Greg Leah @powershellcode
Hunting #malware and #C2 frameworks. British Columbia, Canada Joined January 2018-
Tweets240
-
Followers722
-
Following1K
-
Likes464
Join me at @BSidesVancouver on May 26 for my workshop "Precision #ThreatHunting: Unveiling Adversary Infrastructure using Free and Open Source Tools," designed to teach participants techniques for discovering and analyzing adversary infrastructure. Only 6 seats left! #OSINT
0
3
3
2K
0
Download Image
Excited to present "ChatGPT for Security Analysts" at #BSidesCalgary tomorrow! I will be exploring using AI to streamline #securityanalyst workflows - from #malwareanalysis to #threatintelligence and #threathunting. See you there! #ChatGPT #AI
Greg Leah retweeted
Don't miss the chance to speak at BSides Vancouver Island! The CFP is closing this week, we want to hear from you. Apply now at bsidesvi.com/callforpapers.… and get ready to rock the stage!
Some additional #IcedID #malware IPs from a related .pdf campaign: 80.77.23[.]154 80.77.23[.]155 80.77.23[.]170 80.77.23[.]176 80.77.23[.]64 91.240.202[.]190 91.240.202[.]195 pdf name: Document_[mm_dd]_[number].pdf
Did some hunting based on this excellent share by @0xperator and was able to find another active #Rhadamanthys #Stealer #c2 panel: hxxp://185.228.234[.]189:443/admin/console/index.html cc @ViriBack @0xrb
Greg Leah retweeted
Interesting shift for #Vidar C2 servers: some communications occur on the port 11111 (why?) Malware builds still use profiles on Telegram and Steam as Dead Drop Resolver. Recent C2: 116.203.2.]149:11111 116.203.220.]83:11111 95.217.246.]227 116.203.240.]51 116.203.15.]24
If you are interested in learning more about how you can use #ChatGPT for #cybersecurity investigations, check out my talk "ChatGPT for Security Analysts" at @BSidesVancouver next weekend. Pumped for the legendary Keynote speaker @mikko! sites.google.com/fourthplanet.c…
Great analysis of #Aurora Stealer and primer on #reversing #golang #malware
Great analysis of #Aurora Stealer and primer on #reversing #golang #malware
If you are not able to be in Strasbourg this week for @Botconf, you can tune in to the livestream here. Some high quality #malware and #botnet talks on the agenda this year! #cybersecurity #cybercrime #botnets #reverseengineering #malwareanalysis youtube.com/live/XPXhnj8nX…
Greg Leah retweeted
Interesting change in #Vidar infostealer C2 traffic. Instead as part of the multipart payload, the Id, Token and hwid are now sent as part of the header. Sample: tria.ge/230222-yxyhdsf…
I've had a few people ask me recently where is a good place to get started with #MISP threat information sharing platform. If you are looking for a very detailed intro to MISP, I highly recommend this video series from @FIRSTdotOrg: youtube.com/watch?v=-NuODy… #threatintelligence
Greg Leah retweeted
If you've ever wondered what an active SmokeLoader malware campaign looks like, see attached images below
Greg Leah retweeted
The authors of #BumbleBee released a new version of their bot, which includes a new command: “plg” (plug-in?). For now, it has the same functionality as command “dij” (download, inject). We suspect that this malware family is being modularized like #TrickBot. #ESETresearch 1/5
"If you can reliably detect the precursors to a modern ransomware attack, you can reliably detect a whole bunch of other interesting stuff" - @markaorlando #BlueTeamSummit
Excited to be a part of the growing #cybersecurity ecosystem in British Columbia! link.medium.com/8eAfs9Lgvob
JAMESWT @JAMESWT_WT
37K Followers 507 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
Kimberly @StopMalvertisin
16K Followers 624 Following Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop Malvertising
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
💻 Sherrod DeGrippo... @sherrod_im
36K Followers 7K Following Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.
TG Soft @VirITeXplorer
3K Followers 1K Following Italian Software House active in antimalware research and antivirus development since 1992. VirIT eXplorer is the name of our antivirus suite.
