-
Tweets169
-
Followers126
-
Following460
-
Likes668
#Lockbit is Tango Down!
Microsoft has identified new Qakbot phishing campaigns following the August 2023 law enforcement disruption operation. The campaign began on December 11, was low in volume, and targeted the hospitality industry. Targets received a PDF from a user masquerading as an IRS employee.
Hey :) We published a very detailed blog on #Qakbot infrastructure, providing analysis of C2s settings and connections, T2s outbound connection mysteries, hosts selection based on geolocation, etc: team-cymru.com/post/visualizi… IOCs included 🍷🍷 @teamcymru_S2
Latest @teamcymru_S2 Threat Research on IcedID released. No longer glacial, they are bigger, faster and evolving: affiliate collaboration, new C2s more IoC IPs revealed. Read the blog here: ow.ly/orWP50PnAX6 #cybersecurity #informationsecurity #riskmanagement
In May, I gave a talk at the @Volexity #CyberSession on cases we worked where an attacker compromised customer a Firewall Environment using 0-day exploits (at time of incident). If this sounds like your jam, we recorded it and you can check it out here: volexity.com/company/resour…
vx-underground will be hosting a virtual conference. This virtual conference will charge $25 to view. We will NOT profit from this virtual conference in any manner. All proceeds will be going to charity. We are issuing a call of papers and presenters. Date: November 3rd, 2023.
If you missed it yesterday, Microsoft released an advisory concerning the CVE-2023-36884: msrc.microsoft.com/update-guide/v…. This RCE is currently used by a TA and there is no patch. You should apply the mitigation described in the advisory. 1/4
A Truly Graceful Wipe Out ➡️Initial Access: Email > TDS > Truebot download ➡️Credentials: LSASS & Registry Dump ➡️Persistence: Scheduled Task ➡️C2: Truebot, FlawedGrace, Cobalt Strike ➡️Exfiltration: FlawedGrace ➡️Impact: MBR Killer thedfirreport.com/2023/06/12/a-t… 1/X
🤖Check out our technical analysis of #Pikabot including the anti-analysis techniques, encryption algorithms, and similarities with Qakbot: zscaler.com/blogs/security… IOCs are available here: github.com/threatlabz/ioc…
🚨 During the last 3 years, we have tracked a specific TA intending to infect Windows workstations on corporate environments, trying to alter legitimate banking transfers performed by the victims. Meet drIBAN. 💉 Chapter 1: cleafy.com/cleafy-labs/un… #drIBAN #sLoad #Ramnit
#Botconf Strasbourg here I come ! 🔥 Ready for 3 days of malware, botnets and TI talks !
BREAKING: Genesis Market, one of the largest darknet marketplaces for buying and selling stolen data, has been taken down by law enforcement authorities in a coordinated effort across several countries @AlexMartin reports
Hey everyone, this is my first tweet! We identified a backdoor we dubbed #Gopuram, the final payload in the #3CX attack. The threat actor (likely to be Lazarus) has deployed it to cryptocurrency companies. More details in this thread and on Securelist (securelist.com/gopuram-backdo…)
Our future as hackers is at stake! AI will take away our jobs. We need to act fast. Join the rAIsistance.com!
There have been several incorrect reports that FFmpeg has been involved in the distribution of malware. FFmpeg only provides source code and the source code has not been compromised. Any "ffmpeg.dll" that has been compromised is the responsibility of the vendor.
