Italiano
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어
sarah__yoder's profile picture. Incident Response @Mandiant. Former MITRE ATT&CKer.

Sarah Yoder

@sarah__yoder

Incident Response @Mandiant. Former MITRE ATT&CKer.

449Post 2KFollower 357Following
Potrebbero piacerti
sarah__yoder's profile picture.
Sarah Yoder
 @sarah__yoder
24 set

Earlier this year, I worked one the most interesting and complex IRs of my career. The malware and techniques from that case turned out to be key TTPs observed in multiple subsequent UNC5221 cases! cloud.google.com/blog/topics/th…

sarah__yoder's tweet card. BRICKSTORM is a stealthy backdoor used by suspected China-nexus actors for long-term espionage.
Another BRICKSTORM: Stealthy Backdoor Enabling Espionage into Tech and Legal Sectors | Google Cloud...
Fonte: cloud.google.com
3
29
137
63
19K
Repost di Sarah Yoder
Big_Bad_W0lf_'s profile picture.
John
 @Big_Bad_W0lf_
9 gen

🔥new blog detailing 0day exploitation of Ivanti appliances as well as newly observed malware families tracked as PHASEJAM and DRYHOOK. We also detail activity related to the previously observed SPAWN malware ecosystem tied to China nexus cluster UNC5337. cloud.google.com/blog/topics/th…

Big_Bad_W0lf_'s tweet card. Zero-day exploitation of Ivanti Connect Secure VPN vulnerabilities since as far back as December 2024.
Ivanti Connect Secure VPN Targeted in New Zero-Day Exploitation | Google Cloud Blog
Fonte: cloud.google.com
4
61
101
27
10K
Repost di Sarah Yoder
Gigs_Security's profile picture.
Gigs @ Shmoo
 @Gigs_Security
23 apr 2024

Today, @Mandiant published #MTrends2024, the 15th edition of the report. This report has everything - Frontline Intel Metrics, Hot Zero-Day Summer, Attackers Living on the Edge, insights into☁Threats, evolution of 🎣... Get your copy here: cloud.google.com/security/resou…

Gigs_Security's tweet card. Explore 2025 cybersecurity trends and the evolving cyber threat landscape with expert insights, frontline incident response investigations and attacks
2025 M-Trends Report
Fonte: cloud.google.com
1
24
54
12
12K
Repost di Sarah Yoder
JasonAjmo's profile picture.
Jason Ajmo
 @JasonAjmo
29 feb 2024

it's always dns and/or caching until you're behind a corporate ssl inspection appliance. then it's always ssl certificates.

0
1
3
0
308
sarah__yoder's profile picture.
Sarah Yoder
 @sarah__yoder
24 feb 2024

Check out @Mandiant’s latest hardening and remediation guide for orgs impacted by the recent ConnectWise #ScreenConnect vulns (CVE-2024-1708 and CVE-2024-1709) mandiant.com/resources/blog…

sarah__yoder's tweet card. Remediation and Hardening Guide for ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and...
Remediation and Hardening Guide for ConnectWise ScreenConnect Vulnerabilities (CVE-2024-1708 and...
Fonte: cloud.google.com
0
4
11
2
2K
Repost di Sarah Yoder
TheRegister's profile picture.
The Register
 @TheRegister
20 feb 2024

LockBit ransomware gang disrupted by global operation dlvr.it/T2zG6G

TheRegister's tweet card. Website has been seized and replaced with law enforcement logos from eleven nations
LockBit ransomware gang disrupted by global operation
Fonte: theregister.com
0
6
12
1
4K
sarah__yoder's profile picture.
Sarah Yoder
 @sarah__yoder
20 feb 2024
vxunderground's profile picture. The largest collection of malware source code, samples, and papers on the internet. Password: infected
vx-underground
@vxunderground
19 feb 2024

