Daniel Gott @_danielgott
Bad guys and forensics @PaloAltoNtwks / @Unit42_intel — views are mine not employers Joined October 2020-
Tweets22
-
Followers24
-
Following529
-
Likes152
Daniel Gott retweeted
Chat, I'm not video game developer, but this file looks strange. Why does this video game contain a .bat file that looks for your browser credentials and crypto wallets?
Chat, I'm not video game developer, but this file looks strange. Why does this video game contain a .bat file that looks for your browser credentials and crypto wallets? https://t.co/WrhRML5yl5
22
16
709
725K
61
Download Image
Daniel Gott retweeted
“The largest supply chain compromise in npm, Inc. history just happened, packages with a total of 2 billion weekly downloads just got turned malicious” LinkedIn Post linkedin.com/posts/advocate… More info on hacker news news.ycombinator.com/item?id=451696…
Daniel Gott retweeted
happy Monday! We've released our analysis and Detection Artifact Generator for Fortinet's CVE-2024-55591... labs.watchtowr.com/get-fortirekt-…
Daniel Gott retweeted
Ok, now we're talking
Daniel Gott retweeted
This image is a perfectly analogy for most enterprise compromises — a "sophisticated attacker" was NOT a state-sponsored Threat Actor. It was just a fat cat.
Daniel Gott retweeted
vx-underground has received exclusive footage of PMC Wagner traveling to Moscow
Daniel Gott retweeted
IcedID Macro Ends in Nokoyawa Ransomware ➡️Initial Access: IcedID XLS Macro ➡️Credentials: LSASS, Creds in Files ➡️Persistence: Scheduled Task ➡️Lateral: RDP, SMB, WMI, WinRM, Psexec ➡️C2: IcedID, Cobalt Strike, VNC ➡️Impact: Nokoyawa Ransomware thedfirreport.com/2023/05/22/ice… 1/X
Daniel Gott retweeted
Why is it always you? #Fortinet
Daniel Gott retweeted
QBot 'AZD' malware campaign and initial access staging is absurd .pdf -> .url -> .zip -> .img -> .lnk -> .cmd -> .dll It jumps through 6 different file extensions and/or pseudo-stagers until it activates the payload. Images and information on latest QBot IOCs via @pr0xylife
Daniel Gott retweeted
I’d say 90% of regex usage in detection rules / queries could be avoided with no or minimal reduction of specificity
Daniel Gott retweeted
Push notifications for MFA just suck - and it was obvious that this would happen at the moment someone had the idea to introduce them yes - they can often be throttled, it still sucks
Daniel Gott retweeted
Me, after password spraying for 6 minutes
Daniel Gott retweeted
NEW: Countermeasures and observability key to defending against attackers trying to buy security products The leak of #Conti #ransomware's internal chat logs revealed the attackers tried to buy security software so they could figure out how to bypass it and avoid detection… 1/7
Daniel Gott retweeted
I usually make short-form satirical videos for fun, but never share them with the world. This time tho, I thought I'd make one for the infosec community. Some might even find it educational 😅 If you're in #infosec and you feel a little down this week, this video is for you💙
Daniel Gott retweeted
Another #ContiLeaks 🧵This one should be smaller 😂 In the rocketchat logs, a channel "manuals_team_c" contained 16 procedures from reconnaissance to exfiltration. I translated (with the help of @sys6x) them, here they are: github.com/Res260/conti_2…
