-
Tweets47
-
Followers1
-
Following52
-
Likes165
I’m aiming to work on EDR Telemetry project this weekend. Sorry to folks that’ve been waiting for updates on PRs etc. it’s been a busy year already. What’s coming 🔜: ➡️ Cortex EDR ➡️ Symantec SES ➡️ Sophos EDR ➡️HarfangLab EDR github.com/tsale/EDR-Tele…
Join us on June 13 for a SANS Webcast where @CCrowMontance will look at the results of the 2023 SOC Survey and explore the developing promise of deception, AI and machine learning. ✍️ Register here to attend: sans.org/u/1oxJ #SOC #SANSAnalyst
The Dangers of Google’s .zip TLD by @bobbyrsec link.medium.com/JvSRrtzaWzb
Today I'm happy to announce my newest and most ambitious project - the Azure Threat Research Matrix (ATRM). A similar look to MITRE ATT&CK Enterprise, but the ATRM will cover AzureAD and Azure resource TTPs. Official blog post: techcommunity.microsoft.com/t5/security-co… (1/2)
Next BHIS Webcast Intro to Windows Event Collecting w/ Nick & @mon0pixel Thursday, May 26 - 1pm ET (UTC -4) Register: zoom.us/webinar/regist… Centralized logging allows for better debugging, auditing, and of course security investigation.
#DetectionEngineering #ThreatHunting Huge List O' Resources Incoming \/ \/ \/ SIEM Rulesets (all open and free): @MITREcorp CAR - car.mitre.org @splunk - github.com/splunk/securit… @elastic - github.com/elastic/detect… @sigma_hq - github.com/SigmaHQ/sigma/… 👇🧵
I really like the new @MITREattack tag selection feature in my team member's @sigma_hq extension for #VSCode - it's much faster than on the official website (sorry 😅) creds @_humpalum Sigma extension marketplace.visualstudio.com/items?itemName…
#Emotet lnk files Do look for the new cycle ! It is all over the place with todays' run. bazaar.abuse.ch/sample/a0f4813…
How to deploy your Elastic Stack (ELK) SIEM #redtam #infosec #pentest blueteamsacademy.com/elk/
Visualizing #cybersecurity concepts can be a great way to learn more about specific tools, methodologies, and techniques! Here is a thread that shows 6 useful infographics on threat intelligence and related topics!🧵👇#infosec #threatintel 1⃣ - Practical Threat Intel
New Blog! Lessons from the Conti Leaks blog.bushidotoken.net/2022/04/lesson…
Acabou de publicar uma foto instagram.com/p/Ccbe0urOGF4/…
Windows Event Logs #infosec #CyberSecurity #CyberSecuritytips #pentesting #oscp #informationsecurity #cissp #CyberSec #networking #networksecurity #CheatSheet #infosecurity #cyberattacks #security #linux #UniX #vulnerabilities #bugbounty
If you work with event logs, here are 2 GREAT utilities: Parse an EVTX file into JSO: github.com/omerbenamram/e… Query a JSON stream: stedolan.github.io/jq/tutorial/ Combined with Sysmon and some built-in logs, there is a lot of power at your fingertips 💪
We've published a ransomware simulator named QuickBuck - initial release (first PoC) - it tries to perform various actions to simulate activity seen by ransomware on endpoints - we plan to use it in demos to showcase Sigma matching with Aurora github.com/NextronSystems…
Great security guidance for - everyone - #mustView [Repo] Personal Security Checklist - A curated checklist of 300+ tips for protecting digital security and privacy in 2021 #CyberSecurity #Security #Guidance
From a security pro who fought LAPSUS$: It forces us to shift thinking about insider access. Nation states want longer, strategic access; ransomware groups want lateral movement. LAPSUS$ asks: What can this account get me in the next 6 hours? We haven’t optimized to defend that.
Linux Log parsing cheat sheet
Detection engineers don't just produce or apply IOCs Detection engineers transform observed activity into detection rules (which includes IOCs) E.g. when I watch talks on TA activity I write rules on a scratch pad. They usually differ from the IOCs provided with the reports.
Windows binaries: lolbas-project.github.io Linux binaries: gtfobins.github.io Living off Trusted Sites: lots-project.com File Extensions Used by Attackers: filesec.io Blue Team / Binaries that behaves like malware: wtfbins.wtf
Chris Sanders 🔎 �... @chrissanders88
35K Followers 487 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Kostas @Kostastsale
20K Followers 383 Following I like building things that solve real problems, working across cybersecurity, product, and research | 🇬🇷🇨🇦
Michael Koczwara @MichalKoczwara
25K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Dark Web Intelligence @DailyDarkWeb
192K Followers 0 Following We work in the dark to bring clarity to the light.
ANY.RUN @anyrun_app
33K Followers 191 Following Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
DocIntel @docintelapp
539 Followers 3 Following Organize your Threat Intelligence. DocIntel is an open-source context-centric threat intelligence platform.
ACE Responder @ACEResponder
18K Followers 227 Following Practice threat hunting & detection engineering in a real SIEM with real attacks. Join us and become the best.
Huntress @HuntressLabs
40K Followers 533 Following Managed #cybersecurity without the complexity. EDR, ITDR, SIEM & SAT crafted for under-resourced IT and Security teams.
