Matthieu Faou

Education:Ingénieur civil at Mines Nancy / M. Sc. in Computer Engineering at Polytechnique Montréal

Position and history at ESET: I joined ESET in august 2016 as a Malware Researcher.

Favorite activities: Running, cycling, skiing.

What is your golden rule for cyberspace? Use your critical mindset.

Latest Articles

ESET research

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

ESET research

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET research

MoustachedBouncer: Espionage against foreign diplomats in Belarus

ESET research

Asylum Ambuscade: crimeware or cyberespionage?

22 articles by Matthieu Faou

ESET research

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

ESET research

Operation Texonto: Information operation targeting Ukrainian speakers in the context of the war

A mix of PSYOPs, espionage and … fake Canadian pharmacies!

Matthieu Faou • 21 Feb 2024 • 11 min. read

ESET research

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET research

Winter Vivern exploits zero-day vulnerability in Roundcube Webmail servers

ESET Research recommends updating Roundcube Webmail to the latest available version as soon as possible

Matthieu Faou • 25 Oct 2023 • 4 min. read

ESET research

MoustachedBouncer: Espionage against foreign diplomats in Belarus

ESET research

MoustachedBouncer: Espionage against foreign diplomats in Belarus

Long-term espionage against diplomats, leveraging email-based C&C protocols, C++ modular backdoors, and adversary-in-the-middle (AitM) attacks… Sounds like the infamous Turla? Think again!

Matthieu Faou • 10 Aug 2023 • 22 min. read

ESET research

Asylum Ambuscade: crimeware or cyberespionage?

ESET research

Asylum Ambuscade: crimeware or cyberespionage?

A curious case of a threat actor at the border between crimeware and cyberespionage

Matthieu Faou • 08 Jun 2023 • 9 min. read

ESET research

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET research

A lookback under the TA410 umbrella: Its cyberespionage TTPs and activity

ESET researchers reveal a detailed profile of TA410: we believe this cyberespionage umbrella group consists of three different teams using different toolsets, including a new version of the FlowCloud espionage backdoor discovered by ESET.

Alexandre Côté Cyr and Matthieu Faou • 27 Apr 2022 • 33 min. read

ESET research

Strategic web compromises in the Middle East with a pinch of Candiru

ESET research

Strategic web compromises in the Middle East with a pinch of Candiru

ESET researchers have discovered strategic web compromise (aka watering hole) attacks against high-profile websites in the Middle East

Matthieu Faou • 16 Nov 2021 • 11 min. read

ESET research

FamousSparrow: A suspicious hotel guest

ESET research

FamousSparrow: A suspicious hotel guest

Yet another APT group that exploited the ProxyLogon vulnerability in March 2021

Tahseen Bin Taj and Matthieu Faou • 23 Sep 2021 • 7 min. read

ESET research

Gelsemium: When threat actors go gardening

ESET research

Gelsemium: When threat actors go gardening

ESET researchers shed light on new campaigns from the quiet Gelsemium group

Matthieu Faou and Thomas Dupuy • 09 Jun 2021 • 4 min. read

ESET research

Exchange servers under siege from at least 10 APT groups

ESET research

Exchange servers under siege from at least 10 APT groups

ESET Research has found LuckyMouse, Tick, Winnti Group, and Calypso, among others, are likely using the recent Microsoft Exchange vulnerabilities to compromise email servers all around the world

Matthieu Faou, Thomas Dupuy, Mathieu Tartare • 10 Mar 2021 • 15 min. read