light bulb

Did You Know?



Reply
Highlighted
Community Manager Community Manager
Community Manager
Posts: 4,988
Registered: ‎12-16-2013

Interview with a Webroot Threat Researcher - Marcus Moreno

[ Edited ]

This month we'll be talking to Marcus Moreno, who works in the Broomfield office with Dan Para who we interviewed last month.

 

marcus.jpgHow’d you get involved in threat research?

 

When I first started working here as a front line engineer, I was hand-picked to do additional training on threat research. Particularly ENZO, which is our determination database. After learning most of the ins and outs of ENZO, I was offered a position as a threat researcher. 

 

What’s the most challenging piece of malware that you’ve run into?

 

I would have to say any type of file infector is the most challenging piece of malware that I run into - particularly Expiro. Expiro seems the be the hot commodity that everyone is getting infected with. It injects malicious code into legitimate files. Replacing those files can be a pain depending on the severity. [note - detection for Expiro was added to WSA in version 8.0.4.57]

 

Tell us a bit about the fantasy football league you run

 

I first got into fantasy football back in 2012 when a friend invited me to play in his league. I was skeptical at first, but it ended up being very fun for me. Plus I won 1st place. I heard some of the guys around the office playing it too. So I figured I'd start a league here at the office. We're going into only our second year, but we're getting a good kick out of it! 

 

Favorite game or gadget that you have right now?

 

I have a Raspberry Pi that I converted into an emulation station. My son and I are able to play basically any game made in the 90's with any console. He only plays Donkey Kong and Super Mario World for SNES. I like to mix it up. Lately I been playing a lot of NBA Jam and Street Fighter. It's a good time for us. 

 

Who is your role model?

 

This one's tough. I really don't think about this that often. I would have to say my dad. He's a BAMF. He grew up in Mexico (along with my mom), and they were migrant workers in the 70's and 80's. He was finally able to land a job at Coors in Golden in the early 90's. I say he's my role model because he taught me so much about life in general. I feel that I have good work ethic, mainly due to him. He's also able to fix anything. And I mean ANYTHING. He rebuilt his car, built our unfinished basement, fixed my fake Rolex back in high school, plumbing issues, builds materials made out of wood, welding...basically anything. I use to help him fix cars when I was younger and I learned a lot. The type of thinking I use when working on a car is the type I apply when working on computers. 

 

--

 

Thanks for helping us get to know you better Marcus!  

 

Posts: 5,784
Topics: 222
Kudos: 5,634
Ideas: 9
Solutions: 253
Registered: ‎02-03-2012

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

Nice interview, Nic...you are getting a dab hand at this. Smiley Wink

 

Always wondered about life a a Threat Researcher...and now I have a little more insight...many thanks, Marcus.

       Untitled-1.png


Webroot SecureAnywhere Complete Beta Tester v9.0.1.36...+ VoodooShield v2.79 Beta ...working together as the NEW perfect combination! And backed up by Macrium Reflect v6

Posts: 6,444
Topics: 4,299
Kudos: 8,192
Registered: ‎06-12-2013

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

Thank you Nic, amother great interview. It is great to see those behind the scenes, the ones we never see but who keep us all protected, thank you Marcus.

Sr. Community Leader

Posts: 6,092
Topics: 83
Kudos: 5,405
Solutions: 203
Registered: ‎11-27-2013

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

Thank you Nic! Great to see the Man behind the scenes as well! Smiley Wink
Sherry

   

Helpful Webroot Links:


Download (PC) | Download (Best Buy Subscription) | Submit Trouble Ticket | Account Console | User Guides |

BrightCloud URL lookup

Register and Introduce yourself to The Community!


Mac / Yosemite(10.10.4), IPads, PCs,W 7 Pro & W 8.1 R Pro. W 7 Pro on Lenovo (VM:W7,8.1,10) & W/Vista Ultimate on Gateway Laptop.
(WSAC 5 PC,WSA Business)W/10 Preview (WSAC Android)
Community Expert Advisor
Posts: 1,743
Registered: ‎02-02-2012

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

Thanks Nic. Wonderful interview. Thanks for sharing all that with us Marcus and thanks for keeping devices protected. Smiley Happy

__________________



"Simplicity is the ultimate form of sophistication." - Leonardo da Vinci


 


 



 

Posts: 902
Registered: ‎06-20-2014

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

Thank you for introducing Marcus Moreno to us Nic!

 

Interesting and enjoyable interview!

sig



Experience Shared is Knowledge Shared, Share Yours! I'm a volunteer – my reward is your SMILE!Smiley Very Happy


Helpful Webroot Links:


                         Submit Trouble Ticket • User Guides • BrightCloud URL lookup • Account Console 

Download (PC) • Download (Best Buy/Geek Squad Subscription) • Download (Walmart and Target) • Download (MSN Subscription) 


                                         Register and Introduce yourself to The Community!

Community Guide
Posts: 228
Registered: ‎06-04-2014

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

I've got two more general questions on the job of a threat researcher.

 

  1. How does your daily work look like? With the huge amount of new malware every day I wonder how one can keep up analyzing them.
  2. What are the most important skills needed in the job? And do you need to know certain programing languages?

It would be great if the community or even on of the stars could answer my questions Smiley Happy

Community Guide



-Webroot Endpoint Protection user-
Posts: 9,228
Topics: 656
Kudos: 8,223
Solutions: 618
Registered: ‎02-03-2012

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

Sorry I took so long to reply Marcus I just got lost in time! Nice to meet you and see you again ENZO was so cool to see in action when I saw it during my visit! One Question that I forgot to ask what does ENZO stand for?

 

Thanks,

 

Daniel Smiley Wink

coollogo_com-133794099.gif


asapvip.pngSigGVIP.pngEPA.png


Webroot® SecureAnywhere™ Internet Security Complete Beta Tester v9.0.1.36 on my main system Alienware 17R2, Windows 10 Pro x64 & HTC One M8 Android Lollipop 5.0.1 Phone v3.7.0.7135.


MVP.gif.png Microsoft® MVP Consumer Security  


Twitter1.png  Untitled-1.png  WBA.png

Community Manager Community Manager
Community Manager
Posts: 4,988
Registered: ‎12-16-2013

Re: Interview with a Webroot Threat Researcher - Marcus Moreno

Marcus is actually out on paternity leave right now, so I'll see if one of the others can jump in and answer the questions.

Threat Researcher
Posts: 238
Registered: ‎08-29-2012

Re: Interview with a Webroot Threat Researcher - Marcus Moreno


regnor wrote:

I've got two more general questions on the job of a threat researcher.

 

  1. How does your daily work look like? With the huge amount of new malware every day I wonder how one can keep up analyzing them.
  2. What are the most important skills needed in the job? And do you need to know certain programing languages?

It would be great if the community or even on of the stars could answer my questions Smiley Happy


Good questions!

 

1. A good majority of our day is spent using our ENZO research database hunting for malware and adding new detections. Being cloud based and having researchers spread out over the world helps us keep up with all of the new malware that comes in. 

 

2. The most important skill is the ability to learn and adapt - the malware landscape is constantly changing, and we have to change with it in order to keep up. Understanding how malware works and knowing how to spot malicious behaviors vs. legitimate behaviors are also important skills, as well as general Windows troubleshooting skills. Most of us tend to have an IT background that involves manual malware removal. A programming background definitely helps, especially when it comes to the more advanced levels of analysis.  

 

-Dan

 

 

 

Webroot Threat Research