Daniel Gott retweeted
Windows server auditing for SOC teams
Daniel Gott retweeted
Log4j 2.17 RCE CVE-2021-44832 in a nutshell
Daniel Gott retweeted
#CVE-2021-44228 log4j2 Bypass Waf payload generator github.com/woodpecker-app…
Barbara @mallett93barbar
308 Followers 3K Following
Yatin Wadhwa @yatinwad
820 Followers 653 Following Information Security Professional. Contributor @TheDFIRReport.
Andrew Rathbun @bunsofwrath12
3K Followers 704 Following Husband, Father, #DFIR @ Unit 42, Digital Forensics Discord Admin, AboutDFIR Contributor, Author, #USMC Veteran, Former LE, NHL Fan, Dark Mode, Animals, Music
Parker Abshire @abshire_pa15137
46 Followers 3K Following
Mabelle Schumm @MabelleSch77095
3 Followers 172 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/Navg26OT75
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
White Coat Black Cat @medsci_yb3r
1K Followers 5K Following #Indigenous Researcher del T8. Completing my MD/MSc. Specialized in: Applied Psych, BioSci, Native Studies, #Neuro & #Cybersecurity. #LongCovid Advocate.
David Lilja @dlilja
783 Followers 822 Following Senior Threat Analyst @TRUESEC. I’m the bad guys’ blue nightmare. https://t.co/FCPL1VqfCW. Dark Mode Advocate. Thoughts cost 2 pennies.
Qasim Qlf 🧑💻... @qlfqasim
677 Followers 4K Following 🛡️Detection Engineer • Tech enthusiast • 🧙♂️ Ex-SWE @NETSOLTech • .NET • 🔍 30K+ @LinkedIn • 🎓 UET`15 • Open Source • ID: @qasimqlf
AJ King @ajkingio
164 Followers 727 Following Threat Research Manager @splunk / @SnapAttackhq now part of @Splunk now part of @Cisco / Detection Engineering / Dad
Sarcastic Grunt @SarcasticGrunt
623 Followers 891 Following Cybersecurity professional, former Army infantryman, and politically opinionated. I live off sarcasm and caffeine. I trust AI as much as my profile picture.
Ramin Nafisi @MalwareRE
5K Followers 2K Following Director of MSTIC Malware Intelligence, Research, and Analysis (MIRAGE) team.
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Florian Roth ⚡️ @cyb3rops
207K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
Axoss Cybersecurity A... @AxossAcademy
852 Followers 4K Following #HumanwareHardening 🐞 #CISSP #CCSP #CSSLP #Security #Training #ISC2 #SoftwareSecurity #CloudSecurity #devsecops
Operation Zero @opzero_en
6K Followers 0 Following The only Russian-based zero-day vulnerability purchase platform.
BSides Harrisburg @BsidesHbg
344 Followers 273 Following Official account for BSides Harrisburg ™. Community driven security conference serving Central Pennsylvania | Friday, May 29, 2026 | https://t.co/wEiRXVq0kP
Andrew Rathbun @bunsofwrath12
3K Followers 704 Following Husband, Father, #DFIR @ Unit 42, Digital Forensics Discord Admin, AboutDFIR Contributor, Author, #USMC Veteran, Former LE, NHL Fan, Dark Mode, Animals, Music
Quiver Quantitative @QuiverQuant
355K Followers 780 Following Bridging the information gap between Main Street and Wall Street. Disclaimer: https://t.co/dIbqx0Q4fW
Nancy Pelosi Stock Tr... @PelosiTracker_
1.2M Followers 527 Following Highlighting Politicians' trades so we can invest alongside Goal: get them banned from trading. $800,000,000 invested on @joinautopilot_ so far
Interrupt Labs @InterruptLabs
3K Followers 86 Following We’re here to provide world-leading vulnerability research and research capabilities. From browsers, mobile, automotive and everything in between.
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Hex-Rays SA @HexRaysSA
8K Followers 132 Following We are a hi-tech company focusing on binary software analysis. Our main products are IDA Pro and the Hex-Rays Decompiler. Discourse: https://community.hex-rays
Being Libertarian @beinlibertarian
294K Followers 2K Following #Liberty based media company uniting libertarians of all stripes, fighting for a free world. #Libertarian #TaxationIsTheft
Secure ICS OT @Secure_ICS_OT
2K Followers 1K Following ICS/OT posts from a GICSP. ISA member working on ISA 62443 Certs. Canadian. My posts are my own and are not a reflection of my place of work or employer.
watchTowr @watchtowrcyber
9K Followers 14 Following watchTowr enables organizations to get ahead of in-the-wild exploitation with Preemptive Exposure Management technology.
