[email protected] @tas_kmanager
☁️🛡️ opinions are mine. food, music and astrophotography when afk. @TheDFIRReport @CuratedIntel #ThreatHunting #DetectionEngineering #DFIR #CloudSecurity github.com/tas-kmanager 🍁 Joined September 2018-
Tweets267
-
Followers837
-
Following2K
-
Likes3K
🎁 Today I'm giving away 3 of our DFIR Labs! 🎁 To enter: ✅Follow me ✅RT & Like this post ✅Reply with which case you'd like to take The winners will be selected in 24 hours. #Giveaway
🎁 Today I'm giving away 3 of our DFIR Labs! 🎁 To enter: ✅Follow me ✅RT & Like this post ✅Reply with which case you'd like to take The winners will be selected in 24 hours. #Giveaway
Happening now at #New2CyberSummit: @tas_kmanager and Sylvain Lu share a day in the life of detection engineers. Hear this talk: sans.org/u/1uk7 #CybersecurityJourney
Would you be interested in testing LSASS dumping simulation ? 🚀 Testing script is available ↓ ↓ ✅ Simulation : github.com/LearningKijo/R… #MDE #EDR #MDAV #EPP #MicrosoftSecurity
Got a new blog out today with some ideas around hunting for cloud session anomalies - I think this is a super relevant topic with cookie/token theft TTPs being all the rage these days! sumologic.com/blog/hunt-clou…
Easily one of the best articles I've read this year! @cnotin: medium.com/tenable-techbl…
After running the script, these alerts were generated and correlated into a single incident in Microsoft Defender XDR portal. ✅ Simulation : github.com/LearningKijo/R…
🚀Major Update: EDR Telemetry Project🚀 I updated the EDR Telemetry Project to make the table accessible for color vision deficiencies, map all sub-categories to Mitre ATT&CK and more. (Read below👇) Many thanks to all who contributed to this major update! Here are some…
NEW: Microsoft "Applied Skills" is a way to test your knowledge in a lab environment. One of the best ways to learn technology is with hands-on lab environments like this. I completed "Configure SIEM" using Sentinel - it has my endorsement for those wanting to learn Sentinel.…
🐳 Docker Security – Step-by-Step Hardening (Docker Hardening) One of the most detailed guides I've ever seen 🔥 Covers hardening steps for the Docker Host, Docker Daemon, images, and containers reynardsec.com/en/docker-plat…
As part of the expanded default logging in Microsoft 365, we worked with CISA and other partner agencies to jointly develop the Microsoft Expanded Cloud Log Implementation Playbook to help defenders. It will be available soon, more information here - techcommunity.microsoft.com/t5/public-sect…
New Blog! Lessons from the iSOON Leaks blog.bushidotoken.net/2024/02/lesson…
Forensics can be hard, especially when you don´t know where to gather your artifacts. The following article dives into the basics of O365 artifacts and where to find them. - A handy, simple overview. techcommunity.microsoft.com/t5/microsoft-s… #CyberSecurity #O365
If you have a growing interest in OAuth, tokens and Microsoft Graph and all those good things, have a look at the Microsoft Graph collection for Postman. It can help you get going with token acquisition and using Graph endpoints - learn.microsoft.com/en-us/graph/us…
Microsoft, in collaboration with OpenAI, is publishing research on emerging threats in the age of AI, focusing on identified activity associated with known threat actors Forest Blizzard, Emerald Sleet, Crimson Sandstorm, and others. Learn more: msft.it/6012cDvJs
Don't miss this upcoming #New2CyberSummit talk! 🎤 Detection Engineers Unveiled: A Day in the Life and the Path to This Exciting Career 👥 Mangatas Tondang (@tas_kmanager) and Sylvain Lu ✍️ Join us on April 4 for Free Live Online: sans.org/u/1uk7
Another great write-up by @lontze7, this time on bringing together Cyber Kill Chain, the Diamond Model and MITRE ATT&CK for an enhanced incident reporting. #ThreatIntel #CTI medium.com/@s.lontzetidis…
Come work with us on the core threat intelligence team: “The Microsoft Threat Intelligence Center (MSTIC) is recruiting experienced nation-state threat hunters – with highly honed threat intelligence analysis skills.” LFG: aka.ms/msticjobs Please DM me if we have worked…
