Marc-Etienne M.Léveillé

@marc_etienne_

Malware researcher . contributor. co-organiser.

Montréal, Québec
Vrijeme pridruživanja: siječanj 2010.

Tweetovi

Blokirali ste korisnika/cu @marc_etienne_

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @marc_etienne_

  1. Prikvačeni tweet

    Good morning. I've fixed the IDA Pro console for everyone. Have a look:

    Poništi
  2. proslijedio/la je Tweet
    31. sij
    Prikaži ovu nit
    Poništi
  3. proslijedio/la je Tweet
    29. sij

    A fake VeraCrypt installer is distributed from [https://][vera-crypt][.][.com], packing official files from 1.23-Hotfix2 and modified TrueCrypt.exe and TrueCrypt-x64.exe files from 1.23. Seems malicious: it fetches a DLL from [http://]188[.]225[.]35[.]8/getdll.php?x64

    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    23. sij

    Our 2020 CFP is open! The first round closes at the end of the month and we really recommend you apply now for a better chance of being selected. We usually target specific topics in round 2.

    Poništi
  5. proslijedio/la je Tweet
    21. sij

    Today published research that me and my colleges have been hard at work on. For 6 months we ran a factory.

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet
    20. pro 2019.

    () campaign spreading via FB. Post or DM contains link to a malicious archive hosted on Dropbox. First stage is executed upon opening the decoy “document” seemingly related to Vietnam. Beacons to opengroup.homeunix[.]org via HTTPS.

    Poništi
  7. proslijedio/la je Tweet
    19. pro 2019.

    Now live! 🔺The new Apple Security Bounty! 🔺The new Apple Platform Security guide, featuring Mac for the first time! (PDF version: ) 🔺My Black Hat 2019 talk: Happy holidays! 🎄

    Poništi
  8. Too bad I can't attend . Next up is who will be presenting the stuff we dug while investigating the Winnti Group. Your in good hands, he knows a lot about this group :) Cheers to everyone at !

    Poništi
  9. proslijedio/la je Tweet
    2. pro 2019.
    Poništi
  10. proslijedio/la je Tweet
    2. pro 2019.

    Thanks to and other fine folks from ESET, works in IDA 7.4 and Python 3!

    Prikaži ovu nit
    Poništi
  11. proslijedio/la je Tweet
    30. stu 2019.

    We are revisiting a local classic party called the h0h0h0-day for December's MontréHack. Food, booze, secret-santa CTF and more surprises! Mark your 📅: Dec 18th 👀 this place because space is limited Sponsored by !

    Poništi
  12. Test partiellement échoué une fois de plus, un an plus tard. Envoyer un message d'alerte, c'est bien, garder un site avec toute l'information pertinente en ligne durant l'alerte, ce serait important aussi.

    Poništi
  13. proslijedio/la je Tweet
    26. stu 2019.

    After years of relying on click fraud, ad injection, social network fraud and credential stealing, botnet has started to mine . Today, dives deeper into Stantinko's new business model.

    Poništi
  14. My lab, "Hunting Linux Malware for Fun and Flags" was accepted at 2020! Bring your shells and SSH clients, we'll hunt some Linux malware together. There will be fun, and flags🚩! See you in February!

    Poništi
  15. proslijedio/la je Tweet
    19. stu 2019.

    Brief analysis on the Monero compromise - it appears both Linux and Windows versions are affected. Blog: Yara rule:

    Poništi
  16. proslijedio/la je Tweet
    19. stu 2019.

    analyzes an ambitious Latin American banking that utilizes malvertising to target the general public with the goal of monetary and credential theft.

    Poništi
  17. In the case of Industroyer, we shared all the details and a draft analysis with potential victims in January 2017, 6 months prior to the publication. No, they weren’t US-based.

    Prikaži ovu nit
    Poništi
  18. CERTs can issue their advisories based on our publications if they wish using our reports and our plain text IoCs on GitHub (hashes, YARA rules, MISP events, Python scripts, etc).

    Prikaži ovu nit
    Poništi
  19. We also share our reports in advance with multiple organizations including potential victims and law enforcements if it make sense. However, there are 100s of CERTs worldwide, we can’t share it with all of them in a simple way.

    Prikaži ovu nit
    Poništi
  20. Pretty much everything our team does end up on our corporate blog, WeLiveSecurity, where anyone can read articles and download PDFs, without collecting contact information or the number of employees in you organization.

    Prikaži ovu nit
    Poništi
  21. Unlike what some are saying, ESET never withhold research. As a matter of fact, we do not have a paid for service for a feed of "private reports". Maybe this is something that will change with time, but this is the status right now.

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·