English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
joeychennoGG's profile picture. malware researcher, reverse engineer. A conference speaker and trainer such as HITB, VirusBulltin, CodeBlue, HITCON, DeepIntel, etc.

joeychen

@joeychennoGG

malware researcher, reverse engineer. A conference speaker and trainer such as HITB, VirusBulltin, CodeBlue, HITCON, DeepIntel, etc.

59Posts 131Followers 273Following
You might like
joeychen reposted
vanjasvajcer's profile picture.
Vanja Svajcer
 @vanjasvajcer
Sep 23

Although these malware families have historically been associated with campaigns attributed to Naikon or BackdoorDiplomacy, our analysis indicates a connection. blog.talosintelligence.com/how-rainyday-t…

vanjasvajcer's tweet card. Talos discovered that a new PlugX variant’s features overlap with both the RainyDay and Turian backdoors
How RainyDay, Turian and a new PlugX variant abuse DLL search order hijacking
Source: blog.talosintelligence.com
0
1
2
0
127
joeychen reposted
nao_sec's profile picture.
nao_sec
 @nao_sec
Jul 1, 2024

New blog post! "Building Casper's Shadow". We discovered and researched the #ShadowPad builder. See how ShadowPad is built 😎👻 nao-sec.org/2024/06/buildi…

nao_sec's tweet image. New blog post! "Building Casper's Shadow". We discovered and researched the #ShadowPad builder. See how ShadowPad is built 😎👻 nao-sec.org/2024/06/buildi…
0
50
111
28
14K
joeychen reposted
virusbtn's profile picture.
Virus Bulletin
 @virusbtn
Apr 8, 2024

Cisco Talos researchers Chetan Raghuprasad & Joey Che discovered a financially motivated threat actor targeting users in several Asian & Southeast Asian countries. CoralRaider focuses on stealing victims’ credentials, financial data & social media accounts blog.talosintelligence.com/coralraider-ta…

virusbtn's tweet image. Cisco Talos researchers Chetan Raghuprasad & Joey Che discovered a financially motivated threat actor targeting users in several Asian & Southeast Asian countries. CoralRaider focuses on stealing victims’ credentials, financial data & social media accounts blog.talosintelligence.com/coralraider-ta…
0
20
49
11
5K
joeychen reposted
saintX's profile picture.
saintX
 @saintX
Aug 23, 2023

淮南锋川网络科技有限责任公司 submitted the binary to MS to be signed 96170614bbd02223dc79cec12afb6b11004c8edb8f3de91f78a6fc54d0844622

threatintel's profile picture. Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Threat Intelligence
 @threatintel
Aug 22, 2023

Carderbee: APT Group uses Legitimate Software in Supply Chain Attack Targeting Orgs in Hong Kong - Cobra DocGuard and legit Microsoft-signed cert used in this activity. Read more: symantec-enterprise-blogs.security.com/blogs/threat-i…

threatintel's tweet image. Carderbee: APT Group uses Legitimate Software in Supply Chain Attack Targeting Orgs in Hong Kong - Cobra DocGuard and legit Microsoft-signed cert used in this activity. Read more: symantec-enterprise-blogs.security.com/blogs/threat-i…
0
7
21
4
9K
0
4
6
0
1K
joeychen reposted
lac_security's profile picture.
ラック公式
@lac_security
Jun 30, 2022

2022年6月に新たな攻撃者グループによる日本組織を狙った「サプライチェーン攻撃」を確認しました。 攻撃で利用された4つのマルウェアを中心に、その機能や背後に潜む攻撃者像について紹介しています。ぜひご活用ください。 lac.co.jp/lacwatch/repor… #株式会社ラック #サプライチェーン攻撃

0
36
93
8
0
joeychennoGG's profile picture.
joeychen
 @joeychennoGG
May 12, 2022

fd8c53670c2dcea06abfe49b364875643f6c499ca77c6a49a63a1ae4364c03c5 d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025 Interesting pdb strings

joeychennoGG's tweet image. fd8c53670c2dcea06abfe49b364875643f6c499ca77c6a49a63a1ae4364c03c5 d011130defd8b988ab78043b30a9f7e0cada5751064b3975a19f4de92d2c0025 Interesting pdb strings
1
1
5
0
0
joeychen reposted
SentinelOne's profile picture.
SentinelOne
 @SentinelOne
May 2, 2022

🔥New from #SentinelLabs! Chinese-aligned APT group Moshen Dragon caught side-loading #malware through multiple #AV products to infect telecoms sector. By Joey Chen and @AmitaiBs3. Read the blog: sentinelone.com/labs/moshen-dr… #moshendragon #cybersecurity #plugx #shadowpad