Paul Melson @pmelson
14K Followers 1K Following Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him
Frost @fr0s7_
5K Followers 1K Following
bughra @bughra
27 Followers 296 Following cybersecurity & programming enthusiast | free and open source software supporter
Przemek Skowron @evilrez
944 Followers 2K Following Move && Eat && Hunt && Repeat. My tweets are my own.
Yeizus @cagrikarakus25
15 Followers 147 Following
t3lln01 @FiliaggiSimone
12 Followers 318 Following
Ordaepar @Ordaepar8800
26 Followers 969 Following
AIT ICHOU Mustapha @MustaphaAitIch1
44 Followers 484 Following Cybersecurity Analyst | Blue Team Specialist | Threat Hunting | Malware Researcher and Analyst
Kingteti Hos @KingtetiH87478
0 Followers 38 Following
Cyber Hash @Cyber__Hash
0 Followers 16 Following
m.HRAAR @hammamtech
20 Followers 305 Following
f1cti0nal @f1cti_nal
8 Followers 213 Following
darmen @darmenew
6 Followers 292 Following
Bean Mic @mic_bean19867
0 Followers 141 Following
www.AntiHackersWallet... @AHWalletsOS
0 Followers 397 Following #CyberIntelligence #RisksIntelligence #threatsIntelligence #maliciousIntelligence #dangerousIntelligence #ransomwareIntelligence #AnonymousIntelligence
DividendAristo🇺�... @Ievrarwe749290
65 Followers 2K Following 15-30% Monthly | 2 High-Conviction Stocks.Short-Term Gains: 15-20% in Days/Weeks.DM "JOIN" for WhatsApp Alerts. Live Trade Signals • Market Analysis
Blackwell @Blackwell161469
0 Followers 63 Following
Raphaelthief @raphaelthief
2 Followers 68 Following
Mergen @rhlisna19
3 Followers 139 Following
Vinit Tyagi @In_CyberSoldier
613 Followers 6K Following BJP|RSS-Nager IT Pramukh (Noida), Assistant Vice President-CTI, Ex-Army,MBA|CISM,CHFI,CEH,Security+,ISO Audits,GRC,Malware & Dark Web Research,Cyber Law SPL.
Yannick Boog @YannickBoog
79 Followers 5K Following
Nasir Ryan @NasirRyan475564
75 Followers 4K Following
Jingtao Hu @jingtao99690
3 Followers 33 Following
zzcyber @zhdcybersec
0 Followers 68 Following
Moonbeom(Daniel) @krNeoTra
937 Followers 574 Following CPO(Chief Product Officer) at 78ResearchLab, Hacking incident analysis, Digital Forensic, Research on hacking technique, Profiling hacking source.
Amelia @kakiharana6155
76 Followers 7K Following
5thD_Operator @5thD_Operator
20 Followers 1K Following Cyber, OSINT, Drones, BCGs, Golf, Bikes and Futbol.
Matteo @sicuromatteo91
0 Followers 27 Following Solo un ragazzo che naviga nell'internet. Niente vita sociale, solo codice e caffé. Ci si sente un po' così così ma si debugga un giorno alla volta.
Kevin @z02043035
30 Followers 777 Following
aflaton lemour @4f95346
0 Followers 20 Following
Kael Mend @kael_mend95563
1 Followers 20 Following
chebbiabir @abiirchebbii
122 Followers 842 Following Cyber Security Engineer Cyber Security Writer @ https://t.co/em7VmlGDqk
hend ajabi @Kaizenien
1 Followers 44 Following
Jitendra Kr @i_m_Jiten
35 Followers 264 Following
Tosmirhoy @TosmirhoyTPmeM
39 Followers 5K Following
GoldM0n @G0ldm0n
73 Followers 2K Following
Kai @IAmKai69
0 Followers 94 Following
Franco Crucco @Heciel
2 Followers 100 Following
0day @requireusr
46 Followers 151 Following
BonziBuddy @budd80873
0 Followers 71 Following
spider @LulleLullu63135
132 Followers 3K Following
searchingengine @searchinge46952
0 Followers 17 Following
Massimiliano Bruno @Massi_Bruno92
0 Followers 35 Following
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
MalwareHunterTeam @malwrhunterteam
244K Followers 38 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
ςεяβεяμs - м�... @c3rb3ru5d3d53c
25K Followers 243 Following 💕 Malware Hunter Killer 💕 #binlex & #mwcfg Developer 📽️ YouTuber 👩💻 She/Her 💍@DravenSwiftbow Support my work 👇 ☕️ https://t.co/NoM1TXq00P
Gi7w0rm @Gi7w0rm
18K Followers 801 Following Threat Intelligence Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8p 🇪🇺🇩🇪🇺🇦🌈
JAMESWT @JAMESWT_WT
37K Followers 507 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Max_Malyutin @Max_Mal_
13K Followers 310 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Virus Bulletin @virusbtn
60K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Germán Fernández @1ZRR4H
35K Followers 461 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher en https://t.co/rDrSxZASB3 | @CuratedIntel Member | 🥷🧠🇨🇱
Dmitry Melikov @DmitriyMelikov
2K Followers 322 Following Threat Researcher @AWNetworks #cti #apt Former Threat Researcher @BlackBerry, @InQuest
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Alexandre Dulaunoy @a... @adulau
8K Followers 7K Following Enjoy when humans are using machines in unexpected ways. I break stuff and I do stuff. @[email protected]
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Coral Jasmine @Fact_Finder03
309 Followers 234 Following
Cyber Ghost @CyberGhost13337
283 Followers 1K Following Hacker - Reverse Engineer - Malware Analyst - PWN lover https://t.co/f0z8MFOf9E
offensivecon @offensive_con
26K Followers 2 Following OffensiveCon Berlin is a technical international security conference focused on offensive security only. Organised by @Binary_Gecko. Stay tuned #OffensiveCon26.