Every single known Lockbit ransomware group website is either offline or displaying a seized by EUROPOL page. It appears law enforcement has seized and/or taken down, at minimum, 22 Tor sites, in what is labeled 'Operation Cronos'.

vxunderground's tweet image. Every single known Lockbit ransomware group website is either offline or displaying a seized by EUROPOL page. It appears law enforcement has seized and/or taken down, at minimum, 22 Tor sites, in what is labeled 'Operation Cronos'.
vxunderground's tweet image. Every single known Lockbit ransomware group website is either offline or displaying a seized by EUROPOL page. It appears law enforcement has seized and/or taken down, at minimum, 22 Tor sites, in what is labeled 'Operation Cronos'.
19
290
1K
135
166K
0
0
1
1
439
Repost di Sarah Yoder
vxunderground's profile picture.
vx-underground
@vxunderground
20 feb 2024

Lockbit when they're compromised

vxunderground's tweet image. Lockbit when they're compromised
5
64
835
18
63K
Repost di Sarah Yoder
Big_Bad_W0lf_'s profile picture.
John
 @Big_Bad_W0lf_
31 gen 2024

🔥new @Mandiant blog off the press digging further into our findings from Ivanti CS exploitation. Part 2 covers some new malware families, more on ZIPLINE, updates to attribution, and a bit on mitigation bypassing and new post-ex TTPs. mandiant.com/resources/blog…

Big_Bad_W0lf_'s tweet card. Investigating broad zero-day exploitation of two high-impact vulnerabilities affecting Ivanti appliances.
Cutting Edge, Part 2: Investigating Ivanti Connect Secure VPN Zero-Day Exploitation | Google Cloud...
Fonte: cloud.google.com
1
69
125
30
23K
Repost di Sarah Yoder
Mgkarayan's profile picture.
Mark Karayan
 @Mgkarayan
30 gen 2024

UNC4990 - The first malicious threat actor Mandiant has tracked that's based out of Italy - employs some tactics we haven't seen before. mandiant.com/resources/blog…

Mgkarayan's tweet image. UNC4990 - The first malicious threat actor Mandiant has tracked that's based out of Italy - employs some tactics we haven't seen before. mandiant.com/resources/blog…
3
43
168
49
27K
Repost di Sarah Yoder
Volexity's profile picture.
Volexity
 @Volexity
18 gen 2024

.@Volexity shares new observations on cont'd widespread exploitation of Ivanti Connect Secure VPN vulnerabilities. Now, 2100+ compromised devices & UTA0178 observed modifying built-in Integrity Checker Tool to evade detection. Details: volexity.com/blog/2024/01/1… #dfir #threatintel

Volexity's tweet card. On January 15, 2024, Volexity detailed widespread exploitation of Ivanti Connect Secure VPN vulnerabilities CVE-2024-21887 and CVE-2023-46805. In that blog post, Volexity detailed broader scanning...
Ivanti Connect Secure VPN Exploitation: New Observations
Fonte: volexity.com
1
37
87
24
53K
sarah__yoder's profile picture.
Sarah Yoder
 @sarah__yoder
14 nov 2023
vxunderground's profile picture. The largest collection of malware source code, samples, and papers on the internet. Password: infected
vx-underground
@vxunderground
19 feb 2024

Every single known Lockbit ransomware group website is either offline or displaying a seized by EUROPOL page. It appears law enforcement has seized and/or taken down, at minimum, 22 Tor sites, in what is labeled 'Operation Cronos'.

vxunderground's tweet image. Every single known Lockbit ransomware group website is either offline or displaying a seized by EUROPOL page. It appears law enforcement has seized and/or taken down, at minimum, 22 Tor sites, in what is labeled 'Operation Cronos'.
vxunderground's tweet image. Every single known Lockbit ransomware group website is either offline or displaying a seized by EUROPOL page. It appears law enforcement has seized and/or taken down, at minimum, 22 Tor sites, in what is labeled 'Operation Cronos'.
19
290
1K
135
166K
0
0
2
0
409
Repost di Sarah Yoder
MsftSecIntel's profile picture.
Microsoft Threat Intelligence
@MsftSecIntel
25 ott 2023