Come work with us on the core threat intelligence team: “The Microsoft Threat Intelligence Center (MSTIC) is recruiting experienced nation-state threat hunters – with highly honed threat intelligence analysis skills.” LFG: aka.ms/msticjobs Please DM me if we have worked… https://t.co/NjiFl0Q6Zq
Hunting M365 Invaders: Blue Team's Guide to Initial Access Vectors #DFIR splunk.com/en_us/blog/sec…
Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilKostas @Kostastsale
16K Followers 364 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦DebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsJamie 🔜 RSAsí �.. @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.Thomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my ownCD-R0M @CD_R0M_
1K Followers 1K Following IR @Mandiant | Interested in #DFIR and #ThreatIntel | Tweets attributable to me and not my employerChristopher Peacock @SecurePeacock
6K Followers 2K Following Purple & Blue Teamer | Ex @RaytheonTech, @SCYTHE_IO, & @GD_OTS | BlackHat Course Author & Instructor | DEFCON #PurpleTeam Workshops | #100DaysofSigmaMatt Zorich @reprise_99
11K Followers 2K Following @Microsoft GHOST 👻 | https://t.co/HWozKuj5IQ | Tweets are my ownTony Lambert @ForensicITGuy
5K Followers 1K Following Recovering sysadmin that now chases adversaries instead of uptime. Sr Malware Analyst @redcanaryRyan "Chaps" Chapman @rj_chap
7K Followers 3K Following DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP TwitterAllan “Ransomware S.. @uuallan
16K Followers 6K Following @RecordedFuture CSIRT || Ransomware Researcher || Certified Sommelier || Author || Comic Book CreatorEric Capuano @eric_capuano
10K Followers 3K Following Director @limacharlieio | Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yCVDASYk8s | ⬡Zach @svch0st
4K Followers 1K Following Everything DFIR @TheDFIRReport | @CuratedIntel |@CyberCX https://t.co/ggakuKBS0SMax Rogers @MaxRogers5
3K Followers 1K Following Sr. Director, Security Operations Center @HuntressLabs | Ex-Mandiant/FireEye | Amateur Runner | Solving Cyber Security for Small & Mid-Sized BusinessesCurated Intelligence @CuratedIntel
13K Followers 108 Following Bringing together intelligence researchers and incident responders. #TrackThePlanetAnton @Antonlovesdnb
4K Followers 3K Following Blue Team stuff | Trying to be a decent human being | @munkschool Grad | Threat Research @SumoLogicAlessandro Di Carlo @samaritan_o
2K Followers 1K Following Forensics & Product Manager at @Certego_IRT - @TheDFIRReport Analyst - 3x @SANSInstitute Lethal Forensicator - GCFA - GASFsky @0x0aSky
177 Followers 2K Following French CTI analyst. My interests, OSINT, CTI, IR, forensics and new technologies. Opinions are my own.annumeena @annumeena19
62 Followers 4K FollowingCyberSOCCommand @CyberSOCCommand
0 Followers 14 FollowingJohn @johnlimwtf
84 Followers 54 FollowingTheWebWeasel @TheWebWeasel
3 Followers 162 Followingeveryall @Everyall0101
5 Followers 153 FollowingCyberclutter @Cyberclutter
1 Followers 16 Following cyber blog covering cyber topics anywhere from cyber attacks to gaming…… follow for daily updatesRuffLandings @RuffLandings
17 Followers 1K Following Dogs. Aviation. Cybersecurity. Not necessarily in that order. @[email protected]Storm Booe @booestorm1
100 Followers 841 Following Just here to read about nerd things and talk trash about sports. Maroon and gold glasses wearing Gopher wrestling fan and fan of all MN sports.ak1001 @ak100117
81 Followers 651 Following Malware Analyst | Reverse Engineer | Security Research https://t.co/Kq7TRiAQM0Josh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇Karlis Kripens @KarlisKripens
56 Followers 45 FollowingMary Selles @mcselles
163 Followers 5K Following ⌨SysAdmin Soul🖱💕 turned into Security & TI🕵️. 😈Curious about criminal minds ✨ Crazy about TAs, TTPs, M4lware and T00ls. 🌍🚀Tweets are my own 💫cscfufo @cscfufo
27 Followers 2K Following1nternaut @1nternaut
1K Followers 5K Following Hero with a KAPE🦸. Also known as the Gordon Ramsay of Digital Forensics 🕵️. #APT #DFIR #4n6 #BlueteamBalázs Gavallér @BalazsGava71881
10 Followers 39 Followingy0uf0ol @y0uf0ol
85 Followers 512 Following Founder of https://t.co/xWZVJTOyL8 | Microsoft Security Dude | Machine Learning Hobbyist | #EDR #SIEM #AIEzsecurity @Ezecurity
1 Followers 139 FollowingRice Eater @planktonnz
