vendredi 18 juin 2021

Fake DarkSide Campaign Targets Energy and Food Sectors

Hi all,

I just published this quick one about some opportunistic fraudsters pretending to be the DarkSide threat. Enjoy :-)

vendredi 30 avril 2021

How Cybercriminals Abuse OpenBullet for Credential Stuffing

Hi all,

I just released this one with my colleagues Fyodor & Vlad.

I hope it will raise some awareness on why you should never use the same password on any service/website.

A video can also be found here ;-)

jeudi 3 décembre 2020

Scammers Use Home Addresses of Targets in France

Hi all,

I wrote this one in English but it definitely targets France :

Scammers Use Home Addresses of Targets in France

UPDATE - 2020/12/08 : An interview given in Le Parisien can be read here :

https://www.leparisien.fr/high-tech/arnaque-une-campagne-sophistiquee-de-phishing-promet-des-faux-remboursements-par-darty-08-12-2020-8413129.php

mardi 6 octobre 2020

French companies Under Attack from Clever BEC Scam

Hi all,

Here is my latest blog post about a clever BEC attack that targets a lot of different companies in France:

French companies Under Attack from Clever BEC Scam

Le Monde newspaper published a very nice French article about it here.

Also, the article from Le Figaro.

mardi 18 février 2020

Operation DRBControl Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia

Quite proud of this new publication done with several extremely talented colleagues, thanks Daniel, Jaromir, Jamz, and Kenney :-)

Operation DRBControl - Uncovering a Cyberespionage Campaign Targeting Gambling Companies in Southeast Asia

Full paper is here: https://documents.trendmicro.com/assets/white_papers/wp-uncovering-DRBcontrol.pdf

Hope you will enjoy, and see you soon for another stunning APT research (yes, already working on another... :p) :-)

jeudi 12 décembre 2019

Drilling Deep: A Look at Cyberattacks on the Oil and Gas Industry

Hi all,

I am very proud to provide you with a new paper I wrote in collaboration with my colleague Feike Hacquebord, entitled "Drilling Deep: A Look at Cyberattacks on the Oil and Gas Industry".

Full paper is here.

I hope you will enjoy it ! :-)

jeudi 14 novembre 2019

More than a Dozen Obfuscated APT33 Botnets Used for Extreme Narrow Targeting

Hello there,

I had the pleasure to work with Feike and Kenney on this blog post which reveals an interesting (hopefully) part of APT33's infrastructure.

Hope you'll like it !

mardi 16 juillet 2019

The SLUB guys are back !

The SLUB guys are back !

We detected them from another watering hole, and they updated their malware. More about it here.

As a reminder, we first published about them here

jeudi 13 juin 2019

Advanced Targeted Attack Tools Found Being Used to Distribute Cryptocurrency Miners

Hey there :-)

I just contributed to a new blog post about some cybercriminals using advanced tools to spread a cryptocurrency miner.

The full blog post is here.

Cheers !

jeudi 7 mars 2019

New SLUB Backdoor Uses GitHub, Communicates via Slack

So here is a new blog post. It was a great collaborative work with several of my highly skilled colleagues :-)

It is all about a new malware we discovered recently, used in an APT, and sitting on an interesting watering hole.

vendredi 1 mars 2019

How a Hacking Group is Stealing Popular Instagram Profiles

Well here is a new blog post I published regarding cybercrime, this time mostly around Instagram.

While I have contributed to this blog post, I have to say it was mostly the awesome work of my talented colleague Jindrich. Great work mate ! :-)

mardi 30 octobre 2018

Critical Infrastructures Exposed and at Risk: Energy and Water Industries

I am very proud to be part of that research we published :

https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/exposed-and-vulnerable-critical-infrastructure-the-water-energy-industries

Full paper : https://documents.trendmicro.com/assets/white_papers/wp-exposed-and-vulnerable-critical-infrastructure-the-water-energy-industries.pdf

It was amazing to work with all these colleagues :-)

vendredi 16 mars 2018

Taking Down Fraudulent Domains (Part 2)

So here's the second part of that serie on fraudulent domain monitoring and takedown.

Here.

Hope you'll enjoy :-)

lundi 5 mars 2018

InfoSec Guide: Domain Monitoring — Detecting Phishing Attacks (Part 1)

I just published this one, on domain registration monitoring:

https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/infosec-guide-domain-monitoring-detecting-phishing-attacks

Next one should be published very soon :-)

Hope you'll enjoy :-)

lundi 11 décembre 2017

Untangling the Patchwork Cyberespionage Group

Hi guys,

We released a new technical paper about a known APT threat actor named "Patchwork".

The blog entry is here, while the full paper is there.

Cheers ! :-)

jeudi 21 septembre 2017

New RETADUP Variants Hit South America, Turn To Cryptocurrency Mining

Hi all,

I have written this blog post in collab with my good friends Kenney and Lenart... ;-)

Available HERE.

jeudi 20 juillet 2017

Android Backdoor GhostCtrl can Silently Record Your Audio, Video, and More

Some days ago we published this blog post. It seems that some cybercriminals are heavily using it at the moment to spy audio conversations. I guess it's pretty interesting.

mercredi 22 mars 2017

Winnti Abuses GitHub for C&C Communications

Hi folks,

I've published a new blog post today on Trend Micro's blog. This is once again about some APT campaign, this time showing some of the new modus operandi from a threat actor named Winnti.

It is available here.

mercredi 14 septembre 2016

The French cybercrime underground

Hi all :-)

I just released a new white paper about the whole french cybercrime underground, available here. The full paper is available here.

jeudi 8 septembre 2016

The French Dark Net Is Looking for Grammar Police

New blog post being released, entitled "The French Dark Net Is Looking for Grammar Police". Hope you will enjoy it ;-)

The french cybercrime underground is definitely surprising... ;-)

- page 1 de 4