DaveTheResearcher @DaveLikesMalwre
1K Followers 149 Following Threat Hunter | CyberSecurity Researcher | IOC Dealer |
Moonbeom(Daniel) @krNeoTra
937 Followers 574 Following CPO(Chief Product Officer) at 78ResearchLab, Hacking incident analysis, Digital Forensic, Research on hacking technique, Profiling hacking source.
Aaron Jornet @RexorVc0
4K Followers 396 Following Threat Researcher at @socradar | Malware Researcher | Threat Hunter | CTI ¦ Former @ElevenPaths @Panda_Security
Lontz @lontze7
1K Followers 422 Following Threat Intel Researcher. Opinions are mine. Special thanks to @censysio , @ValidinLLC & @ReversingLabs for making my research easier.
Michael Schwartz @schwartzonsec
635 Followers 562 Following Director of Research and Threat Analysis @ Censys. Knows Kyle Davis.
ZachXBT @zachxbt
905K Followers 2K Following Scam survivor turned 2D investigator | Advisor @paradigm
Spamhaus @spamhaus
9K Followers 129 Following Strengthening trust and safety across the Internet, by being the authority on IP and domain reputation. Mastodon: @[email protected]
ceroshell @ceroshell
531 Followers 14 Following Reverse engineering on #botnets | #IOC's collector | Fighting #threatactors. Call me "Red" or "Zero".
OnlyScans @only_scans
228 Followers 20 Following Nothing is out of our reach. An Internet wide scanning project
LaurieWired @lauriewired
98K Followers 280 Following researcher @google; serial complexity unpacker; https://t.co/Vl1seeNgYK ex @ msft & aerospace
Luke (datalocaltmp) @datalocaltmp
1K Followers 556 Following mobile reverse engineering, vulnerability research, using lldb
WatchingRac @RacWatchin8872
2K Followers 195 Following Threat Intelligence. My Opinions Thanks @silentpush, @censysio, @ValidinLLC, @anyrun_app for making my research easier.
keiver @keiver
2K Followers 5K Following frontier operator, energy abundance, deep-tech research, wellness stacks, 1 acre, 100-year plan ⚕️@elasticenergy_ 🇨🇦 born lucky
Suweera DeSouza @sud0suw
457 Followers 751 Following
Alex Delamotte @spiderspiders_
1K Followers 1K Following Threat Researcher @ SentinelLabs. Resident of Las Vegas. Unabashed Futurist. Probably a Shiny Pokémon in human-like form. Opinions are mine.
Dan Le @danle
788 Followers 3K Following Cybersecurity as a Service for defense fintech, healthtech, startups. 🦄 We make security & compliance easier. 😌 Founder of @RedCupIT 📍 SF
Kai Iyer @kaiiyer
86 Followers 77 Following Security Engineering @amazon | Privacy Advocate | Breaking the Limits
Cyber Team @Cyberteam008
3K Followers 61 Following Threat Hunting | APT Tracking | Malware Analysis | Darkweb Monitoring "Unity is Strength"
Intel-Ops @Intel_Ops_io
2K Followers 4 Following Adversary Infrastructure Hunting & Training Curated Threat Intelligence Feed (Coming Soon) https://t.co/N9OKrTrvV0 https://t.co/3YFZfEbgpI
Prescient @PrescientTweets
274 Followers 192 Following Due Diligence and Investigations firm providing enterprise-wide risk insights for domestic and int'l clients. #duediligence #investigations #compliance
INNOVATEwest @IWConfExpo
97 Followers 15 Following With 100+ speakers, 1000's of attendees and an expo floor showcasing the latest in tech & innovation, don't miss the tech event of 2024 here on the west coast.