The financially motivated threat actor tracked by Microsoft as Octo Tempest, whose evolving campaigns leverage tradecraft not seen in typical threat models, represents a growing concern for organizations. Get TTPs and protection info: msft.it/60129Lhkw

MsftSecIntel's tweet card. Financially motivated threat actor Octo Tempest's evolving campaigns represent growing concern for organizations across multiple industries.
Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction | Microsoft...
Fonte: microsoft.com
3
158
306
89
141K
Repost di Sarah Yoder
doughsec's profile picture.
Doug Bienstock
 @doughsec
19 ott 2023

🚨 NetScaler vulnerability CVE-2023-4966 is being actively exploited. It can lead to VDI session hijacking, including MFA bypass. There are no logs on the appliance to monitor for exploitation. Upgrade now and investigate your environment! mandiant.com/resources/blog… #DFIR

doughsec's tweet card. Investigation of Session Hijacking via Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4...
Investigation of Session Hijacking via Citrix NetScaler ADC and Gateway Vulnerability (CVE-2023-4...
Fonte: cloud.google.com
0
28
42
8
7K
Repost di Sarah Yoder
JohnHultquist's profile picture.
John Hultquist
@JohnHultquist
14 set 2023

Our blog on UNC3944, a threat actor involved in several recent attacks on the hospitality sector and other industries. Includes actor methods and mitigations. mandiant.com/resources/blog…

JohnHultquist's tweet card. Why Are You Texting Me? UNC3944 Leverages SMS Phishing Campaigns for SIM Swapping, Ransomware,...
Why Are You Texting Me? UNC3944 Leverages SMS Phishing Campaigns for SIM Swapping, Ransomware,...
Fonte: cloud.google.com
2
13
53
2
9K
Repost di Sarah Yoder
BushidoToken's profile picture.
Will
 @BushidoToken
29 ago 2023

🎯#Qakbot Botnet Takedown in Operation Duck Hunt! 💻 700,000 Victim Computers 💰 $8.6m in cryptocurrency seized by DOJ 💰 Qakbot has earned $58m in ransoms 🔒 Qakbot used by Conti, ProLock, Egregor, REvil, MegaCortex, and Black Basta ransomware groups justice.gov/usao-cdca/pr/q…

BushidoToken's tweet card. The Justice Department today announced a multinational operation involving actions in the United States, France, Germany, the Netherlands, the United Kingdom, Romania, and Latvia to disrupt the...
Qakbot Malware Disrupted in International Cyber Takedown
Fonte: justice.gov
3
108
237
15
39K
Repost di Sarah Yoder
doughsec's profile picture.
Doug Bienstock
 @doughsec
14 ago 2023

Today we launched a 🔎 scanning tool for orgs to search their Citrix netscalers for evidence of CVE-2023-3519 post-exploration. You can run this direct on the ADC or against a forensic image. With public POCs out there expect more exploitation! mandiant.com/resources/blog… #DFIR

doughsec's tweet card. Indicators of Compromise Scanner for Citrix ADC Zero-Day (CVE-2023-3519) | Mandiant | Google Cloud...
Indicators of Compromise Scanner for Citrix ADC Zero-Day (CVE-2023-3519) | Mandiant | Google Cloud...
Fonte: cloud.google.com
2
32
51
9
8K
likethecoins's profile picture. Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @likethecoins@infosec.exchange

Katie Nickels

@likethecoins
ImposeCost's profile picture. Head of Global Signals Operations @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.

Andrew Thompson

@ImposeCost
SwiftOnSecurity's profile picture. computer security person. former helpdesk.

SwiftOnSecurity

@SwiftOnSecurity
sherrod_im's profile picture. Host of THE Microsoft Threat Intelligence Podcast. I like tracking crime actors. Infosec is my passion.