I wrote up what we've been tracking with the #3CX supply chain threat. Digging into the attack vector, peeling backing the layers where we can -- hopefully offering something of value! huntress.com/blog/3cx-voip-…
Aleesha Osias @AleeshaOs
54 Followers 5K FollowingMae Tronzo @MaeTronzo2493
84 Followers 5K FollowingLayla-may Dealmeida @dealmei_m
107 Followers 5K FollowingMoana Schmutzler @SchmutzlMoa
82 Followers 5K FollowingAlaia Surman @AlaiaSur
42 Followers 5K FollowingThomasena Busey @BuseyThoma92957
99 Followers 5K Followinghoussam dz @houssamG07
27 Followers 282 FollowingAʸʰᵃᵐ 👾 @im20batman
98 Followers 824 FollowingSem Ilusão 🐧 @_fbmarques_
202 Followers 735 Following Profissional de Cibersegurança, apaixonado por Linux e Código Aberto. IPAE! @ActorExpose
5K Followers 4K Following Expose phishing pages and sometimes malware on domain to either to get reported or exposed out public. Majority of these criminals are part of the underground.fhd342gs @fhd342gs
19 Followers 178 FollowingOndrej Kubovic @OndrashMachula
452 Followers 567 Following @ESET Security Awareness Specialist, technology enthusiast, former journalist. Tweets are my own.Mohammed Al Sayed @MohammedLSayed2
549 Followers 5K Following Malware Reverse Engineer - Master @uottawa The little detail matterEmergent Unsigned Rad.. @Jasonmaddocks01
803 Followers 2K Following NHS EMPLOYEE ❤️. Presenter at PHONICFM. Emergent Unsigned Radio Show https://t.co/QTYCL8k9Hi https://t.co/DJEVsy9M74 https://t.co/Db1RNEWYgJJeremy Ross @Jeremjross
0 Followers 366 Following Light OF Reverent Day time which is the LORDs houseSourabh Prakash @prakash_sourabh
56 Followers 475 FollowingDylan Main @Research25Mal
1 Followers 14 FollowingKompromat @Komprom4t
3 Followers 50 Following🥩N1aӃaɳ @N1aKan
958 Followers 480 Following CSIRT | DFIR | Forensics & Malware | Botconf Staff | ITsec Graphix (insta:@n1akan_infogfx)shibasec.bsky.social @shibasec
470 Followers 792 Following Mathieu Gaucheler, OSINT and cybersecurity. SME at @MaltegoHQ. Maltego machines / custom Transform in my GitHub. Mastodon: https://t.co/YR4D5Nb1J4Larry W. Cashdollar @_larry0
5K Followers 4K Following Member of @Akamai SIRT. Security Researcher & Exploit Coder. Research covered by Slashdot, ZDNet, arstechnica, MSN.. Mitre CVE CNA.MariaBJ @MariaxBeatrizx
16 Followers 225 FollowingBerk Albayrak @brkalbyrk7
986 Followers 1K Following Threat Research Team Lead @malwation | TI | OSINT | TA2AQX 📡(-_-) ⓐᶰỖŇј�.. @anonjaun
494 Followers 2K Following menace, social engineer, physical access, and monster payloads are my specialties along with protecting people from online predators and pedophilesM. Annor-Nyarko @m_annornyarko
674 Followers 5K Following |2018 IAEA PhD fellow|Nuclear Regulatory Affairs Specialist |Nuclear Security Expert | Academic Writer|Research and Data Analyst |📧[email protected]H@D4$🩸 $BLOCK $PAR.. @Mr_Had4s
1K Followers 3K Following I Will Maitain || Cybersecurity & Bug Hunter (Geek❗️) @playsomo | $SOMOEmily Anne @EmAnne6596
0 Followers 38 FollowingJay Infosec @infosec1_jay
1 Followers 8 FollowingAccount2847289472890 @Account28472891
9 Followers 176 FollowingAnti V2K, RNM, Gangst.. @AntiV2k
2K Followers 7K Following Account in Berlin/Germany um gemeinsam gegen Elektronische Folter zu kämpfen #Cybertorture #ElektromagnetischerTerror #Gangstalking #RemoteNeuralMonitoringMarc Besten @ma7c_de
199 Followers 2K Following Focus on SecOps & InfoSec - @[email protected] & https://t.co/drcbvkysopMax Dessureault @Techniese
