Romain Dumont

ESET research

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET research

HotPage: Story of a signed, vulnerable, ad-injecting driver

ESET research

A dive into Turla PowerShell usage

ESET research

OceanLotus: macOS malware update

6 articles by Romain Dumont

ESET research

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET research

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

Demystifying CVE-2024-7262 and CVE-2024-7263

Romain Dumont • 28 Aug 2024 • 14 min. read

ESET research

HotPage: Story of a signed, vulnerable, ad-injecting driver

ESET research

HotPage: Story of a signed, vulnerable, ad-injecting driver

A study of a sophisticated Chinese browser injector that leaves more doors open!

Romain Dumont • 18 Jul 2024 • 23 min. read

ESET research

A dive into Turla PowerShell usage

ESET research

A dive into Turla PowerShell usage

ESET researchers analyze new TTPs attributed to the Turla group that leverage PowerShell to run malware in-memory only

Matthieu Faou and Romain Dumont • 29 May 2019 • 12 min. read

ESET research

OceanLotus: macOS malware update

ESET research

OceanLotus: macOS malware update

Latest ESET research describes the inner workings of a recently found addition to OceanLotus’s toolset for targeting Mac users

Romain Dumont • 09 Apr 2019 • 6 min. read

ESET research

Fake or Fake: Keeping up with OceanLotus decoys

ESET research

Fake or Fake: Keeping up with OceanLotus decoys

ESET researchers detail the latest tricks and techniques OceanLotus uses to deliver its backdoor while staying under the radar

Romain Dumont • 20 Mar 2019 • 12 min. read

ESET research

Phishing anniversary: Here’s a free $50/month subscription

ESET research

Phishing anniversary: Here’s a free $50/month subscription

Adidas “prize” used as bait in attempt to lure people into biting

Romain Dumont • 14 Jun 2018 • 8 min. read