Marc-Etienne M.Léveillé
@marc_etienne_
Followers
3K
Following
3K
Statuses
828
Security stuff @Google (Previously @ESETresearch). Montréal security: @NorthSec_io // @MontreHack. Father of two. VE2XME https://t.co/ahEQ1MJEaF
Montréal, Québec
Joined January 2010
I am looking forward to build stuff in Google TAG with new colleagues and wish ESET and its impressively good research team the best for the future,✌️.
3
0
15
If you are curious about our research, and to understand how a botnet of Linux servers has been around for 15 years stealing credit cards and cryptocurrency, and mangling HTTP traffic, the paper is available here:
1
3
13
RT @ESETresearch: It seems a malicious Pidgin plugin isn’t the only way the perpetrators are spreading malware. Cradle, an instant messagin…
0
19
0
RT @ESETresearch: A few days ago, Pidgin Instant Messenger @impidgin published a notification about a malicious plugin (ScreenShareOTR) fou…
0
33
0
RT @matthieu_faou: We are looking for a strategic threat intel analyst to join @ESETresearch. Interested in cyber-espionage and geopolitics…
0
42
0
Looks like Apple’s dyld team implemented my suggested fix as-is 🙌 I’m guessing the change might not be backported to avoid breaking anything that might depend on the previous behaviour.
Apple's macho_best_slice API worked for them but was broken for all else 🤦🏻♂️ I detailed this flaw in a blog post in Feb. & included a proposed fix (via @marc_etienne_) Reversing libdyld.dylib on macOS 15 (beta) we see that Apple has fixed it in exactly this proposed manner!🥹
0
0
7
RT @kenshirriff: To use the Montreal subway, you tap a paper ticket against the turnstile and it opens. But how does it work? And how can t…
0
2K
0
Today at 1pm EST I will be presenting @NorthSec_io some of our findings on Ebury, a server-side Linux botnet that compromised 400k servers in the last 15 years for financial gain. See you there or online! #nsec24
#Breaking #ESETresearch releases a paper about Ebury, among the most advanced server-side Linux malware, which was deployed to 400,000 servers over the course of 15 years, primarily for financial gain. @marc_etienne_ 1/8
1
5
18
This week we @ESETResearch published a very dense report on one of the most complex Linux server-side threat, Ebury. We uncovered some of the tactics used to monetize this huge botnet, and try to explain how this threat is able to stay under the radar.
#Breaking #ESETresearch releases a paper about Ebury, among the most advanced server-side Linux malware, which was deployed to 400,000 servers over the course of 15 years, primarily for financial gain. @marc_etienne_ 1/8
0
2
13
RT @ESETresearch: #Breaking #ESETresearch releases a paper about Ebury, among the most advanced server-side Linux malware, which was deploy…
0
86
0
RT @ESETresearch: #ESETResearch is releasing Nimfilt, an #IDAPro plugin to help reverse engineering #Nim malware – a language increasingly…
0
65
0
@patrickwardle Thank you :) 🙏 I'm sure the whole @ESETresearch team will appreciate your comment, so I will pass it along. Most of the credit for this research goes to my colleagues @0xfmz and Anh Ho. I just helped a bit with the macOS part.
0
0
1
Startup idea: WAF for VPN appliances
It can’t say it often enough: don’t expose your hardened VPN appliances to the Internet
0
0
2
0
0
1