45 Followers 237 Following if you will suck my soul, I will lick your funky emotionJake Knowlton @j2k3k
2K Followers 2K Following @Mandiant | Board member at @VeteranSec | https://t.co/6nviinvBUQ | tweets are my own | Ask me why I hate Andrew NorthernNsk @nsk_offl_
315 Followers 3K Following Director🎬& Lyricist of Kattravai Katrapin & Onedaykadhalan CyberSecurity Analyst,Travel freak, Ardent Suriya ❤ Jo,Maddy🤩,VJS😍 Fan,CR7MSD Fan🤟,Maduraikaran😎Bhavin Patel @hackpsy
348 Followers 846 Following Threat Research Team @splunk Maintainer of #atomic-red-teamandrew danis @andrewdanis
2K Followers 916 Following DFIR | threat intel | detection engineering. @halo player for @Vyrus_eSports. vocalist.Kijo Ninja @kj_ninja25
2K Followers 87 Following Security Engineer @Microsoft - EDR, XDR, KQL, ThreatHunting | #Triathlete 🏊♂️ 🚴 🏃♀️ National Team (Age group).. or KJ Ninja 🥷 My tweets are my ownAomine @iValac_
0 Followers 77 FollowingNev @Invest_gate4sec
143 Followers 820 Following OSINT/INVESTIGATEUR | Cyber SECURITY | International Security Management Certified MOOCzoharbuber @zoharbuber
77 Followers 1K Followingice @ice98079542
105 Followers 2K Followingroro - [email protected].. @malwr_
314 Followers 2K Following Threat Intelligence Specialist with experience in #Telecom and #Banking sectors. Currently leading #CTI team @ MSS providerKnappresearchlabs @knappresearchlb
293 Followers 875 Following Cyber Defence and security research enthusiast. KQL n00b, Fake it till you make it. https://t.co/oGKYfhn9kIDraaijer_Melvin @draaijer_melvin
2K Followers 2K Following keep yourself up_to_date with #cyber news everyday. 🩵🌊🩵🌊🩵🌈🌈 Cyber security journalist at @ME_Corridors #OSINT #information #network #cybersecurityMauro Croci @Mauro_Croci
106 Followers 838 Following IT Pro, Blue Team, Opinions are my own. Physical Chemistry PhD, MAS MTEC, CISSP, GCFA , GCTI, GNFA @[email protected]Michael Gray @msg76710
193 Followers 884 Followingskrappy0x4a @skrappy0x4a
237 Followers 1K Following Head of SecOps | War Vet | Not Popular/Cool | Learning Russian 1 incident at a time | 🏍🦑 | BJJ ◧◧◧ghost @AnonGhostD07
963 Followers 2K Following Infosec and tech geek IT manager and father anonymous family #OpChildSafety #OpPedoHuntLastY @LastY987261
5 Followers 93 FollowingBastii717 @bastii717
53 Followers 335 Following Security Analyst | IT-Security | Infosec | DFIR | Team Blue @[email protected]Brendan Chamberlain @infosecb
807 Followers 624 Following Threat Detection Engineer | detection & response | automation | macOS security | awesome-detection-engineering, LOOBins https://t.co/n7Z3eDHFJULewis @lewsecurity
319 Followers 665 Following IR, malware, threats and intelligence research. Doing security @Microsoft. Based in the UK. (Opinions my own).B3@ut1fuL @b3ut1fu
0 Followers 1K FollowingFlorian Roth @cyb3rops
180K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇vx-underground @vxunderground
291K Followers 211 Following The largest collection of malware source code, samples, and papers on the internet. Password: infectedWill @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilKostas @Kostastsale
16K Followers 364 Following @TheDFIRReport member | Tweeting and following mostly #ThreatIntel,#malware,#IR & #Threat_Hunting. Opinions are mine only! 🇬🇷🇨🇦The DFIR Report @TheDFIRReport
53K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2wNasreddine Benchercha.. @nas_bench
10K Followers 1K Following Detection @nextronsystems | @sigma_hq & LOLDrivers maintainer | Avid learner and passionate about all things #Detection #SigmaKatie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]DebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFAndrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsJamie 🔜 RSAsí �.. @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.SwiftOnSecurity @SwiftOnSecurity
403K Followers 9K Following computer security person. former helpdesk.4n6lady @4n6lady
57K Followers 694 Following #DFIR & #BlueTeam | IR & Threat Detection | #OSINT enthusiast | waiting for HL3 | AWS CIRT - my views are my ownThomas Roccia 🤘 @fr0gger_
25K Followers 2K Following Sr. Threat Researcher @Microsoft, Malware Warlock, Threat Intel, Python🧡- Former @McAfee_labs, Goon @Defcon, Creator of #UnprotectProject - Tweets are my ownDave Kennedy @HackingDave