SentinelOne's tweet card. Chinese-aligned APT group Moshen Dragon caught sideloading malware through multiple AV products to infect telecoms sector.
Moshen Dragon’s Triad-and-Error Approach | Abusing Security Software to Sideload PlugX and ShadowPad
Source: sentinelone.com
1
10
15
1
0
joeychennoGG's profile picture.
joeychen
 @joeychennoGG
Mar 3, 2022

Verifying myself: I am joey_chen222 on Keybase.io. jt8RW_nlKBlThsZc4H2NnzUdrFD4uWYnfwxj / keybase.io/joey_chen222/s…

0
0
1
0
0
joeychen reposted
780thC's profile picture.
780th Military Intelligence Brigade (Cyber)
 @780thC
Aug 18, 2021

Chinese espionage tool exploits vulnerabilities in 58 widely used websites... Fifty-seven of the sites are popular Chinese portals, while the last is the site for US newspaper, the New York Times. therecord.media/chinese-espion… via @TheRecord_Media

780thC's tweet card. A security researcher has discovered a web attack framework developed by a suspected Chinese government hacking group and used to exploit vulnerabilities in 58 popular websites to collect data on...
Chinese espionage tool exploits vulnerabilities in 58 widely used websites
Source: therecord.media
4
39
50
5
0
joeychen reposted
Russia_NC's profile picture.
No Context Russia
 @Russia_NC
Nov 1, 2020
66
3K
11K
615
0
joeychen reposted
t0nynot's profile picture.
Tony
 @t0nynot
Oct 27, 2020

Check out our latest research about similarities between ShadowPad and PlugX APT-backdoors. We analysed malware samples from our customer's infected PCs and some other ones and highlithed some common features news.drweb.com/show/?i=14048&…

1
7
18
0
0
joeychen reposted
TrendMicroRSRCH's profile picture.
Trend Micro Research
@TrendMicroRSRCH
Sep 18, 2020

New post: The U.S. Justice Department charged 5 members of a Chinese state-sponsored group known as #APT41 for hacking over 100 institutions worldwide. Last May, @TrendMicro also connected the group to ransomware attacks on Taiwanese organizations. trendmicro.com/en_us/research…

TrendMicroRSRCH's tweet card. U.S. Justice Department Charges APT41 Hackers over Global Cyberattacks
U.S. Justice Department Charges APT41 Hackers over Global Cyberattacks
Source: trendmicro.com
0
4
6
0
0
joeychen reposted
TrendMicroRSRCH's profile picture.
Trend Micro Research
@TrendMicroRSRCH
Sep 5, 2020

.@TrendMicro cyberthreat researcher @joeychennoGG breaks down #TropicTrooper 's use of USBferry at #HITCON2020. More about this topic: bit.ly/2zubhEb

TrendMicroRSRCH's tweet image. .@TrendMicro cyberthreat researcher @joeychennoGG breaks down #TropicTrooper 's use of USBferry at #HITCON2020. More about this topic: bit.ly/2zubhEb
0
5
6
1
0
joeychen reposted
TihanyiNorbert's profile picture.
Norbert Tihanyi, PhD
 @TihanyiNorbert
Jun 30, 2020

My new AMSI bypass script based on Matt Graeber @mattifestation 'amsiInitFailed' script. With a little math 0/59 AV detects as malicious in 2020. Happy pentesting. @kmkz_security

TihanyiNorbert's tweet image. My new AMSI bypass script based on Matt Graeber @mattifestation 'amsiInitFailed' script. With a little math 0/59 AV detects as malicious in 2020. Happy pentesting. @kmkz_security
6
141
340
62
0
joeychen reposted
autumn_good_35's profile picture.
Autumn Good
 @autumn_good_35
Jun 15, 2020

『DarkHotel has been linked to both Higaisa and StarCruft, all of them have some connection to South Korea in one way or another.』🤔 Deep-dive: The DarkHotel APT blog.bushidotoken.net/2020/06/deep-d…

0
4
8
0
0
joeychennoGG's profile picture.
joeychen
 @joeychennoGG
May 18, 2020

amazing project

cyrildiagne's profile picture. 🇪🇺🦾🤖 @bfl_ml
Cyril Diagne
 @cyrildiagne
May 17, 2020

Proto 6/10: Copy printed text to desktop with AR+ML Code: github.com/cyrildiagne/ar… Book: Neurones, les intelligences simulées, Frédéric Migayroux & al (Editions Hyx 2018 @centrepompidou) #ML #AR #AI #AIUX #ARCore #ARKit #WebXR Technical Insights: ↓

46
600
2K
201
0
0
0
2
1
0
TuringAlex's profile picture. Kernel Developer | Security REsearcher | Basketball Fan {Botconf | VirusBulletin | Kaspersky SAS} Speaker Current: @Xlab_qax EX: @360Netlab @Kaspersky AKA 渣兔

