Pierre-Marc Bureau

🎙️ You may have heard of the Glupteba botnet, but did you know @Google didn't just disrupt it—they sued the operators? In a wild twist, the Russian operators didn't stay in the shadows. They hired a US attorney and showed up in a New York court to fight back. In the latest episode of Behind the Binary, @pmbureau discusses the wild tale of the technical and legal takedown! 🎧 Listen here: open.spotify.com/episode/0TgHyh…

@ShaneHuntley Good luck!

I used to live 45 mins from RSA conference and never went. Now I'm flying 14 hours to attend. I predicted years ago if I ever went it would cause me to leave the security industry for good. Always good to test predictions...

@AirCanada Need help with a reimbursement error from the strike. Communication channels are blocked/unresponsive. What is the specific process to dispute a claim payout?

New joint TAG/Mandiant research on a hybrid Russian espionage/influence campaign (UNC5812) targeting potential Ukrainian military recruits with malware and spreading anti-mobilization narratives cloud.google.com/blog/topics/th…

🆕🚨 New analysis from @Google TAG on suspected APT29 waterholes against 🇲🇳 gov. n-day exploits targeting iOS and Android we first observed in use from commercial surveillance vendors🫢 more details in the blog! awesome work from @_clem1 and team🤝 blog.google/threat-analysi…

"Where it is not possible to prevent the theft of credentials and cookies by malware, the next best thing is making the attack more observable by antivirus, endpoint detection agents, or enterprise administrators with basic log analysis tools" security.googleblog.com/2024/04/detect…

Honoured to be presenting the keynote for @NorthSec_io this year. If you are in the neighbourhood May 16-17 come say hi, tickets are still available😺 Unpack all malware with a single breakpoint? Maybe? And I promise I won't mention anything about LLMs! nsec.io

So impressed by @j00ru's Project Zero journey looking for security issues in the important and complex Windows registry. Great writeup outlining his thought-process... good lessons for us all! googleprojectzero.blogspot.com/2024/04/the-wi…

🪲And the 2023 Year in Review of Zero-Days Exploited In-the-Wild is out! This year I teamed up with @JaredSemrau & James from Mandiant to write a joint report combining our expertise and providing a more holistic view on in-the-wild 0-days in 2023 🔥🧐 blog.google/technology/saf…

A review of zero-day in-the-wild exploits in 2023 @google blog.google/technology/saf…

Launching today our new report "Tool of First Resort: Israel-Hamas War in Cyber" blog.google/technology/saf… Cyber provides a lower-cost, lower-risk way for rivals to engage in conflict, gather information, disrupt daily life, and shape public perceptions. 🧵

Buying Spying: How the commercial surveillance industry works and what can be done about it @google blog.google/threat-analysi…

Spyware is used against high-risk users: journalists, human rights defenders, dissidents and political opponents. I'm particularly proud of our latest work, shedding light on Commercial Surveillance Vendors who make $$$ exploiting vulnerable systems and users. 🧵

We're announcing new support for Quebec's cybersecurity ecosystem by providing a $1.3M grant to the Multidisciplinary Institute for Cybersecurity and Cyber Resilience, a project by @polymtl, to support research that addresses the rising global cyber risks. goo.gle/48T3Ja4

New malware from 🇷🇺 with ❤️, COLDRIVER deploying a custom tool, SPICA, in small number of targeted campaigns. Great write up from @wxs @auroracath and @Google TAG. actor to keep an 👁️ on moving into 2024! blog.google/threat-analysi…

💪🏼 Yesterday @_clem1 and @vladhiewsha discovered and reported a new ITW 0-day to the Chrome team. TODAY, 1 day later, Chrome has a fix out to protect users!!! Thank you, Chrome! CVE-2023-7024 chromereleases.googleblog.com/2023/12/stable…

🪲 New blog from me, @_clem1, and Kristen on the Zimbra in-the-wild 0-day, CVE-2023-37580, discovered by TAG in the summer. We discovered 4 different campaigns using the bug against organizations in Greece, Moldova, Tunisia, Vietnam, and Pakistan. blog.google/threat-analysi…

Government-backed actors exploiting WinRAR vulnerability @google blog.google/threat-analysi…

Félicitations à toute l’équipe de l’Institut Multidisciplinaire en Cybersécurité et Cyberrésience (ou IMC2 - vive les acronymes!) @polymtl @HEC_Montreal @UMontreal. Le Québec est un véritable hub Cyber 🌐 qui mérite de rayonner et votre travail y contribuera grandement.

In the spirit of "this talk could've been a tweet", I just pushed a button: #BinDiff is now open source. - Snapshot release, no major new functionality - Release binaries later today or tomorrow - This is my 20% and I won't we able to act on PRs until end of Q4 (OOO traveling)