Categories

Posts by Jérôme Segura

I'm Senior Security Researcher at Malwarebytes where I investigate and uncover various threats and scams. In my spare time, I enjoy tasting some good wines and cheeses. Follow me @jeromesegura.

The NSA allegedly spent billions of dollars to crack encryption technologies and worked closely with tech companies to insert backdoors in their software.

The Murky Waters Of The Zero-Day Business

The business of Zero Days: what is it and how hackers are taking advantage of them.

Fake Browser Updates Going Rampant

This new trend of fake critical browser updates have been on the rise and it’s getting much more sneakier than when it was introduced.

Multi-pronged attack is not representative of what we normally see in the wild, but we found one and dissected it.

Facebook’s CEO gets hacked after programmer’s bug reports gets ignored.

A new fake Flash Player update appropriately named FlashPlayer11.safariextz was found. After being installed, it will begin to inject very rough advertisements on any website you visit.

A botnet comprised of nearly 25,000 infected computers is attacking login pages of WordPress and Joomla! by performing ‘brute-force attacks’.

This specific Firefox vulnerability is actually cross-platform. In fact, making the malicious code ‘work’ on all platforms is trivial as you only need to get rid of the checks looking for the Windows version.

An Exploit for Mozilla’s Firefox version 17 is making headlines, not simply because it is a zero-day but mainly because it appears to be part of a U.S. government program to uncover the identity of people using the Tor Browser to view child pornography.

Fake Pharma, Malware Target Pinterest

Pinterest has gained a lot of momentum and become one of the highest referral traffic sites for retailers. As such, it is not a big surprise that it is a popular choice for scammers and malware authors.

SMS Scams: How To Defend Yourself

Cyber-crooks are spamming through every avenue they can, hoping to lure their victims into revealing personal information or tricking them with scam SMS text messages.

Apple’s OS X FBI Ransomware Goes Global

Further customizations of the Mac ransom pages discovered today shows the bad guys are busy updating their templates for each country’s police force.

A Q&A about the Mac FBI “ransomware”

For years, Windows users have been plagued by ransomware demanding several hundred dollars to unlock their computers. Now there’s a growing market to attack Macs.

Facebook’s rollout of Graph Search is said to deliver a brand new experience that allows you to get information you would not get from a typical search engine, something like a more ‘wholesome search experience.’

Porn on YouTube Leads to Premium-Rate SMS Scams

Spammers are beating YouTube’s filters to upload pornographic images and tricking people into following a hyperlink to view more. And it comes as a premium-rate SMS, asking for age confirmation when it really is about charging you an expensive fee to view the material.

Ubisoft says its customer data including names, emails and encrypted passwords were accessed by unauthorized third parties and should be considered part of the public domain now.

Fake Opera Browser Update Distributes Ransomware

Following a breach on Opera’s network and using one of its older code-signing certificate to digitally sign a nasty Trojan downloader part of the Zbot family and package it as an update for the Opera browser. An estimated 300 million users may have been infected.

While some attempts have been made by Google, Facebook and the likes to come up with new privacy features in their products whatever hope was left may very well have been shattered with the recent NSA leaks about the PRISM surveillance program.

A Guide to Website Security

Having your own website is hard enough. In addition to adding content, trying to grow your audience, maintaining it, now you have to be cautious of malware possibly being spread through your beloved website?

« Previous PageNext Page »

Subscribe to our YouTube Channel