207K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Podcast. Fam First/Hacker/CSO/USMC/Intel/Fitness. Motto: Make world a better placeChris Sanders 🔎 �.. @chrissanders88
32K Followers 505 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSMJake Williams @MalwareJake
131K Followers 2K Following Breaker of software | GSE #150 | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | He/himJosh Stroschein | The.. @jstrosch
8K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 700K+ views on YT 😱 Find FREE resources below👇Hunt.io @Huntio
367 Followers 156 Following https://t.co/aojFWxKETZ is a service that provides threat intelligence data about observed network scanning and cyber attacks.Ru Campbell @rucam365
6K Followers 1K Following Microsoft Security MVP • Dad, metal, lifting, wrestling, cars • Author, Mastering Microsoft 365 Defender • https://t.co/CaVgOm8IvJ • @Threatscape • @M365SandCUGDray Agha @Purp1eW0lf
6K Followers 3K Following Security Operations Center Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkin🎻 Eric Lawrence @ericlaw
14K Followers 3K Following Seek first to understand. Impatient optimist. Dad. Zetetic. Author. Speaker. Made Fiddler & SlickRun. 17yrs @ MSFT on web/security. My words are my own. he/himGJ @gertjanbruggink
1K Followers 528 Following “The Cyber Security Systems Guy” | proven systems to grow your cyber security & CTI program. cyber threat landscape cartographer @venationdigital.Ugur Koc @UgurKocDe
2K Followers 249 Following 📝 https://t.co/N43oYr8ztY | 📊 https://t.co/cevBcXHYZC | 📨 https://t.co/ptekko0sB1 | 💻 https://t.co/4FitVdsP2S | 🗑️ https://t.co/ZuZQHDeBNKRyan Naraine @ryanaraine
28K Followers 875 Following I write about hackers and the business of cybersecurity. Podcast + newsletter: https://t.co/ZGEyqy2h7g. Columns: @securityweek. Conference: @labscon_ioJake Knowlton @j2k3k
2K Followers 2K Following @Mandiant | Board member at @VeteranSec | https://t.co/6nviinvBUQ | tweets are my own | Ask me why I hate Andrew NorthernJose Enrique Hernande.. @_josehelps
3K Followers 2K Following 🛡️ Threat Research Director @Splunk ❤️ Scuba Diving 🔧 Maintainer of #AtomicRedTeam & #LOLDRIVERS & #LOLBAS project 😎 Ex @lacework @fastly @oracle @akamai.rootsecdev @rootsecdev
24K Followers 1K Following Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.Nicolas Caproni @ncaproni
8K Followers 4K Following Head of @sekoia_io Threat & Detection Research (TDR) Team #SOCplatform #XDR #SIEM #CTI #TIPandrew danis @andrewdanis
2K Followers 916 Following DFIR | threat intel | detection engineering. @halo player for @Vyrus_eSports. vocalist.Matt @mattnotmax
3K Followers 607 Following Hooked on hunting espressos & drinking malware. Or something like that. | Too much #CyberChef | https://t.co/GzzzLPqpvJJared Wilson @JWilsonSecurity
1K Followers 1K Following Mandiant Research and Discovery, Father, Husband, Trail Runner, Co-Founder CyberFriendsCircleMicah Babinski @MicahBabinski
724 Followers 691 Following Principal Detection Engineer @amtrak 🚆, ex-GIS pro, bagpiper, adoptive dad. I recharge the batteries with a trip to Scotland or the backcountry of the PNW.Aura @SecurityAura
4K Followers 541 Following GCIH, GCFE | Manager | DFIR, Threat Hunting, Detection Engineering | @CuratedIntel Contributing DFIR Member https://t.co/foDR8PkDI7Bhavin Patel @hackpsy
348 Followers 846 Following Threat Research Team @splunk Maintainer of #atomic-red-teamAndrew @4ndr3w6S
2K Followers 2K Following Senior Manager of Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!emily @malwaremily
404 Followers 2K Following Detection Engineering, MARE & Honeypots 🍯 | Incident Detection Engineer @blumirasec | she/herDaniel Stinson @shellcromancer
1K Followers 2K Following Threat Detection & Response @ Brex, xCloudflare. Hobbyist reverse engineer of things. Dogs are clearly better than people.Ryan Long @SPL_Junky
138 Followers 1K Following Security Consulting Solutions Engineer @splunk. Threat Detection Engineer. Sketch artist for machine data and self-proclaimed data analytics mad scientist!Tyler Fornes @tfornez
614 Followers 270 Following Principal Solutions Architect at @ExpelSecurity | Formerly @FireEye | Statements are my own.Elastic Security Labs @elasticseclabs