Is Now on VT! @Now_on_VT
4K Followers 788 Following Stay ahead of cyber threats. Get real-time alerts on notable APT/FIN/ORB indicators from VirusTotal. A threat intel project by @craiu.
Threat Intelligence @threatintel
114K Followers 372 Following Symantec's researchers bring you the latest threat intelligence from the IT security world.
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Traction Conf @TractionConf_io
2K Followers 2K Following Learn hypergrowth secrets from the biggest names in tech. Hosted by @boastcapital & @launchacademyhq
geech 👽👾 @captainGeech42
1K Followers 2K Following cybercrime connoisseur and synapse fanboy | hax @OSUSEC | tweets my own | @[email protected]
IronNet Threat Resear... @IronNetTR
948 Followers 38 Following Transforming NDR through Collective Defense Interested in a trial or demo of IronRadar? Reach out to [email protected]
Dan Perez @MrDanPerez
4K Followers 1K Following 🇨🇳Mission TL @Google | #Malware Naming Wizard | #Attribution Connoisseur | All tweets are my own. #ThreatIntel #APT
Security BSides Athen... @BSidesAth
2K Followers 542 Following 0x0A | Security BSides Athens, Greece | #BSidesAth | Saturday 27 June 2026 | #InfoSec, Ethical #Hacking, #Cybersecurity | Conference/talks are in English
Invoke RE @InvokeReversing
2K Followers 93 Following Empowering you to take on today's toughest threats.
Ahmed Khalil @Ahmed_MI_Khalil
26 Followers 291 Following
Grumpy Goose Labs @grumpygooselabs
26 Followers 2 Following Cybersecurity Research | Mess with the Honk, Get the BONK!
PIVOTcon @pivot_con
933 Followers 276 Following Threat Research Conference in Europe - Malaga, Spain - 7-9 May 2025. #StayTuned #ComingSoon #PIVOTcon #PIVOTcon25
Vancouver Internation... @VIPSSummit
400 Followers 657 Following 🛡️ Educating #Privacy #Security & #NationalSecurity Professionals 👉 Upcoming conferences: 🎟️ VISS Summit: https://t.co/gOEER9t3vd
FalconFeeds.io @FalconFeedsio
59K Followers 783 Following Democratizing Cyber Security. Threat intelligence platform for Cyber Security professionals and business. For API integration contact: [email protected]
Nicolas Caproni @ncaproni
8K Followers 4K Following Head of @sekoia_io Threat & Detection Research (TDR) Team #SOCplatform #XDR #SIEM #CTI #TIPTrends for United States
42 B posts
5.795 posts
71,1 B posts
27,4 B posts
20,4 B posts
1,21 Mn posts
3.095 posts
19,2 B posts
4.660 posts
3.165 posts
19,1 B posts
2.071 posts
11,3 B posts
9.801 posts
8.584 posts
31,3 B posts
2.876 posts
52,3 B posts
20,4 B posts
You might like
J.A.R.V.I.S
@peppermalware
2K Followers
Johann Aydinbas
@jaydinbas
2K Followers
dao ming si
@dms1899
1K Followers
Digital_Monet
@aRtAGGI
2K Followers
Daniel Plohmann
@push_pnx
4K Followers
Dodge This Security
@shotgunner101
7K Followers
AmitaiBs3
@AmitaiBs3
573 Followers
The Banshee Queen👑
@cyberoverdrive
2K Followers
Catch all the Malwa
@MalwareCantFly
2K Followers
Albert Zsigovits
@albertzsigovits
2K Followers
w1mp1
@w1mp1k1ng
753 Followers
Keith KorbenD Wingo
@KorbenD_Intel
1K Followers
Antonio Pirozzi
@_antoniopirozzi
795 Followers
lc4m
@luc4m
4K Followers
Davide Setti #netneut...
@SettiDavide89
801 Followers