Education: M. Sc., Electrical Engineering
Highlights of your career? VP engineering @ tech startup Kryptiva
Malware Researcher @ ESET
Security Intelligence Team Lead @ ESET
Position and history at ESET? Joined ESET as a Malware Researcher in 2010
Co-started ESET Canada office in Montreal in 2011
Currently holding a Security Intelligence Team Lead position in Montreal.
What malware do you hate the most? Festi
Favorite activities? Camping and home improvement projects.
What is your golden rule for cyberspace? Use multiple layers of protection: A-V, hardened browsers & OS, etc.
When did you get your first computer and what kind was it? In 1996, my parents got the family a Pentium 1 @133 Mhz and 16 Mb RAM. 6 months later we even installed a 9600 modem to connect to the Internet.
Favorite computer game/activity? Freecell is awesome.
ESET researchers studied all the malicious frameworks ever reported publicly that have been used to attack air-gapped networks and are releasing a side-by-side comparison of their most important TTPs
Law enforcement and malware research join forces to take down cybercriminals
Technical analysis of Win32/Syndicasec.A, malware active in Nepal and China as far back as 2010, with a JavaScript payload registered in the Windows WMI subsystem and a system of fake blogs to discover its C&C servers, hosted on Tibet-related domains.
The botnet known as Win32/Kelihos keeps on infecting, now touting a YouTube video of the Boston Marathon bombing that comes with a malicious iframe pointing to a Redkit exploit page that infects viewers.
Could distributed denial of service (DDoS) malware be evolving to defeat anti-DDoS security measures like CloudFlare? We do not usually see a lot of innovative denial-of-service malware in our day-to-day work. What we do see usually boils down to the basic flooding techniques: TCP Syn, UDP and ping floods, and sometimes HTTP-oriented floods. Of course,
Malware authors have a solid track record in regards to creative Command and Control protocols. We've seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol).
Malware authors have a solid track record in regards to creative Command and Control protocols. We’ve seen peer-to-peer protocols, some custom (Sality), some standard (Win32/Storm uses the eDonkey P2P protocol). We’ve seen binary protocols (Win32/Peerfrag, aka Palevo). We’ve seen other custom protocols that leverage other standard protocols such as HTTP (Win32/Georbot), DNS (Morto)and IRC (Win32/AutoRun.IRCBot.AK),
The Flashback trojan has been all over the news lately, but it is not the only Mac malware threat out there at the moment. A few weeks ago, we published a technical analysis of OSX/Lamadai.A, the Mac OS X payload of a multi-platform attack exploiting the Java vulnerability CVE-2011-3544 to infect its victims. OSX/Lamadai.A has
Earlier this month, researchers from AlienVault and Intego reported a new malware attack targeting Tibetan NGOs (Non-Governmental Organizations). The attack consisted of luring the victim into visiting a malicious website, which then would drop a malicious payload on the target’s computer using Java vulnerability CVE-2011-3544 and execute it. The webserver would serve a platform-specific JAR
A new variant of Mac information-stealer OSX/Imuler hides itself inside a ZIP archive, right in the middle of an array of erotic pictures.
