Marc NEBOUT

Cybercrime Team Manager

Articles by
Marc NEBOUT

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Threat Research & Intelligence
TDR
September 30, 2025

Silent Smishing : The Hidden Abuse of Cellular Router APIs

How attackers abuse Milesight cellular router APIs to run smishing at scale via unauthenticated SMS endpoints—targeting Belgium (CSAM/eBox).

By
Jérémy SCION
By
Marc NEBOUT
& more
View more
Threat Research & Intelligence
TDR
September 19, 2024

WebDAV-as-a-Service: Uncovering the infrastructure behind Emmenhtal loader distribution

This blogpost examines the use of WebDAV technology in hosting malicious files related to the Emmenhtal loader, then analyses the various final payloads delivered through this infrastructure, and concludes by exploring the possibility that the infras

By
Marc NEBOUT
By
Threat Detection & Research Team
& more
View more
Threat Research & Intelligence
TDR
February 6, 2024

Adversary infrastructures tracked in 2023

Sekoia.io C2 Trackers identified more than 85,000 IP addresses used as C2 servers in 2023, an increase of more than 30% compared to 2022.

By
Threat Detection & Research Team
By
Marc NEBOUT
By
Quentin BOURGUE
By
Amaury-Jacques GARCON
By
Grégoire CLERMONT
& more
View more
Threat Research & Intelligence
TDR
November 13, 2023

Game Over: gaming community at risk with information stealers

This report delves into the gaming industry targeted by infostealer malware, and details a specific campaign spreading via Discord messages.

By
Marc NEBOUT
By
Threat Detection & Research Team
& more
View more
Threat Research & Intelligence
TDR
January 18, 2023

Command & Control infrastructures tracked by Sekoia.io in 2022

Throughout 2022, SEKOIA.IO's Threat & Detection Research (TDR) team continued to proactively track and monitor the Command & Control (C2) infrastructures set up and used by cybercriminal or state sponsored intrusion sets to carry out malicious cyber

By
Marc NEBOUT
By
Threat Detection & Research Team
& more
View more
Threat Research & Intelligence
TDR
July 18, 2022

Ongoing Roaming Mantis smishing campaign targeting France

MoqHao (aka Wroba) is an Android Remote Access Trojan (RAT) with information-stealing and backdoor capabilities that likely spreads via SMS.

By
Quentin BOURGUE
By
Marc NEBOUT
By
Threat Detection & Research Team
& more
View more