Categories

Posts by Jérôme Segura

I'm Senior Security Researcher at Malwarebytes where I investigate and uncover various threats and scams. In my spare time, I enjoy tasting some good wines and cheeses. Follow me @jeromesegura.

AskMen.com compromised again

Our honeypot captured an attack coming from AskMen.com in what appears to have been malicious code injected in their server.

A cunning way to deliver malware

PUPs aka potentially unwanted programs continue to be a real nuisance.

A look at a double-dipping advertising network

A malvertising campaign employing stealthy methods of infection ‘double dips’ to make a profit and exploit their victims.

A look at a PayPal phish in the making

With the surge in PayPal phishing emails, this phish PayPal page asks users to use a different browser from Chrome.

A popular website recently suffered a malvertising attack. Malicious ads on legitimate websites are something we’re seeing a lot of these days.

Seldom do we hear of regular documents that actually have been exploited that can deceive many and sneak by your antivirus.

Cyber-criminals interested in Microsoft Azure too

Cyber-crooks continue to use Microsoft Azure’s web hosting service to house phishing websites, like this one targeting Apple users.

A new zero-day affecting Internet Explorer 6 to 11 on all Windows OS discovered. It’s also the first ‘official’ Zero-Day post Windows XP’s EOL.

The infamous Netflix scam resurfaces again along with a AOL, Comcast, CenturyLink, etc phishing pages urging the user to call a 1-800 number.

The Tax Season Tech Support Scam

Fake tech support scammers are now going after people needing help filling their taxes.

Popular adult site beeg[dot]com pushes malware

Popular adult website serving up drive-by download and redirects to an exploit kit.

CanSecWest day 3 Recap

Recap of the third and final day of the CanSecWest conference.

CanSecWest: Day 1 Recap

Malwarebytes is in attendance at the annual CanSecWest conference that began on a sunny day in beautiful (but often rainy) Vancouver, British Columbia.

This isn’t just a a phishing scam targeting Netflix users. A fake notice about your account being suspended leads to a full blown tech support scam.

A security flaw affecting certain versions of iOS and OS X devices lets others eavesdrop on all your HTTPS encrypted traffic.

Adobe Flash Player Zero-Day: details and mitigation

A new vulnerability in Adobe’s Flash Player found.

A new variant of the Zeus/Zbot trojan, dubbed ZeusVM, is using images as a decoy to retrieve its configuration file, and waits to steal banking info.

A new zero-day discovered in Internet Explorer 10 and was used in targeted attacks.

Tech support scams: Show me the money

What misleading tactics or straight out lies do these tech scammers perform once you pay the fee?

Aggressive online ads are redirecting mobile users to App Store or Play Store download page.

Next Page »

Subscribe to our YouTube Channel