Andrew Pease @andythevariable
Elastic Security Labs Technical Lead. Lawful Neutral. Threat Hunting with the Elastic Stack author. Retired CW4. elastic.co/security-labs/… Joined May 2019-
Tweets489
-
Followers1K
-
Following291
-
Likes2K
YAAAHHHSSSS
As defenders it’s always interesting to see how TAs view the landscape vs. the commercial checkboxes. Iron sharpens iron, good red teams make good blue teams.
some detection/hunt rules to get started for SAP vuln CVE-2025-31324 : - JSP/JAVA/Class creation in the SAP IRJ dir. - Suspicious child processes indicating execution. github.com/elastic/detect…
Huh? That’s weird… what is that? It kind of looks like it’s a… new #cybersecurity report? 🤔 We’re excited about this one. Look out for more this week.
Sometimes naming intrusions and families can be tough - but sometimes TAs do all the hard work. Sorry Shelby's, but @soolidsnakee and @bluish_red_ had to put you to the canvas. #shelbyc2 #shelbyloader #ref8685
Sometimes naming intrusions and families can be tough - but sometimes TAs do all the hard work. Sorry Shelby's, but @soolidsnakee and @bluish_red_ had to put you to the canvas. #shelbyc2 #shelbyloader #ref8685 https://t.co/gPj6j9YLrg
The significant thing to note with the ABYSSWORKER intrusion is that this isn't just BYOD; it's BYO(Malicious)D, something that's not super common. Solid research and analysis by @cyril_t_f
The significant thing to note with the ABYSSWORKER intrusion is that this isn't just BYOD; it's BYO(Malicious)D, something that's not super common. Solid research and analysis by @cyril_t_f https://t.co/cLm5Nb4OXl
92 new OPEN, 106 new PRO (92 + 14) SocGholish, Lumma Stealer, REF7707, TA2726, NetSupport RAT, TA4903, TA399.... community.emergingthreats.net/t/ruleset-upda…
Elastic Security Labs researchers look into the REF7707 campaign targeting the foreign ministry of a South American country. The intrusion set utilized by REF7707 includes novel malware families such as FINALDRAFT, GUIDLOADER and PATHLOADER. elastic.co/security-labs/…
adapter.radiws[.]com app.radiys[.]com support.anyconnact[.]com cloud.online-wsus[.]net probably related with @elastic report on #REF7707 infrastructure, naming convention also matches found with @ValidinLLC pivoting on indicators report: elastic.co/security-labs/…
This is tremendously exciting. Bug bounty for rules - the commitment to openness and improvement continues. Iron sharpens iron.
This is tremendously exciting. Bug bounty for rules - the commitment to openness and improvement continues. Iron sharpens iron. https://t.co/ZCYH9BKmZC
Lets do an @elastic Behavior breakdown on this malicious #Python package, targeting #macOS, to include how we can detect and prevent threats like this featuring a sneak peek at one of the new data sources coming to our Elastic macOS agent very soon. Here is the link to the…
Cool research by @DefSecSentinel great walkthrough of these Python "coding challenges" that the DPRK is continuing to float around. elastic.co/security-labs/…
#ElasticSecurityLabs is introducing HexForge, our tool that enhances #IDAPro with manipulation capabilities built into the hex and disassembly views. HexForge makes it easy to copy and patch binary data and currently supports RC4, AES, ChaCha20, and XOR: go.es.io/4cTCME2
Another banger. Second part of the series. Dense, but I’ve not seen all this assembled together in the past.
Another banger. Second part of the series. Dense, but I’ve not seen all this assembled together in the past.
Brand new research on this newly discovered family. YARA, detection logic, rules included.
Brand new research on this newly discovered family. YARA, detection logic, rules included. https://t.co/mggY50QkKZ
To the engineers at CS and at the impacted organizations, thank you for the herculean work you're all doing.
To the engineers at CS and at the impacted organizations, thank you for the herculean work you're all doing.