8 Followers 126 Followingfozzy_bear @f0zzy_bear
1 Followers 64 FollowingLoukas Wets @LoukasWets
10 Followers 150 FollowingNull @Hev1L3_0bf4sk8d
23 Followers 423 FollowingBarbara @barb_sidney
2K Followers 700 Following ❤️💚🖤 Martinique 🏳️🌈 • Head of CERT team @OWN_fr #CTI #OSINT #DFIR • Fighting LGBT+phobia & colonialismPol Thill @tr3gleos
115 Followers 174 FollowingMatthew @embee_research
12K Followers 1K Following Malware Researcher & Reverse Engineer | Creating and Sharing Educational Cyber ContentAr3s @Ar3s1
569 Followers 94 FollowingSECurityTr8Ker @SECurityTr8Ker
3K Followers 5 Following I monitor the SEC's RSS feed for 8-K and 6-K filings with Item 1.05. Last SEC check: 2024-05-01 08:04:51 ET.Xavier Tytelman @PeurAvion
70K Followers 2K Following Ex aviateur mili, consultant aéro-défense, youtubeur et rédac-chef digital @airetcosmos. Fan d'#OSINT kaki et appeau à trolls. Fondateur de https://t.co/lfe2JrMZdm #AvGeekAccidental CISO @AccidentalCISO
54K Followers 2K Following I accidentally became the CISO. I didn't want this job, but the job chose me. I'm scared, and I want to go home.Sysinternals @Sysinternals
19K Followers 169 Following Created by Mark Russinovich and Bryce Cogswell and later acquired by Microsoft, Sysinternals utilities help you troubleshoot and manage your Windows systems.XSS.is @xss_is
1K Followers 1 FollowingThreat Intelligence A.. @AcademyThreat
889 Followers 0 Following A new cybersecurity community for both beginning and experienced professionals. Training courses. Moderated discussion. Peer reviewed journal.Frost @fr0s7_
5K Followers 1K FollowingInterCERT France @InterCERTFrance
366 Followers 3 Following Association pour les organisations ayant des activités de réponse à incident cyber (CERT / CSIRT) sur le territoire françaismedic642 @medic642
752 Followers 1K Following Threat Researcher @proofpoint / Ex-Paramedic / Ex-Firefighter / Reluctant cat person / Opinions are my own / @[email protected] /Chainalysis @chainalysis
54K Followers 562 Following Building trust in blockchains among people, businesses and governments. Our crypto compliance and investigation software powers hundreds of top institutions.Aura @SecurityAura
4K Followers 541 Following GCIH, GCFE | Manager | DFIR, Threat Hunting, Detection Engineering | @CuratedIntel Contributing DFIR Member https://t.co/foDR8PkDI7Igal Lytzki🇮🇱 @0xToxin
9K Followers 285 Following Security Researcher at @Microsoft | Ex - Perception Point Threat Analyst & Team LeadJon DiMaggio @Jon__DiMaggio
7K Followers 811 Following Bad guy chaser, writer/author, espionage & ransomware SME. Sometimes I harass my dog. He is the brains behind these projects and opinions are his.Virus Bulletin @virusbtn
59K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilIsmael Valenzuela @aboutsecurity
17K Followers 9K Following VP Threat Research & Intelligence @BlackBerry ▪️ Ex @Foundstone @Intel @McAfee ▪️ SANS Senior Instructor, GSE #132 ▪️ Author #SEC530 #SEC568 #ThinkRedActBlueNo Starch Press @nostarch
33K Followers 3K Following The finest in geek entertainment. Email us: [email protected] We're live M-F, 7am-6pm PDTAli Hadi | B!n@ry @binaryz0ne
29K Followers 567 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsJiří Vinopal @vinopaljiri
8K Followers 429 Following Threat Researcher at Check Point @_CPResearch_ #DFIR #Reversing - All opinions expressed here are mine only. https://t.co/iWvwWF1AnN0xor0ne @0xor0ne
55K Followers 526 Following | CyberSecurity | Reverse Engineering | C and Rust | Exploit | Linux kernel | PhD | My Tweets, My Opinions :) |Alexandre Borges @ale_sp_brazil
