Tag: jerome segura
-
VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm
When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read for anyone who follows this type of threat. In his latest review , Jérôme writes about a slight reversal of an important shift seen in the past…
-
VB2018 paper: From drive-by download to drive-by mining: understanding the new paradigm
When it comes to web-based threats, Malwarebytes researcher Jérôme Segura is one of the people to follow. His quarterly reviews of the exploit kit landscape are an essential read for anyone who follows this type of threat. In his latest review , Jérôme writes about a slight reversal of an important shift seen in the past…
-
VB2018 preview: Cyber Threat Alliance
Last week, the Cyber Threat Alliance (CTA) published a report on the illicit mining of cryptocurrencies. The report is notable for two reasons: first because it is exceptionally good in its analysis of the problem, and secondly (and perhaps not unrelated) because researchers from no fewer than eight security companies contributed to the report. Though the…
-
VB2018 preview: Cyber Threat Alliance
Last week, the Cyber Threat Alliance (CTA) published a report on the illicit mining of cryptocurrencies. The report is notable for two reasons: first because it is exceptionally good in its analysis of the problem, and secondly (and perhaps not unrelated) because researchers from no fewer than eight security companies contributed to the report. Though the…
-
VB2018 preview: From drive-by download to drive-by mining
“Understanding the new paradigm”, Malwarebytes researcher Jérôme Segura writes in the title of his upcoming VB2018 presentation on drive-by mining. He could hardly have put it more accurately – the rise of malicious cryptocurrency miners is the main security trend of the past 12 months. In the paper , Jérôme will look at those miners that…
-
VB2018 preview: From drive-by download to drive-by mining
“Understanding the new paradigm”, Malwarebytes researcher Jérôme Segura writes in the title of his upcoming VB2018 presentation on drive-by mining. He could hardly have put it more accurately – the rise of malicious cryptocurrency miners is the main security trend of the past 12 months. In the paper , Jérôme will look at those miners that…
-
XMRig used in new macOS cryptominer
Users complaining on Apple ‘s official discussion forum about processes that use a lot of CPU have led to the discovery of a new piece of cryptocurrency-mining malware on macOS that is based on XMRig, Malwarebytes researcher Thomas Reed writes . The open-source XMRig Monero miner is widely used for both benign and malicious purposes.…
-
XMRig used in new macOS cryptominer
Users complaining on Apple ‘s official discussion forum about processes that use a lot of CPU have led to the discovery of a new piece of cryptocurrency-mining malware on macOS that is based on XMRig, Malwarebytes researcher Thomas Reed writes . The open-source XMRig Monero miner is widely used for both benign and malicious purposes.…
-
Patch early, patch often, but don’t blindly trust every ‘patch’
Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of the ‘FakeUpdates’ campaign, where thousands of websites with an out-of-date content management system have been compromised to spread malware. Rather than exploiting vulnerabilities in browsers or browser plug-ins, as…
-
Patch early, patch often, but don’t blindly trust every ‘patch’
Patching is important, but not everything that presents itself as a security patch is safe to install. Malwarebytes researcher Jérôme Segura has written a detailed analysis of the ‘FakeUpdates’ campaign, where thousands of websites with an out-of-date content management system have been compromised to spread malware. Rather than exploiting vulnerabilities in browsers or browser plug-ins, as…