Alex. Turing

@TuringAlex
doraeric93's profile picture. 🦭 open source, cyber security

doraeric

@doraeric93
cfpdirectory's profile picture. A dual-use platform for the security community - to connect speakers with events and help organizers find the perfect speakers.

cfpdirectory

@cfpdirectory
invisig0th's profile picture. Founder @vtxproject Father of the #APT1 Report @mandiant / @fireeye Inventor of synapse, vivisect, UNCs, imphash, ... DEFCON CTF Champion, Founder of Kenshoto

visi stark

@invisig0th
H4ckmanac's profile picture. We track verified, real-world cyber attacks to help you develop effective Cybersecurity strategies. Try https://t.co/eB7qgxKFAa, your Strategic Threat Intelligence platform

Hackmanac

@H4ckmanac
Xanderuxsf5's profile picture. Threat intelligence analyst | #infosec Cyber threat intel community: https://t.co/5u7OdssOHI lolweb maintainer : https://t.co/sPciJFVGcN

Xanderux

@Xanderuxsf5
InvokeReversing's profile picture. Empowering you to take on today's toughest threats.

Invoke RE

@InvokeReversing
AhnLab_ASEC's profile picture. #AhnLab #ASEC AhnLab ASEC

AhnLab Security Emergency Response Center (ASEC)

@AhnLab_ASEC
ElementalX2's profile picture. Absolute Rookie.

NtAlertThread

@ElementalX2
cybersecuritysl's profile picture. 分享网安文章、工具、漏洞,转发有意思的推文 |渗透测试|RedTeam|红队|Pentest

网安知识分享

@cybersecuritysl
MSFTBlueHat's profile picture. BlueHat is where the security research community and @Microsoft security pros come together as peers, to connect, share and learn. Run by @MSFTSecResponse

Microsoft BlueHat

@MSFTBlueHat
steven5538_'s profile picture. Enjoy creating products. TourSnap | Your audio tour guide app @TourSnap

Steven Chen

@steven5538_
TheHackersNews's profile picture. The #1 trusted source for cybersecurity news, insights, and analysis — built for defenders and trusted by decision-makers.

The Hacker News

@TheHackersNews
1337CoastCustom's profile picture. Purveyors of 1337 Warez | Home of Attribution Dice & LED Throwie Kits | Owned by @JC_SoCal and @_sn0ww

1337CoastCustoms

@1337CoastCustom
gorimpthon's profile picture. Sr. Cybersecurity Researcher | CSIRT | ばらまきメール回収の会 @retrieve_member | Mal-Eats @mal_eats | CISSP GIAC | Opinions are my own.

S⃣ A⃣ S⃣ A⃣

@gorimpthon
iamluismalheiro's profile picture. Exploring and writing stories about the greatest minds in human history. Learning from the best to become better.

Luis Malheiro

@iamluismalheiro
Thisism23567356's profile picture.

Hunter For Fun

@Thisism23567356
strinsert1Na's profile picture. 日本🇯🇵のサイバー脅威を分析してインテリジェンスを垂れ流している存在です。ときどきマルウェアも解析します。 ▶ CISSP/OSCP/OSEP/GREM/GCTI/Z2A ▶ Pub.: 今日から始めるサイバー脅威インテリジェンス』Software Design (2022) ▶ Conf.: JSAC2023

MigawariIV

@strinsert1Na
hunterbr72's profile picture. Researcher at Talos. No infosec drama, no opinions, no politics, Tech and Tools only. Author of Dyn. Data Resolver (Winner of Hex-Rays Plugin Contest 2020).

Holger Unterbrink

@hunterbr72
marc_etienne_'s profile picture. Security stuff @Google (Previously @ESETresearch). Montréal security: @NorthSec_io // @MontreHack. Father of two. VE2XME https://t.co/ahEQ1MJEaF

Marc-Etienne M.Léveillé

@marc_etienne_
vanjasvajcer's profile picture. Working for Cisco Talos. Mostly security related stuff. @vanjasvajcer@infosec.exchange

Vanja Svajcer

@vanjasvajcer
unpacker's profile picture. Zscaler APT Research | Formerly Kaspersky GREAT | Threat Intelligence Hustler | Tweets are my own | Keybase: @seongsupark | Mastodon: @spark@infosec.exchange

Seongsu Park

@unpacker
ashl3y_shen's profile picture. Security researcher @TalosSecurity / Ex-Google TAG / Black Hat USA & HITCON Review Board / Organizer of @rhacklette41. My tweets are my own opinion.