Thomas Patzke @blubbfiction
5K Followers 440 Following Incident Response, Threat Hunting. Opensource security tool developer (https://t.co/2twMtVpZtL). Moved to @[email protected]
Chad Tilbury @chadtilbury
22K Followers 599 Following Digital forensics and incident response. Ex-AFOSI, Mandiant, and CrowdStrike. SANS Institute Fellow and co-author of #FOR500 and #FOR508 courses.
Segurança Legal @SegurancaLegal
5K Followers 241 Following Podcast Segurança Legal - Direito da TI, SegInfo e Prot. de Dados - Apoio https://t.co/2f6MrQF9N3 - Apoie em https://t.co/MdGHBCG0df
Carlos Cabral 🏴 @kbralx
1K Followers 2K Following Pesquisador de cibersegurança na @tempest_sec | Colunista no @portalcryptoid | Host do podcast Cyber Morning Call.
Rodrigo (Sp0oKeR) @spookerlabs
5K Followers 837 Following Blue Team & Cloud Security Researcher. Like to discover and detect threats =)
Check Point Research @_CPResearch_
25K Followers 120 Following Fighting cyber threats one research at a time. News from Check Point’s (@checkpointSW) Research team.
Bad Packets by Okta @bad_packets
51K Followers 2 Following We provide cyber #threatintel on emerging threats, DDoS botnets, and network abuse.
Chad Warner @WarnerChad
742 Followers 3 Following Web Strategist at web design agency @OptimWise. Cybersecurity & privacy enthusiast. Bookworm. Fan of Tolkien & LEGO.
ATT&CK @MITREattack
117K Followers 515 Following MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt
Felipe Payão @felipepayao
25K Followers 898 Following Editor-chefe no @Tec_Mundo - @voxeloficial - @minhaserie_ - @thebriefoficial Diretor em Realidade Violada. Sempre repórter. [email protected]
CISA Cyber @CISACyber
298K Followers 73 Following Part of @CISAgov, we respond to major incidents, analyze threats, and exchange critical cybersecurity information with partners around the world.
Hacking Articles @hackinarticles
298K Followers 478 Following House of Pentesters Join us: https://t.co/Y6XOlSOA92
TrendAI @trendaisecurity
112K Followers 4K Following A global AI security leader making the world safer for digital information exchange. AI Fearlessly.
briankrebs @briankrebs
331K Followers 2K Following Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: https://t.co/fTKNavlMwp
thaddeus e. grugq @thegrugq
128K Followers 420 Following Hacker :: PhD researcher @warstudies @KingsCollegeLon :: [email protected] :: PGP https://t.co/dYipV8y3bo
SANS Cyber Defense �... @SANSDefense
37K Followers 498 Following Home of the Cyber Defense curriculum of @SANSInstitute, a hub for #CyberDefense, #BlueTeam, and #OSINT info, training, media, community, and events.
Unit 42 @Unit42_Intel
69K Followers 81 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
Follow CISA's account... @CISAInfraSec
10K Followers 108 Following This account is not active or monitored. Follow @CISAgov and @CISACyber for the latest updates.
vx-underground @vxunderground
438K Followers 359 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Follow CISA's account... @cyber
294K Followers 113 Following This account is not active or monitored. Follow @CISAgov and @CISACyber for the latest updates.
The DFIR Report @TheDFIRReport
67K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion
Black Hills Informati... @BHinfoSecurity
49K Followers 2K Following Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game.
Red Canary, a Zscaler... @redcanary
30K Followers 1K Following 24/7/365 threat detection and response across your cloud, identity, endpoints and everything in-between. We got you: https://t.co/3tlcMwxXMa
Alexandre Borges @ale_sp_brazil
31K Followers 170 Following iOS, Chrome and Android security researcher | Exploit Developer
David J. Bianco @DavidJBianco
12K Followers 826 Following Threat Hunting, CTI, incident detection & response. SANS instructor. Special interest in helping newbies get started. He/Him. https://t.co/XcrBqQLUrP
MalwareHunterTeam @malwrhunterteam
254K Followers 37 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
SOC Prime @SOC_Prime
6K Followers 105 Following AI-turbocharged detection intelligence. Enable line-speed cyberattack detection with AI trained on 11 years of Detection Intelligence.
CERT/CC @certcc
3K Followers 0 Following CERT Coordination Center at the Carnegie Mellon University Software Engineering Institute.
LunaSec (@lunasec@inf... @LunaSecIO
3K Followers 175 Following Want to network with other InfoSec professionals? Come join our community on Discord! https://t.co/NfFVJREjqo
MISP (@misp@misp-comm... @MISPProject
22K Followers 93 Following MISP - Threat Sharing. An open source software and standards to share, create and validate threatintel and intelligence. Mastodon @[email protected]
CIRCL - @circl@social... @circl_lu
13K Followers 1K Following CIRCL is the CERT (Computer Emergency Response Team) for the private sector, communes and non-governmental entities in Luxembourg.
Cybersecurity and Inf... @CISAgov
322K Followers 106 Following America's Cyber Defense Agency and National Coordinator for Critical Infrastructure Security & Resilience. Likes, reshares, follows ≠ endorsements.
Microsoft Threat Inte... @MsftSecIntel
196K Followers 997 Following We are Microsoft's global network of security experts. Follow for security research and threat intelligence.
John Hammond @_JohnHammond
321K Followers 3K Following Cybersecurity Researcher @HuntressLabs Just Hacking Training @JustHackingHQ w/ @ethicalhacker https://t.co/UtsNJiyQtS && https://t.co/narO3sz7y6
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vimYou might like
