Categories

Posts by Jérôme Segura

I'm Senior Security Researcher at Malwarebytes where I investigate and uncover various threats and scams. In my spare time, I enjoy tasting some good wines and cheeses. Follow me @jeromesegura.

Awareness and education about online dangers is essential but headlines like “Malware That Drains Your Bank Account Thriving On Facebook” instill fear while at the same time blame Facebook — something that may not be entirely justified.

Have you recently seen an ad or received an email from a friend that promoted work-at-home and get-rich-quick schemes?

If you use your debit or credit card to buy groceries or get cash out of an ATM you might want to know that the bad guys could have a piece of it.

Online PC Support Scams: Turning the Tables

You may recall a post I wrote back in April about fake Microsoft phone support calls. I had received a call from scammers whose job was to trick me into buying a bogus program for ‘only’ $299. When they saw I was not willing to pay, they got mad and deleted documents and pictures off […]

New Internet Explorer 8 Zero Day

On the 1st of May (a date which many countries celebrate as Labor Day), the US Department of Labor’s website was hacked. This was described as a watering hole type of attack, aimed at certain people only. The first news reports identified it as an already known and patched Internet Explorer vulnerability until today, when […]

Tech support scams: a look behind the curtain

My previous post about fake support calls from Microsoft generated a lot of reactions. I was quite astounded by how many other people also had similar experiences and that this was still going strong. In this post, we will try to better understand how such companies operate and why despite so many complaints, they are […]

Safeguarding your online accounts against hackers

It is very likely that you or someone you know has had one or multiple of their online accounts hacked into. It happens to everybody: individuals, small and big companies alike, can have disastrous consequences and makes you feel extremely vulnerable. In this post we will talk about some tips to give cyber-criminals a hard(er) […]

Cyber Criminals Never Waste A Tragedy

We are accustomed to seeing criminals take advantage of big events to push malware, so we always keep an eye out for malicious emails or websites. This one was no exception with customized spam messages and malicious links all leading to nasty infections. The emails come with a subject line such as “Aftermath to explosion […]

[ Need assistance? Please consult our Help & Resource Page ]  Have you ever received a call from someone with a heavy Indian accent from Microsoft saying your computer had errors or viruses? The purpose of these calls is to get an easy $299 (or whatever amount they choose) by scaring you into thinking there’s […]

Redkit Exploit Kit does the splits

Exploit Kit authors must really love Java . Not only is it ripe with vulnerabilities but its own language provides a great platform to write and deliver malware in different ways. We are used to seeing encrypted payloads (XOR, AES encryption), applets containing both the exploit itself and the binary payload. Today we will talk […]

We often hear about botnets (networks of infected computers) being used to send out spam, perform Distributed Denial of Service attacks or other nefarious activities by the bad guys. Well, an unidentified researcher thought there was much more that could be done with a botnet and took on an unprecedented mission to map out the […]

New Exploit Kit, Ransomware and AV evasion

Ransomware is still going strong and infecting countless PCs. We happened to stumble upon an interesting sample part of the Urausy family which bypassed detection on all major antivirus products for almost an entire day before slowly being detected. In this post we will give some information on its background (where it came from) and […]

High Exposure

Bill Gates is the latest victim of a series of hacks targeting celebrities and getting their private information exposed to the world. A group of hackers who already published Social Security Numbers, Credit Reports and banking details, addresses etc. for several other high profiles, is still enjoying an undisrupted run. Equifax recently confirmed being breached […]

Dangerous beans: Oracle deep in the storm

Last week security researchers from FireEye discovered a new Java exploit that works against the latest versions of Java (version 6 update 41 and version 7 updated 15) making this a zero-day. The flaw is not just a proof of concept but has been spotted in the wild and it will be just a matter […]

Q&A about ransomware featuring Eric Freyssinet

This week I am talking with Eric Freyssinet, head of a national cybercrime investigative unit in France. We discuss ransomware and cyber crime in general from a researcher/law enforcement point of view. There are several initiatives in place to educate end users about these threats and also how to get rid of them without forking […]

Digital certificates and malware: a dangerous mix

Update (Feb 6th): The digital certificates have been revoked by DigiCert. Update (Feb 4th, 3:44 PM): Egnyte has promptly taken down the illicit account following our call. However, digital signature is still in use. In the past few days we have heard several stories about major corporations getting hacked and their security systems completely bypassed. If […]

Update (1/14/2013) Oracle has issued an emergency patch to be shipped with version 7 update 11. While we are pleased to see a quick turnaround time, we stand by our initial recommendations to disable Java in your browser. This is still the most exploited piece of software and whether it is patched or not still unnecessarily puts you […]

Web Exploits: a bright future ahead

The majority of computers get infected from visiting a specially crafted webpage that exploits one or multiple software vulnerabilities. It could be by clicking a link within an email or simply browsing the net, and it happens silently without any user interaction whatsoever. Vulnerabilities are flaws that exist in various programs and that allow someone to […]

This Christmas time the bad guys will be shopping too

While most folks want a new gaming system, TV, or the latest computer gadget, there is another group of people that are looking for something quite different and definitely not your typical in-store purchase. I’m talking about those people buying stolen online  ”goods” ranging from credit card numbers and email accounts, to paid adult sites […]

From server hack to client side ransomware

Insecure websites are responsible for most malware infections. In this post I will show you how a typical WordPress site that was poorly configured got hacked, leading unsuspecting visitors to a very bad surprise. If you can browse the underlying structure of a site, it is usually not a good sign. It does not mean […]

« Previous PageNext Page »

Subscribe to our YouTube Channel