Today was not a security or cyber incident. Our customers remain fully protected. We understand the gravity of the situation and are deeply sorry for the inconvenience and disruption. We are working with all impacted customers to ensure that systems are back up and they can…
> Elastic has pushed the defensive industry forward with their anomalous call stack detection logic that is a formidable challenge for modern red team operations. Thanks for the shout-out! We have plans to make your jobs even harder. 🙂 cobaltstrike.com/blog/cobalt-st…

Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Christopher Peacock @SecurePeacock
7K Followers 2K Following #PurpleTeam | Ex @RaytheonTech MSSP, @SCYTHE_IO, & @GD_OTS | Taught at BlackHat & DEFCON | #100DaysofSigma | Keep exploring, keep learning, and stay curious
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Devon Kerr @_devonkerr_
8K Followers 722 Following Director of Threat Research and @ElasticSecLabs team lead; custodian of secret histories. Posts are my own.
Daniel Stepanic @DanielStepanic
1K Followers 652 Following Malwarez at @elasticseclabs | Macrodata Refinement
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Tony Lambert @ForensicITGuy
6K Followers 1K Following Recovering sysadmin that now chases adversaries instead of uptime. Sr Malware Analyst @redcanary
The Haag™ @M_haggis
9K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.
James @jamesspi
1K Followers 538 Following Helping folk do security things with @elastic. Views are my own. Creator of https://t.co/FY2IQ2eAhe, https://t.co/aDuzYgUuYw, https://t.co/qz9J8Kb0v3 and https://t.co/eiiVHgqb5G
Gabriel Landau @GabrielLandau
4K Followers 707 Following Tech Lead @ Elastic Security. Thoughts are my own. Also @[email protected] & @gabriellandau.bsky.social
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
Paul Melson @pmelson
14K Followers 1K Following Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him
MR @malte_45
19 Followers 632 Following
saraogawa59 @saraogawa59
2 Followers 179 Following
canihazlogs @canihazlogs
2 Followers 241 Following
George Kaplan @vileraiment
27 Followers 490 Following
Qanon @qanonfree
0 Followers 4K Following
cra4sec @cra4sec5254
1 Followers 78 Following
Norbert @NB1r0
59 Followers 3K Following
Donald Zitzer @Zitzer1978
263 Followers 1K Following
solst/ICE @IceSolst
21K Followers 2K Following Pentester turned seceng turned meeting canceller - https://t.co/5hHG2R5lRS (-13$ ARR)
sudox @kmcnam1
12K Followers 3K Following CCIEx2 #50931 and a bunch of random paper. Opinions are my own and not the company I work. I guess I'm Green Arrow's daughter or something...
BenGraham_Edge🇺�... @Oojooli056
49 Followers 2K Following 15-30% Monthly | 2 High-Conviction Stocks.Short-Term Gains: 15-20% in Days/Weeks.DM "JOIN" for WhatsApp Alerts. Live Trade Signals • Market Analysis
cyberwarrior @lkcyberwarrior
167 Followers 3K Following
Hussein Sherafat @Hussein_Sherafa
234 Followers 6K Following
audityourcontracts @AuditUrContract
209 Followers 937 Following FAFO with security on and off chain.
The North Korean Comp... @dprkcert
3K Followers 469 Following Defend Tomorrow, Secure Today! Official Computer Emergency Response Team (CERT) for the Democratic People's Republic of Korea #NorthSide #NorthKoreaBestKorea
Thomas Moerkerken @moerketh
115 Followers 929 Following Software Engineer with a passion for open source and cloud-native technologies. DevSecOps | Blue Team
dexter @dexter79331247
0 Followers 2K Following
Johan @__thesaint
70 Followers 667 Following Computer nerd, Blueteam enthusiast, Infosec, IT-Security. Tweets about security in general.
Brad Proctor @bradproctor
979 Followers 2K Following Director of Operations at MAD Security | Husband, Father of Five, Captain Obvious Clone
丹丹律师有点色... @extzz45882114
63 Followers 32 Following 96年法律系女生🤵🏻♀️作为职业人员生活总是太多伪装,来X就是为了卸掉这层伪装🤗床下是端庄律师,床上是反差淫师😍想找一位长期固炮,不影响各自生活的前提下,释放压力满足内心的欲望🥰喜欢成熟稳重的男人,00后勿扰🚫不看私信🙅🏻♀️直接加我下方TG电报✈️
Robert Higham @rjhigham
35 Followers 214 Following Family Man || InfoSec Pro || Beer Craftsman || Knowledge Junkie
V0m17 My 50u1 @v0m17my50u1
3 Followers 128 Following
Chey Cab @CheyCab
34K Followers 9K Following Former lady cabdriver and owner of MSP car service Chey Car. Convicted of taco terrorism. 612-805-1295
cr0@Defensive-Securit... @cr0nym
3K Followers 2K Following Focus on Linux/Kubernetes Attack/Detection/Forensics/Incident Response/Threat Hunting/Active Defense. Learning hard every single day.