KevTheHermit @KevTheHermit
4K Followers 361 Following DFIR professional, general geek Director Cyber Threat Research @immersivelabs tweets my own not my employers
IntelBroker @IntelBrokerBF
7K Followers 64 Following XMPP: [email protected] HackForums: IntelBrokerBF BF: IntelBroker
Steven Adair @stevenadair
3K Followers 412 Following President @Volexity | Malware Analyst's Cookbook | https://t.co/K1nPkanWYC
Charles Fol @cfreal_
4K Followers 670 Following previously @ambionics @LexfoSecurite – blogs: https://t.co/cLoNdCGPU7 https://t.co/JVMLjUzTJU https://t.co/t9a5IcOXSU
Xavier Mertens @xme@i... @xme
15K Followers 1K Following Freelance | Blogger | SANS ISC Handler | FOR610/FOR710 Instructor | BruCON co-organizer | BlueTeam | DFIR | MTB | PGP: 0xEB583912514B3E1F | Tweets are mine!
Matthew Toussain @0sm0s1z
6K Followers 2K Following 🏳️🌈 Founder @_OpenSecurity_ // Former @BHInfoSecurity // Former SANS // Former USAF / Former me… #RedTeamFit /https://t.co/TkCZZSc4xA
Dark Web Informer @DarkWebInformer
132K Followers 57 Following Providing intel from the Dark Web & Clearnet: Breaches, Ransomware, Darknet Markets, Threats & more. Follow the X Bot: @DarkWebIntelBot. https://t.co/Fi7VW9lg94
Sam Bent @DoingFedTime
12K Followers 396 Following Journalist | OSINT & OPSEC Specialist | Darknet Expert (Ex Vendor & DNM Admin) | DEFCON/SANS Speaker | Youtuber | Social Engineer | Author | Paralegal
PearAI Loading... @PearAIOfficial
18K Followers 334 Following Used to be fryingpan's account - he started from scratch and this is now this is documenting making the greatest AI code editor of all time
Jared Atkinson @jaredcatkinson
10K Followers 2K Following | CTO @specterops | Host @dcpthepodcast | Ex PowerShell MVP | USAF Vet | FC Bayern Supporter | Language Learner 🇳🇴 🇮🇹 🇧🇷 |
Chris Duggan @TLP_R3D
7K Followers 3K Following Head of Threat Informed Defence for a FSTE 100 | Malware Geek | Curated Intel Member | Threat Intelligence Expert Extraordinaire
Andrew Morris (afk) @Andrew___Morris
21K Followers 3K Following 🔳 Internet listener. Founder/Chief Architect of GreyNoise Intelligence (@GreyNoiseIO)
Codie Sanchez @Codie_Sanchez
615K Followers 1K Following I run a portfolio of companies at Contrarian Thinking. Author. | Invest: @CTVentureCap & https://t.co/GeVvWuYkrn | Build: @_CTCommunity @bizscout_ @resibrands
Traceix @usetraceix
17K Followers 416 Following Look up AI file classifications by hash | Discord: https://t.co/jcZBvfLgsE | Product of Revix Labs LLC
Clandestine @akaclandestine
50K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |
Brett Shavers 🙄 @Brett_Shavers
40K Followers 875 Following Fell off a cliff. Swam with sharks. Dined with hitmen. Hung out with crime bosses. Bought and sold a ton of drugs. How the heck am I still here? #DFIR #USMC 🚓
@[email protected] @williamsjoe
2K Followers 261 Following Principal Engineer in Edge Networking at @fastly. I ride bicycles.
Volexity @Volexity
8K Followers 7 Following A security firm providing Incident Response, Proactive Threat Assessments, Trusted Advisory, and Threat Intelligence
David Lilja @dlilja
783 Followers 822 Following Senior Threat Analyst @TRUESEC. I’m the bad guys’ blue nightmare. https://t.co/FCPL1VqfCW. Dark Mode Advocate. Thoughts cost 2 pennies.