23K Followers 111 Following Vulnerability Researcher and Exploit Developerςεяβεяμs - м�.. @c3rb3ru5d3d53c
21K Followers 235 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/SfTI8uJa23reverseame @reverseame
16K Followers 1 Following RME-DisCo research group from University of Zaragoza. Special interest on software and systems security. Link to our Telegram channel: https://t.co/UmkcXVG8MUdr4k0nia @dr4k0nia
5K Followers 97 Following Security Researcher, student in the meantime 👧🏻 I specialize in .NET malware analysis and tooling My Blog ✍🏻 https://t.co/UetpEwyAGqt3ft3lb @t3ft3lb
2K Followers 182 Following Threat researcher, Malware analyst All tweets represent my personal opinionSynacktiv @Synacktiv
17K Followers 277 Following Offensive security company. Dojo of many ninjas. Red teaming, reverse engineering, vuln research, dev of security tools and incident response.TEAM CYMRU - Threat R.. @teamcymru_S2
4K Followers 87 Following Follow us for the latest blogs and IOCs from the Team Cymru Threat Research Team (@teamcymru) @[email protected]HagueTIX @HagueTIX
356 Followers 43 Following The Hague Threat Intelligence Exchange (Hague TIX) / next edition on 24 June 2024 / a conference by @TheHagueProgram #HagueTIX2024Chris Duggan @TLP_R3D
4K Followers 2K Following Inventor of Patent Pending Endpoint Threat Intelligence Agent (GB2314601.2)Marine Pichon @Mar_Pich
1K Followers 142 Following Threat Intelligence analyst @CERTCyberdef |@PSIASciencesPo | @SCAsciencespoZscaler ThreatLabz @Threatlabz
5K Followers 33 Following Threat intelligence and security research from @zscalerTEAM CYMRU @teamcymru
42K Followers 190 Following We provide digital business risk platforms and community services. Since 2005, our reputation has remained unchallenged Check out our research @teamcymru_S2!CVE Trends @CVEtrends
9K Followers 0 Following Monitor trending CVEs in real-time; crowdsourced intel sourced from Twitter, NIST NVD, Reddit, and GitHub. Run by @SimonByteCrocodyli @crocodylii
2K Followers 1K Following Threat Intelligence Specialist, Digital Forensics and Incident Response. I'm a speaker, teacher and a few other things... In a constant learning loop.ET Labs @ET_Labs
6K Followers 204 Following ET Labs is the research team of Emerging Threats - Bionic threat intelligence specialists from Fantasia.Jane @Jane_0sint
2K Followers 313 Following Network traffic numismatist 🔎 https://t.co/esqhtRM0lZ ambassador~StalkPhish~ @Stalkphish_io
899 Followers 110 Following Phishing Fighters - Sharing tools, data and knowledge about brand protection and phishing detection - https://t.co/mLZUoGQStl / https://t.co/TLNli1Xso5Unplugging PlugX - Sinkholing the PlugX USB worm botnet - #plugx #mustangpanda #worm blog.sekoia.io/unplugging-plu… (h/t @charlesmeslay, @r1chev & @sekoia_io)
SAVE THE DATE : 2024 ENISA CTI Conference — ENISA enisa.europa.eu/events/cti-con… via @enisa_eu
On our road to #botconf2024 with @charlesmeslay and @crep1x from @sekoia_io. Do not hesitate to ping us for some 🍻&🥃:)
Barney the Tv border collie
v26 is out 🥳
Our #CTI @WorldWatch_OCD team just updated their #ransomware families tree. This 26th version includes many newcomers as well as updated relationships.🧐 Again, feel free to share your feedback! ➡️github.com/cert-orangecyb… @Mar_Pich @orangecyberdef #rebrand
🤔 Combien d'affidés contribuaient à l'activité de la franchise #LockBit avant #Cronos, le 19 février ? Peut-être 15 tout au plus. Comment sommes-nous arrivés à cette estimation ? Tous les détails (et plus encore) après le clic. #RaaS #ransomware 👉 bit.ly/48SC0Wc