2K Followers 141 Following Elastic Security Labs is democratizing security by sharing knowledge and capabilities necessary to prepare for threats. Spiritually serving humanity since 2019.Zack Allen @techyteachme
3K Followers 2K Following security research director @datadoghq , @nyustern mba, CCDC red team, cloud, intel and detection engineering. Creator of Detection Engineering WeeklyBrendan Chamberlain @infosecb
807 Followers 624 Following Threat Detection Engineer | detection & response | automation | macOS security | awesome-detection-engineering, LOOBins https://t.co/n7Z3eDHFJUMichalis Michalos @Cyb3rMik3
3K Followers 2K Following SecOps, DFIR & CTI 🛡 | Microsoft Security, #KQL Threat Hunting 🏹 | Father 👭/Hasbund 👫/🍷&⌚️ enthousiast/Explorer ✈️ | Views my own.gregclermont @gregclermont
401 Followers 1K Following Cybercrime threat intel and detection shenanigans at https://t.co/D9ptVmYpGESttyK (してぃー�.. @SttyK
7K Followers 963 Following Open Source Intelligence Analyst @vxunderground & @curatedintel [email protected]Christian @THIR_Sec
408 Followers 735 Following 🏹 @SentinelOne | @SANS_EDU #MSISE Alum | Former @TheDFIRReport Contributor. Expressed opinions are my own.Kijo Ninja @kj_ninja25
2K Followers 87 Following Security Engineer @Microsoft - EDR, XDR, KQL, ThreatHunting | #Triathlete 🏊♂️ 🚴 🏃♀️ National Team (Age group).. or KJ Ninja 🥷 My tweets are my ownPermiso Security @permisosecurity
689 Followers 385 Following Detection for all of your clouds - identity providers, Iaas, Saas, Paas and more.RussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 350 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware AddictGi7w0rm @Gi7w0rm
14K Followers 678 Following Threat Intelligence and #URINT Analyst | See my Linktree for other socials | In case I post false intel, contact me! Support me: https://t.co/5WgDqr0K8pBotconf @Botconf
4K Followers 1K Following The Botnet and Malware Ecosystems Fighting Conference 11th ed - Workshops & Conference 23-26 April 2024 in Nice, FR Follow us: https://t.co/wvWVbcla66Matt Anderson @nosecurething
1K Followers 961 Following Senior Detection Engineer @HuntressLabs Threat Research | Threat Hunting | Malware AnalysisMax Rogers @MaxRogers5
3K Followers 1K Following Sr. Director, Security Operations Center @HuntressLabs | Ex-Mandiant/FireEye | Amateur Runner | Solving Cyber Security for Small & Mid-Sized BusinessesMattie Schuch @MittenSec
386 Followers 1K Following Cybersecurity fanatic! 💾 DFIR 👾 Malware Reversing 🔎 Threat Hunting @TheDFIRReport membercyb3rjy0t @cyb3rjy0t
12 Followers 97 Following Threat Hunting | Detection Engineering | Incident ResponseJake @JakeKing
1K Followers 2K Following Director of Eng @elastic. Founder @cmd_security (acquired by @elastic). Advisor @eco, @trufflesec, @railway and others.[email protected].. @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/himPSConfEU @PSConfEU
3K Followers 416 Following Follow the PowerShell Conference Europe account for news about the #PowerShell community and the events we organise! Next up: PSConfEU MiniCon, 24th of OctoberMinh Giang @minhg822
25 Followers 100 FollowingIt’s the 5th and final day of the #FOR589 ALPHA, it’s the Capstone CTF involving our very own custom cybercrime forum! 😎👾🔍🚩
Here are some @elastic ES|QL queries to find all JS process or file operations per host and process: All processes likely interacting with JS files from logs-endpoint.events.process* | where event.category == "process" and process.command_line like "*.js" | stats counts =…
Had a great conversation with @br0k3ns0und yesterday on the importance for detection engineers to understand how often things are executed on a host, the type of files (and their volume) on disk, etc when creating a detection. This morning, I decided to check how many…
Hey #100DaysofYARA friends and fans! I am looking for a successor to take up the 100 days of yara mantle. I’ll still participate of course, but I think the challenge has reached a point where it can grow much more under a more organized eye
Excited to share the cover for my upcoming book #EvasiveMalware! I think @nostarch did a great job with this one. Obviously not the final final version, but let me know what you think 😄 Ps. If you try to print this, your printer will explode.