Chi-en (Ashley) Shen (@ashl3y-shen.bsky.social)

@ashl3y_shen
BSidesSG's profile picture. Official Tweets from BSides Singapore Call for Organizers - https://t.co/rjwvwqClHZ

BSides Singapore

@BSidesSG
Maxwsmeets's profile picture. @Virtualroutes @ETH_en @BindingHook. Author of NO SHORTCUTS (2022) & RANSOM WAR (2025)

Max Smeets

@Maxwsmeets
SBousseaden's profile picture. Tech Lead - Elastic Security Mastodon: @sbousseaden@infosec.exchange

Samir

@SBousseaden
FalconFeedsio's profile picture. Threat intelligence platform - Data from Deep Web, Dark Web, Open Web || For data API integration : support@falconfeeds.io Democratizing Cyber Security.

FalconFeeds.io

@FalconFeedsio
JapanITWeek's profile picture. これであなたもDXの達人! 日本最大級のIT展示会「Japan IT Week」公式アカウントです。 注目の出展製品や開催セミナーなどの最新情報のほか、SNS限定の情報もお届けいたします✨ ≪直近の会期≫ 2025年11月19日【水】~21日【金】@インテックス大阪 #JapanITWeek

【公式】Japan IT Week

@JapanITWeek
Cyber_Asia_'s profile picture. Follow us for the latest #cybersecurity news in Asia.

🄲🅈🄱🄴🅁 🄰🅂🄸🄰

@Cyber_Asia_
asheermalhotra's profile picture. Threat Researcher @TalosSecurity. Metalhead. Shitposter. Not necessarily in that order. Opinions are my own. #CTI #APT @asheer@infosec.exchange

Asheer Malhotra

@asheermalhotra
hasherezade's profile picture. Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)

hasherezade

@hasherezade
cyber_forecast's profile picture. 国家サイバー統括室(NCO)の公式アカウント(注意・警戒情報)です。サイバーセキュリティ関連の注意・警戒情報を発信しています。

国家サイバー統括室(注意・警戒情報)

@cyber_forecast
eolwral's profile picture.

eolwral

@eolwral
publicipv6info's profile picture. RFC 8200 - I report on the overall deployment status of IPv6 across the Internet among other related things.

Public IPv6 Info

@publicipv6info
saintX's profile picture. Espionage Intelligence Alchemist. Threat Intel, teller of truths, annoyer of the feeble minded, known to ramble. CyberDad @labscon_io / @pivot_con

saintX

@saintX
780thC's profile picture. Official Twitter page of the 780th MI Brigade (Cyber). The Army's only offensive cyberspace operations brigade (following, retweets and links ≠ endorsement).

780th Military Intelligence Brigade (Cyber)

@780thC
TalosSecurity's profile picture. Cisco Talos defends Cisco customers with trusted global cybersecurity intelligence. Support requests: https://t.co/LGrHyYbolX

Cisco Talos Intelligence Group

@TalosSecurity
_vventura's profile picture. My opinions are my own not my employer

VV

@_vventura
TLP_R3D's profile picture. Author - The Intent Model (Kindle Books) | Malware Geek | Curated Intel Member | Threat Intelligence Expert Extraordinaire

Chris Duggan

@TLP_R3D
x64dbg's profile picture. An open-source x64/x32 debugger for windows.

x64dbg

@x64dbg
XinWen_Chang's profile picture.

🗣️ As 隕石翻譯官, I want to have..

@XinWen_Chang
virustotal's profile picture. Crowdsourced Security Intelligence

VirusTotal

@virustotal
NinjaParanoid's profile picture. Founder Dark Vortex/Brute Ratel | Former RedTeam @CrowdStrike @Mandiant @niiconsulting

Chetan Nayak (Brute Ratel C4 Author)

@NinjaParanoid
MsftSecIntel's profile picture. We are Microsoft's global network of security experts. Follow for security research and threat intelligence.

Microsoft Threat Intelligence

@MsftSecIntel
t3ft3lb's profile picture. Threat researcher, Malware analyst All tweets represent my personal opinion

t3ft3lb

@t3ft3lb
StopMalvertisin's profile picture. Security Researcher | Cyber Threat / Malware Analyst | Ex Sr. Threat Analyst @ Proofpoint | Founder of Stop Malvertising

Kimberly

@StopMalvertisin
Cryptolaemus1's profile picture. Where are mealybugs now!?! We is hungry and no one wants to play anymore. Where everyone at?

Cryptolaemus

@Cryptolaemus1
dadamitis's profile picture. Security Researcher @ Lumen, black coffee connoisseur, dog lover, follower of sea turtles, SHU 13, my thoughts are my own. (he/him)

Danny 🌻

@dadamitis
milenkowski's profile picture. Threat Research | Threat Intelligence | PhD | European Commission Marie Curie Research Fellow 2011-2014 | Personal Profile | 🇩🇪

Aleksandar Milenkoski

@milenkowski
GroupIB's profile picture. A leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime. Combating cybercrime since 2003

Group-IB Global

@GroupIB

United States Trends

You might like

Something went wrong.


Something went wrong.