If you have noticed, our reports are continuously improving. New things we introduced this year: ➡️Key Takeaways ➡️Table of Contents ➡️Audio Listening ➡️More graphics than ever! We hope that these changes will make it easier for you to consume each report. 💡Technical insights…
SEO Poisoning to Domain Control: The Gootloader Saga Continues 🌟Analysis and reporting completed by @_pete_0, @malforsec & @r3nzsec 🎵Audio: Available on Spotify, Apple, YouTube and more! 🏹Services: thedfirreport.com/services/ 📚Report: thedfirreport.com/2024/02/26/seo…
Group: lockbit3new Approx. Time: 21:53 24/02/24 Title: fbi.gov
Looks like #iSOON was also selling #PlugX (#PlugXZR)
Interesting Thread on a massive dump from a Chinese 🇨🇳 Ministry of Public Security (MPS) private industry contractor called iSoon (aka Anxun) Leak contains: - Spyware - Espionage Ops - “Twitter Monitoring Platform” - And a lot more 🔥 This is a crazy NTC Vulkan-level leak ⚠️
Something is going on in @virustotal, the last samples I've been looking at supposedly generate connections to internal IPs (same port and URI), but apparently it's a bug or something, just to keep it in mind. Check it out: -…
Today, we're disclosing an overlooked, wide-impact bug/attack vector affecting the Windows/COM ecosystem, dubbed #MonikerLink. In Outlook, the bug's impact is far and wide: from leaking NTLM creds to RCE. The same issue may exist in other software, too. research.checkpoint.com/2024/the-risks…
The next chapter about Russian Language Cybercriminal Forums was published! Feedback is welcome! :) #CyberSecurity #OSINT #Cybercrime #CybercriminalForums #CyberThreatIntelligence #InformationSecurity #CTI #RLCF #Investigation #underground #forums cybercrimediaries.com/post/russian-l…
Want to know why #LockBit was really banned from RU underground forums? Get your popcorn and hear what really happened and our analysis in the latest @Analyst1 blog from me and @intel_anastasia! analyst1.com/this-forum-is-…
Our ransomware report is out today and it brings me no joy to share that 2023 was a record year in terms of ransoms paid — bringing us into the billions — a near doubling of 2022. 🧵1/6
Our important and timely blog on how to determine if your toothbrush is now part of a botnet. malwarebytes.com/blog/awareness…
📣We updated "Malpedia FLOSSed". TL;DR: More data, cleaner Rust/Go/Dotnet strings, various tags! We also created a public web service to make this data more accessible: strings.malpedia.io, as well as an IDA plugin as a demo use case. Read more -> github.com/malpedia/malpe…
GHunt v2.1.0 is available ! It fixes all the login issues, and no cookies are required anymore. I was inspired by the hackers abusing the Google OAuth Multilogin, and I adapted it to Android. Also, it now auto checks for updates. More info : github.com/mxrch/GHunt/re…
.@Volexity provides an update on its Ivanti Connect Secure VPN report concerning chained exploitation of CVE-2024-21887/CVE-2023-46805. Based on new data, 1700+ devices have been compromised following widespread exploitation. Details: volexity.com/blog/2024/01/1… #dfir #threatintel
.@Volexity detected an incident where it discovered a threat actor chained 2 #0days in Ivanti Connect Secure, CVE-2023-46805/CVE-2024-21887, to achieve RCE, modifying components of the software to backdoor the device. volexity.com/blog/2024/01/1… #dfir #threatintel #memoryforensics