Excited to be #1 this quarter. The first MSRC leaderboard since I became an independent security researcher and seems to be a good start. Thanks to everyone in MSRC & bounty team for helping as always :-)
Congratulations to all the researchers recognized in this quarter’s MSRC 2024 Q1 Security Researcher Leaderboard! 🎉 Thank you to everyone for your hard work and continued partnership to secure customers. Learn more in our blog post: msrc.microsoft.com/blog/2024/04/c… We also want to…
🎁 Today I'm giving away 3 of our DFIR Labs! 🎁 To enter: ✅Follow me ✅RT & Like this post ✅Reply with which case you'd like to take The winners will be selected in 24 hours. #Giveaway
🎉 Announcing DFIR Labs! 🎉 Introducing our DFIR Labs based on real intrusions from our public reports and private threat briefs! Whether you're starting out or looking to deepen your skills, our labs can help. 1/2
Happening now at #New2CyberSummit: @tas_kmanager and Sylvain Lu share a day in the life of detection engineers. Hear this talk: sans.org/u/1uk7 #CybersecurityJourney
Our presentation is ready... ✅
I love this idea & am planning one: A night where all of your friends make a presentation on what they do at work and answer questions. I don't know much about what many of my friends do for a living.
Getting close to @AtlSecCon ! Super excited to see some friends in person & deliver my Hunting for Cloud Session Anomalies talk - if you see me hanging around the conference please say hi - I’m awkward but friendly 💙
You’d likely be better off testing procedures from @TheDFIRReport than hiring a cheap pentest.
Finally made it to the team member page on @SpecterOps "About Us" page. Yes my picture looks like I work at Asda and am about to offer to carry your bags to your car... but still classing this as my win for the month 🤣specterops.io/about/team/
✨While OneNote attacks have been mostly mitigated, this report highlights the speed with which threat actors can adapt new tactics to remain effective. 🎯A compromised host should be remediated, with the goal of minimizing the time to detect. Whether it's a day later or a month…
From OneNote to RansomNote: An Ice Cold Intrusion 🌟Analysis & reporting completed by @iiamaleks, @IrishD34TH, and @Miixxedup 🎵Audio (New Voice!): Available on Spotify, Apple, YouTube and more! 🏹Services: thedfirreport.com/services/ 📚Report: thedfirreport.com/2024/04/01/fro…
New blog post is up, exploring detection options for some recent In- the- Wild Windows LPE 0- days elastic.co/security-labs/…
This was a great find by Joshua on our team. Here's the @NetSPI blog covering an Azure privilege escalation (Automation Account Reader-> Subscription Contributor) caused by Azure Site Recovery Services and Automation Accounts. - netspi.com/blog/technical…
Living in the Seattle area, you can find very interesting articles of clothing at second hand stores. 11 years ago I found what I thought was the ultimate physical pentesting jacket
.@SBousseaden‘s new article explores recent Windows zero-day attacks by analyzing in-the-wild LPE examples and outlining detections that can be run in Elastic Security. Check out the three cases: CLFS, DWM, and Activation Context: go.es.io/43vV8rC #ElasticSecurityLabs