PagedOut @pagedout_zine
5K Followers 9 Following Paged Out! is a free magazine about programming, hacking, security hacking, retro computers, modern computers, electronics, demoscene, and other amazing topics.
Wendi Whitmore @wendiwhitmore
3K Followers 470 Following CSIO, Palo Alto Networks. Inaugural member DHS CSRB, USAF Veteran. Former CrowdStrike, Mandiant, & IBM Security X-Force. All views my own.
ali @endingwithali
28K Followers 567 Following software engineer AVAIL FOR HIRE - content creator @ https://t.co/4vI4dOxzmn - threatwire host @hak5 - nyc - MIT - jewish
ELINT News @ELINTNews
341K Followers 2K Following Independent coverage & analysis of current geopolitical & geostrategic developments. Proxies & munitions. My opinions. RT/like/follow/media use≠endorsement.
Michael Burry Stock T... @burrytracker
398K Followers 124 Following Tracking hedge funds and Burry’s stocks. Powered by @joinautopilot_ join Autopilot to invest alongside Burry's portfolio
Warren Buffett Stock ... @BuffetTracker
187K Followers 22 Following Daily quotes, trades, and insights from Warren Buffett Burry Tracker @BurryTracker Pelosi Tracker @PelosiTracker_ Brought to you by @joinautopilot_
Craig Rowland - Agent... @CraigHRowland
11K Followers 313 Following Agentless Linux security. No endpoint agents and no drama. Linux malware, forensics, intrusion detection, and hacking. Founder @SandflySecurity.
OSINTtechnical @Osinttechnical
1.1M Followers 867 Following PAI enjoyer, OSINT guy @hntrbrkmedia, my views/freezing cold takes are my own. For full disclosures, visit https://t.co/JOtQx4pI3e.
OSINTdefender @sentdefender
1.6M Followers 1K Following Open Source Intelligence Monitor focused on Europe and Conflicts across the World. RT ≠ Endorsement. Want to Support my Work? https://t.co/PcUbewvWPr
Andrey Konovalov @andreyknvl
7K Followers 787 Following Security engineer at https://t.co/027VXUlgOx. Focusing on the Linux kernel. Maintaining @linkersec. Trainings at https://t.co/D5MrxmYimS.
greg @greg16676935420
1.2M Followers 510 Following im greg I like football and stocks and my birthday im from kentuckey. I'm a investor. I like to golf at the golf course. subscribe for just 10¢ a day ⤴️
linkcabin @LinkCabin
3K Followers 97 Following Works in Security. Social Democracy. Change the World or Nothing. Personal Account not my employers, my own views!
Chris Au @netero_1010
1K Followers 580 Following Red teamer, my tools for red teaming: https://t.co/j6Z018m09L, my blog to share offensive security stuff: https://t.co/MKvSTjpWoi
Is Now on VT! @Now_on_VT
4K Followers 802 Following Stay ahead of cyber threats. Get real-time alerts on notable APT/FIN/ORB indicators from VirusTotal. A threat intel project by @craiu.
Securelist @Securelist
19K Followers 1K Following The resource for Kaspersky experts' technical research, analysis, and thoughts.
Trends for United States
43,3 B posts
83,3 B posts
96,4 B posts
35,3 B posts
5.613 posts
4.078 posts
34,6 B posts
7.049 posts
6.160 posts
10,3 B posts
43,5 B posts
9.449 posts
3.333 posts
5.738 posts
6.810 posts
7.173 posts
1.494 posts
9.928 posts
4.858 posts
10 B posts
You might like
SarlackLab
@SarlackLab
572 Followers
name
@ionlyuselinux
45 Followers
m̶͍̺̈͝ŕ̴͇͔c...
@captainreacti0n
121 Followers
.dzeko
@ithedzeko
299 Followers
Joe
@hashtag1joe
48 Followers
David Kasabji
@roo7cause
290 Followers
Dan
@d778941
245 Followers
Jul Ismail
@Jul_Ismail
164 Followers