Jérôme Segura
@jeromesegura.com
📤 129
📥 92
📝 67
Security researcher with a special interest for web threats.
reposted by
Jérôme Segura
Max Hils
8 months ago
mitmproxy 12 is out! 🚀 It’s now possible to modify the prettified representation of binary protocols. Editing Protobufs is now as easy as editing YAML, no .proto schema needed. 🙌
mitmproxy.org/posts/releas...
loading . . .
Mitmproxy 12: Interactive Contentviews
https://mitmproxy.org/posts/releases/mitmproxy-12/
1
8
7
reposted by
Jérôme Segura
Brad
8 months ago
2025-04-22 (Tuesday): Always fun to find the fake CAPTCHA pages with the "ClickFix" style instructions trying to convince viewers to infect their computers with malware. Saw
#StealC
from an infection today. Indicators at
github.com/malware-traf...
0
1
2
Crooks doing quality control the hard way 😂 console.log("!!!WORKING!!!")
#skimming
#ecommerce
9 months ago
0
2
0
reposted by
Jérôme Segura
EricLaw 🎻
9 months ago
“Attack techniques so stupid, they can’t possibly succeed… except they do!”, The Unwitting Accomplice
textslashplain.com/2024/06/04/a...
loading . . .
Attack Techniques: Trojaned Clipboard
Today in “Attack techniques so stupid, they can’t possibly succeed… except they do!” — the trojan clipboard technique. The attacking website convinces the victim user …
https://textslashplain.com/2024/06/04/attack-techniques-trojaned-clipboard/
0
6
2
reposted by
Jérôme Segura
EricLaw 🎻
9 months ago
Understanding (and debugging) SmartScreen/Network Protection
textslashplain.com/2025/04/07/u...
loading . . .
Understanding SmartScreen and Network Protection
The vast majority of cyberthreats arrive via one of two related sources: That means that combining network-level sensors and throttles with threat intelligence (which sites deliver attacks), securi…
https://textslashplain.com/2025/04/07/understanding-smartscreen-and-network-protection/
1
15
9
reposted by
Jérôme Segura
Squiblydoo
9 months ago
Fake PuTTy, signed "Eptins Enterprises Llp" Sets scheduled task "Security Updater" and checks into IP address: 185.196.10.127 Triage:
tria.ge/250401-wnbad...
www.virustotal.com/gui/file/7ca...
@jeromesegura.com
0
0
1
If you manage
#wordpress
sites using
#managewp
, watch out for this
#phishing
campaign via
#googleads
. -> menagewp[.]com (ad URL and redirect) -> orion[.]manaqewp[.]com (phishing page)
9 months ago
0
1
1
reposted by
Jérôme Segura
Help Net Security
9 months ago
Malicious ads target Semrush users to steal Google account credentials 📖 Read more:
www.helpnetsecurity.com/2025/03/21/m...
#cybersecurity
#cybersecuritynews
#accountcredentials
#SEO
@malwarebytes.com
@jeromesegura.com
@semrushofficial.bsky.social
loading . . .
Malicious ads target Semrush users to steal Google account credentials - Help Net Security
Cyber crooks are exploiting users' interest in Semrush, a popular SEO and market research SaaS platform, to steal Google account credentials.
https://www.helpnetsecurity.com/2025/03/21/malicious-ads-target-semrush-users-to-steal-google-account-credentials/
0
1
2
Scammers are happily abusing multiple platforms at once thanks to lack of controls. Who's going to protect users here? Google? Facebook?
10 months ago
0
2
1
PayPal’s “no-code checkout” abused by scammers
www.malwarebytes.com/blog/scams/2...
#malvertising
#techsupportscams
10 months ago
0
3
0
SecTopRAT bundled in Chrome installer distributed via Google Ads 📖
www.malwarebytes.com/blog/news/20...
⚠️ sites[.]google[.]com/view/gfbtechd/ chrome[.]browser[.]com[.]de/GoogleChrome.exe
#malvertising
#SecTopRAT
10 months ago
0
2
0
If you are a developer and use
#homebrew
, beware of this fraudulent ad on Google. ⚠️ Fake site: brewsh[.]org Malicious curl command: hxxps[://]raw[.]brewsh[.]org/Homebrew/install/HEAD/install[.]sh Atomic Stealer (AMOS):
www.virustotal.com/gui/file/389...
⚠️
#malvertising
#atomicstealer
11 months ago
0
0
0
ClickFix vs. traditional download in new DarkGate campaign
www.malwarebytes.com/blog/news/20...
#ClickFix
#malvertising
loading . . .
ClickFix vs. traditional download in new DarkGate campaign
Social engineering methods are being put to the test to distribute malware.
https://www.malwarebytes.com/blog/news/2025/01/clickfix-vs-traditional-download-in-new-darkgate-campaign
11 months ago
0
1
0
Microsoft advertisers phished via malicious Google ads
www.malwarebytes.com/blog/news/20...
#malvertising
#googleads
#microsoft
#bing
loading . . .
Microsoft advertisers phished via malicious Google ads
Just days after we uncovered a campaign targeting Google Ads accounts, a similar attack has surfaced, this time aimed at Microsoft...
https://www.malwarebytes.com/blog/news/2025/01/microsoft-advertisers-phished-via-malicious-google-ads
11 months ago
0
0
0
Imagine for a moment that Google allowed a sponsored link to a phishing site for Google ads...
www.malwarebytes.com/blog/news/20...
#GoogleSearch
#GoogleAds
#malvertising
#phishing
loading . . .