Infosec_james | Prote... @infosec_james
937 Followers 1K Following #Cybersecurity Consultant Former sub hunter & other #Navy stuff. Ask about #foster parenting. Он/Его
yongmuk cho @sdland43
0 Followers 20 Following
DINOSAUR TOYS @dinosaur_toys
5 Followers 79 Following 🦕 Cute, colorful, and full of roar-some fun! Our cartoon dinosaur toys bring big smiles and even bigger adventures. Perfect for little hands and wild
UwU Underground @uwu_underground
10K Followers 155 Following 🐴Pwnie Award Winning & Nation State funded psyop featuring 6 AI Anime Waifus and a Pup™ singing about APTs, Grifters, & Snake Oil in InfoSec 🖤🩷💚💙💜🤍
Vitor Caleffi @VitorCaleffi1
3 Followers 48 Following
bakhshiyev @bakhshiyevg
17 Followers 451 Following
Darren Webb ☠🕷 @spyd3r
1K Followers 7K Following Computational demonologist. The following tweets are classified SECRET GOLD JULY BOOJUM. 101 824 5150
Meruem @Meruem49839142
170 Followers 8K Following
Ahmed Naguib @naguib_ahmed
80 Followers 864 Following
Joniel de Andrade @nieltec
89 Followers 4K Following
이희찬 @khawahcoffee
7 Followers 257 Following
K @_kybernetic
1 Followers 175 Following
jbiers @jbierss
1 Followers 111 Following
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Nasreddine Benchercha... @nas_bench
11K Followers 1K Following Detection @Splunk & @cisco | previously @nextronsystems | @sigma_hq & @magicswordio maintainer | Eternal Learner
Elastic @elastic
64K Followers 178 Following Elastic is The Search AI Company. We bring together the precision of search and the intelligence of AI to accelerate results that matter.
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Unit 42 @Unit42_Intel
63K Followers 82 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
Mehmet Ergene @Cyb3rMonk
13K Followers 437 Following https://t.co/uAlYlXIpyV Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR @BluRavenSec | Microsoft Security MVP | #DataScience
Michael Koczwara @MichalKoczwara
23K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
blackorbird @blackorbird
35K Followers 671 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit #CTI Need Job
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
MalwareHunterTeam @malwrhunterteam
244K Followers 38 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
The DFIR Report @TheDFIRReport
62K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
Germán Fernández @1ZRR4H
35K Followers 461 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
hasherezade @hasherezade
89K Followers 910 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
This You? @Thiss_Youu
208K Followers 14 Following "We do a little trolling". DM or tag me for submissions.
The North Korean Comp... @dprkcert
3K Followers 469 Following Defend Tomorrow, Secure Today! Official Computer Emergency Response Team (CERT) for the Democratic People's Republic of Korea #NorthSide #NorthKoreaBestKorea
Midjourney @midjourney
401K Followers 0 Following A community supported research lab - exploring new mediums of thought and amplifying the imaginative powers of the human species.
Adhithya Suresh Kumar @amun_rha
687 Followers 1K Following Detection Engineer @SentinelOne | Reverse Engineer | Former Lead & CTF Player @teambi0s
tonghuaroot @tonghuaroot
449 Followers 3K Following Staff Security Engineer. Cyber Security enthusiast, not Hacker. Focus on Application Security, Penetration testing. #OSCP #OSEP #RedTeam #AppSec #WebSec
Magic Sword @magicswordio
453 Followers 24 Following It Ends with Us! ⚔️Watch 📺 https://t.co/zofSxbxVDA Follow 🥷 https://t.co/kGRIGi9ayg Read 📓 https://t.co/Q4AbyyDfjR
MA5K CEO @Nobbie_OCs
49K Followers 1K Following OCs and Fictional military posting DM for credit/removal (sorry in advance) PFP by @TheGraffitiSoul banner by @matthewo1o Sources in alt text
Simone Margaritelli @evilsocket
47K Followers 2K Following Music, cybersecurity, open source and AI • Author of bettercap, pwnagotchi, opensnitch, bleah, legba and a few other things.
