro}, url = {https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/ransomware-double-extortion-and-beyond-revil-clop-and-conti}, language = {English}, urldate = {2021-06-21} } Ransomware Double Extortion and Beyond: REvil, Clop, and Conti
Clop Conti REvil
2021-06-08Trend MicroMayra Fuentes, Feike Hacquebord, Stephen Hilt, Ian Kenefick, Vladimir Kropotov, Robert McArdle, Fernando Mercês, David Sancho
@techreport{fuentes:20210608:modern:a5dd52c, author = {Mayra Fuentes and Feike Hacquebord and Stephen Hilt and Ian Kenefick and Vladimir Kropotov and Robert McArdle and Fernando Mercês and David Sancho}, title = {{Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them}}, date = {2021-06-08}, institution = {Trend Micro}, url = {https://documents.trendmicro.com/assets/white_papers/wp-modern-ransomwares-double-extortion-tactics.pdf}, language = {English}, urldate = {2021-06-16} } Modern Ransomware’s Double Extortion Tactics and How to Protect Enterprises Against Them
Nefilim
2021-06-02Trend MicroDaniel Lunghi
@techreport{lunghi:20210602:taking:f1bdefc, author = {Daniel Lunghi}, title = {{Taking Advantage of PE Metadata, or How To Complete Your Favorite Threat Actor’s Sample Collection}}, date = {2021-06-02}, institution = {Trend Micro}, url = {https://www.sstic.org/media/SSTIC2021/SSTIC-actes/Taking_Advantage_of_PE_Metadata_or_How_To_Complete/SSTIC2021-Slides-Taking_Advantage_of_PE_Metadata_or_How_To_Complete_your_Favorite_Threat_Actor_Sample_Collection-lunghi.pdf}, language = {English}, urldate = {2021-06-09} } Taking Advantage of PE Metadata, or How To Complete Your Favorite Threat Actor’s Sample Collection
HyperSSL
2021-06-02Trend MicroDaniel Lunghi
@techreport{lunghi:20210602:taking:49c7b1f, author = {Daniel Lunghi}, title = {{Taking Advantage of PE Metadata,or How To Complete your Favorite ThreatActor’s Sample Collection (Paper)}}, date = {2021-06-02}, institution = {Trend Micro}, url = {https://www.sstic.org/media/SSTIC2021/SSTIC-actes/Taking_Advantage_of_PE_Metadata_or_How_To_Complete/SSTIC2021-Article-Taking_Advantage_of_PE_Metadata_or_How_To_Complete_your_Favorite_Threat_Actor_Sample_Collection-lunghi.pdf}, language = {English}, urldate = {2021-06-11} } Taking Advantage of PE Metadata,or How To Complete your Favorite ThreatActor’s Sample Collection (Paper)
HyperSSL
2021-05-28Trend MicroMina Nalim
@online{nalim:20210528:darkside:5eb7387, author = {Mina Nalim}, title = {{DarkSide on Linux: Virtual Machines Targeted}}, date = {2021-05-28}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/darkside-linux-vms-targeted.html}, language = {English}, urldate = {2021-06-01} } DarkSide on Linux: Virtual Machines Targeted
DarkSide
2021-05-25Trend MicroMagno Logan, David Fiser
@online{logan:20210525:teamtnt:1f700b6, author = {Magno Logan and David Fiser}, title = {{TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack}}, date = {2021-05-25}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/teamtnt-targets-kubernetes--nearly-50-000-ips-compromised.html}, language = {English}, urldate = {2021-06-16} } TeamTNT Targets Kubernetes, Nearly 50,000 IPs Compromised in Worm-like Attack
2021-05-18Trend MicroDavid Fiser, Alfredo Oliveira
@online{fiser:20210518:teamtnts:ecbffb9, author = {David Fiser and Alfredo Oliveira}, title = {{TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software}}, date = {2021-05-18}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/teamtnt-extended-credential-harvester-targets-cloud-services-other-software.html}, language = {English}, urldate = {2021-05-19} } TeamTNT’s Extended Credential Harvester Targets Cloud Services, Other Software
2021-05-12Trend MicroTrend Micro Research
@online{research:20210512:what:cf1638f, author = {Trend Micro Research}, title = {{What We Know About Darkside Ransomware and the US Pipeline Attack}}, date = {2021-05-12}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/what-we-know-about-darkside-ransomware-and-the-us-pipeline-attac.html}, language = {English}, urldate = {2021-05-13} } What We Know About Darkside Ransomware and the US Pipeline Attack
DarkSide
2021-05-06Trend MicroArianne Dela Cruz, Cris Tomboc, Jayson Chong, Nikki Madayag, Sean Torre
@online{cruz:20210506:proxylogon:4920ee4, author = {Arianne Dela Cruz and Cris Tomboc and Jayson Chong and Nikki Madayag and Sean Torre}, title = {{Proxylogon: A Coinminer, a Ransomware, and a Botnet Join the Party}}, date = {2021-05-06}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/proxylogon-a-coinminer--a-ransomware--and-a-botnet-join-the-part.html}, language = {English}, urldate = {2021-05-11} } Proxylogon: A Coinminer, a Ransomware, and a Botnet Join the Party
Prometei BlackKingdom Ransomware CHINACHOPPER Cobalt Strike
2021-05-04Twitter (@TrendMicroRSRCH)Trend Micro Research
@online{research:20210504:n3tw0rm:626085f, author = {Trend Micro Research}, title = {{Tweet on N3tw0rm ransomware, that has started affecting users in Israel.}}, date = {2021-05-04}, organization = {Twitter (@TrendMicroRSRCH)}, url = {https://twitter.com/TrendMicroRSRCH/status/1389422784808378370}, language = {English}, urldate = {2021-05-04} } Tweet on N3tw0rm ransomware, that has started affecting users in Israel.
Pay2Key
2021-05-04Trend MicroMonte de Jesus, Fyodor Yarochkin, Paul Pajares
@online{jesus:20210504:new:38799c6, author = {Monte de Jesus and Fyodor Yarochkin and Paul Pajares}, title = {{New Panda Stealer Targets Cryptocurrency Wallets}}, date = {2021-05-04}, organization = {Trend Micro}, url = {https://www.trendmicro.com/en_us/research/21/e/new-panda-stealer-targets-cryptocurrency-wallets-.html}, language = {English}, urldate = {2021-05-04} } New Panda Stealer Targets Cryptocurrency Wallets
Panda Stealer