The great Google Ads heist: criminals ransack advertiser accounts via fake Google ads
An ongoing malvertising campaign steals Google advertiser accounts via fraudulent ads for Google Ads itself.
https://www.malwarebytes.com/blog/news/2025/01/the-great-google-ads-heist-criminals-ransack-advertiser-accounts-via-fake-google-ads
12 months ago
0
1
1
Malicious Google ad for Virtuals Protocol ⚠️ virtnals[.]com
#malvertising
about 1 year ago
0
0
0
Malicious Google ad for Aerodrome Finance ⚠️ aeroclrome[.]finance
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for
#Freecad
⚠️ freecad3dmodeling[.]com freecad3d-download[.]com hxxps[://]3d-digitals[.]org/downloads/guthub/FreeCAD_Setup_2[.]0[.]74_win_x64[.]zip
#malvertising
about 1 year ago
0
2
0
‘Fix It’ social-engineering scheme impersonates several brands
www.malwarebytes.com/blog/news/20...
about 1 year ago
0
2
0
Malicious Google ad for Netflix ⚠️ +1[-]877[-]906[-]4471
#malvertising
about 1 year ago
0
0
0
Malicious Google ad for onshape 3D ⚠️ onshapeservices[.]com
#malvertising
about 1 year ago
0
0
0
Malicious Google ad for Freecad ⚠️ freecad3design[.]com
#malvertising
about 1 year ago
0
3
0
Malicious Google ad for Rhino 3D ⚠️ rhino3ddev[.]net
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for myNYLGBS ⚠️ bluehome[.]uk essnewyorkplatform[.]com
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for PayPal ⚠️ hxxps[:]//repairsexpert[.]online/services/
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for Malwarebytes ⚠️ hxxps[://]sites[.]google[.]com/view/dexters-antivirus/home
#malvertising
about 1 year ago
0
2
1
Malicious Google ad for New York Life ⚠️ alicehotels[.]com[.]ng eddutvolkinang[.]com/online/
#malvertising
#phishing
about 1 year ago
0
1
0
A fraudulent Google ad meant to phish employees for their login credentials redirects them to a fake browser update page instead.
#malvertising
#phishing
#SocGholish
🔗
www.malwarebytes.com/blog/news/20...
loading . . .
Malicious ad distributes SocGholish malware to Kaiser Permanente employees
A fraudulent Google ad meant to phish employees for their login credentials redirects them to a fake browser update page instead.
https://www.malwarebytes.com/blog/news/2024/12/malicious-ad-distributes-socgholish-malware-to-kaiser-permanente-employees
about 1 year ago
0
3
1
Malicious Google ad for Kaiser Permanente ⚠️ bellonasoftware[.]com
#malvertising
about 1 year ago
0
2
1
Malicious Google ad for Grammarly ⚠️ grammarly[.]pc-download[.]live
#malvertising
about 1 year ago
0
2
1
Malicious Google ad for Planner 5D ⚠️ planner5ddevelop[.]com
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for eBay ⚠️ fbdecors[.]online
#malvertising
about 1 year ago
0
2
1
Malicious Google ad for PayPal ⚠️ https[:]//sites[.]google.com/view/pay-pal-helpcustomerservic/
#malvertising
about 1 year ago
0
3
2
Malicious Google ad for Microsoft ⚠️ hxxps[://]sites[.]google[.]com/view/micrlochus1011/home
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for HP ⚠️ vijtechnologies[.]store/result-page/
about 1 year ago
0
2
0
Malicious Google ad for HP ⚠️ Scammers' number: +1[-]844[-]954[-]54O4
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for eBay ⚠️ Scammers' number: +1[-]888[-]747[-]9547
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for PayPal ⚠️ hxxps[://]sites[.]google[.]com/view/womens-v-neck-cable/home
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for Onshape 3D ⚠️ onshape3d[.]org
about 1 year ago
0
1
0
Malicious Google ad for Freecad ⚠️ frecadsolution[.]net
#malvertising
about 1 year ago
0
3
0
Malicious Google ad for Notion ⚠️ notion[.]downloads[.]com[.]pl/ notion[.]downloads[.]com[.]pl/Notion[.]exe
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for Rhino 3D ⚠️ rhino3dblog[.]net recad3dsolutions[.]org/setup/index[.]php calibrebook[.]org/downloads/Installer-8[.]39-win-x64[.]zip
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for Freecad ⚠️ frecad3dsolutions[.]org calibrebook[.]net/downloads/FreeCAD-Installer-4[.]5[.]089-win-x64[.]zip
#malvertising
about 1 year ago
0
2
0
Malicious Google ads for Planner 5D ⚠️ planner5design[.]org planner5design[.]com calibrebook[.]net/downloads/Installer-8.39-win-x64.zip
#malvertising
about 1 year ago
0
0
0
Malicious Google ad for Calibre ebook reader ⚠️ https[:]//calibrebook[.]com/downloads/Calibre-Installer-8.39-win-x64.zip
#malvertising
about 1 year ago
0
0
0
Malicious Google ad for Planner 5D ⚠️ planner5design[.]net calibrebook[.]net/downloads/Installer-8.39-win-x64.zip
#malvertising
about 1 year ago
1
2
0
Malicious Google ad for New York Life Landing page:
urlscan.io/result/71763...
#malvertising
about 1 year ago
0
0
0
Malicious Google ad for PayPal Landing page:
urlscan.io/result/60c5c...
Phone number: +1 (844)[-]439[-]9953
#malvertising
about 1 year ago
0
0
0
Malicious Google ad for HP Scam number: 1[-]888[-]746[-]7110
#malvertising
about 1 year ago
0
1
0
Malicious Google ad for HP Scam number: +1 (833)[-]910[-]2664
#malvertising
about 1 year ago
0
1
0
Load more
feeds!
log in