Luke Miller @CloudSecLuke
69 Followers 471 Following Husband, Father, USAF Vet, Senior Security Engineer, volunteer @OhioCyber
Conspiratorial Templa... @mynamehear
21K Followers 7K Following They did it. You know who. THEM. Vote blue. Democracy vs. dictatorship should not be a difficult choice.
security_dumpster @securitydumpstr
150 Followers 340 Following 303: @ https://t.co/I4aYuNOKKY Life long snowboarder and opportunist threat hunter | my views are my own
Morgan Demboski @MorganDemboski
1K Followers 702 Following Cyber Threat Intel Analyst 🏹 @Sophos | A self-proclaimed expert in cyber & geopolitics (opinions = my own)
Mudge @dotMudge
63K Followers 337 Following Make a dent in the universe. Find something that needs improvement: go there and fix things. If not you, then who? {he/they}
Tavis Ormandy @taviso
130K Followers 631 Following Vulnerability researcher at Google. This is a personal stream, opinions expressed are mine. I'm also @[email protected]
Shooter McGavin @ShooterMcGavin_
659K Followers 57 Following Former #1 golfer in the world and an all-around bad guy.
Star Wars Holocron @sw_holocron
234K Followers 3K Following Hub for Star Wars news, reviews, trivia & more! Other accounts: @mar_tesseract @DCMotherbox @horrornecronom @theHolofiles. Contact: [email protected]
Daniël 💫 @senattoramidala
1K Followers 506 Following Revenge of the Sith enthusiasts 🚀 met Hayden Christensen 1x • he/him • swagmin follows 🫶 #YordHorde
Vader's Order @VadersOrder
20K Followers 586 Following • Star Wars YouTuber (400k+) • For business inquiries: [email protected]
Star Wars Only @StarWars0nly
28K Followers 100 Following
ADHD Memes @ADHDForReal
336K Followers 189 Following Sharing our neurodivergent experiences helps us realize that we are not alone. Most memes are on ADHD, some are on Autism and others are just me being silly.
Julian-Ferdinand @JulianVoeg
826 Followers 410 Following Threat Research @RecordedFuture. Formerly @SecReLabs. He/Him. 🏳️🌈 [email protected]
Aleksandar Milenkoski @milenkowski
2K Followers 586 Following Threat Research | Threat Intelligence | PhD | European Commission Marie Curie Research Fellow 2011-2014 | Personal Profile | 🇩🇪
shirts that go hard @shirtsthtgohard
1.3M Followers 771 Following DM for credit! I tag original creators whenever possible. Designs I sell are my own. We’re @/goodshirts on IG!
Dark Web Informer @DarkWebInformer
129K Followers 60 Following Providing Cyber Threat Intelligence from the Dark Web & Clearnet: Breaches, Ransomware, Darknet Markets, Threat Alerts & more. https://t.co/Fi7VW9lg94
Eman Esfandi @EmanEsfandi
23K Followers 75 Following All that I do, I do with love… ya heard! @dragonwulf_army
Caleb 💥📽 @Indyoda013
2K Followers 1K Following Dave Filoni of TikTok | Skeleton Crew Guy | Aussie Creator | ✉️ = [email protected]
mel 🪐 ROTS 20TH @rotsanakins
5K Followers 660 Following #ANAKIN — this is where the fun begins | fan account
QG Jenna 🖤 @QuiGonJenna
11K Followers 3K Following Hi, I'm Jenna. 🖤 36. Mom. More than a little obsessed with the galaxy far, far away. ✨ (she/her) We celebrate all Star Wars here. 🫶
sage⁵⁰¹ 💌 tbb... @ahsokasgoggles
6K Followers 3K Following #THEBADBATCH — eyes full of stars, hustling for the good life 💫🌚🪐 star wars lover | new york rangers enthusiast | taylor swift listener
Plokool811 @Plokool811
6K Followers 7K Following we’re expendable, sir. not to me. Star Wars, f1 and gaming. positive chat only.
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Phone Wallpapers @PhoneWaIlpapers
1.1M Followers 1 Following Best Phone Wallpapers on the internet | DM for inquiries/credit
JetLabs @heyjetmedia
18K Followers 808 Following The new age of media - powered by AI. A network of newsletters with over 3 million subscribers.
Thales of Florida @FloridaThales
6K Followers 1K Following One of the Seven Synthwave Sages of Florida
Chris Hallbeck @ChrisHallbeck
18K Followers 922 Following Cartoonist. Animator https://t.co/3FyEcO3sb0