💻 Sherrod DeGrippo 🛸

@sherrod_im
jamieantisocial's profile picture. threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷, ✌️🇺🇸➡️🇫🇷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**

J⩜⃝mie Williams

@jamieantisocial
HackingLZ's profile picture. CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars

Justin Elze

@HackingLZ
UK_Daniel_Card's profile picture. Department of Cyber WAR. CEO of everyone's email servers! Member of the Counter Spider Collective. Wielder of AI to defend in Cyber Space.

mRr3b00t

@UK_Daniel_Card
JohnHultquist's profile picture. Chief Analyst, Google Threat Intelligence Group. @CYBERWARCON and @SLEUTHCON founder. Johns Hopkins professor. Army vet.

John Hultquist

@JohnHultquist
klrgrz's profile picture. Christian. Killer Grizz, Threat Intel & Thrunter. Hack things w/ @bsides_nova. @DEFCON Contests Dept Lead & Black Badge DC32. GSE #344. (VIEWS ARE MY OWN).

Andy Piazza at CYBERWARCON

@klrgrz
SecurePeacock's profile picture. #PurpleTeam | Ex @RaytheonTech MSSP, @SCYTHE_IO, & @GD_OTS | Taught at BlackHat & DEFCON | #100DaysofSigma | Keep exploring, keep learning, and stay curious

Christopher Peacock

@SecurePeacock
BushidoToken's profile picture. Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil

Will

@BushidoToken
tylabs's profile picture. Intrusion aficionado. @Google/@Mandiant Advanced Practices

Tyler McLellan

@tylabs
arekfurt's profile picture. Former attorney, current IT & infosec consultant in the 'Burgh. Happy to talk about password spraying one minute and constitutional law the next. Son of #wvu.

Brian in Pittsburgh

@arekfurt
bryceabdo's profile picture. 🐗 🦅 🎯 Research & Discovery @ Google/Mandiant

Bryce

@bryceabdo
MITREattack's profile picture. MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt

ATT&CK

@MITREattack
_whatshisface's profile picture. I lead @mitreattack. Ask me about deception, but don't believe the answers. Non ATT&CK tweets only speak for me. @whatshisface@infosec.exchange

Adam Pennington

@_whatshisface
gabby_roncone's profile picture. hunting russian apt cyber ops @Mandiant @GoogleCloud. views expressed here are mine, not my employer’s. she/her.

Gabby Roncone 🇺🇦 🇵🇸

@gabby_roncone
eric_capuano's profile picture. Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ⬡ ❤ @shortxstack

Eric Capuano - Bsky: @eric.zip

@eric_capuano
stvemillertime's profile picture. AI threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara

Steve YARA Synapse Miller

@stvemillertime
ItsReallyNick's profile picture. Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA

Nick Carr

@ItsReallyNick
Ciekaw348065's profile picture. I’m my own muse.

Cerys

@Ciekaw348065
Irsugirx969336's profile picture. I was born to stand out, not to fit in.

Stacey

@Irsugirx969336
c03rci0n's profile picture.

I//uS!0nS

@c03rci0n
Alexaz0zzy's profile picture.

Alex

@Alexaz0zzy
ksimmanni's profile picture.

Keerthi Sameera Immanni

@ksimmanni
mbenedetti007's profile picture.

Milan Benedetti

@mbenedetti007
brandtofar92199's profile picture. Live in the present and cherish every moment.

Daphne

@brandtofar92199
Luckyrocky2028's profile picture. Stay Hungry, Stay Foolish. Only those who are self-disciplined can attain true freedom.|No Politics.

Johnny

@Luckyrocky2028
LupovisDefence's profile picture. Real-time Contextual Threat intelligence Through Deception.

Lupovis

@LupovisDefence
its_Yeager0100's profile picture.

Eren Yeager

@its_Yeager0100
DaminiJohal's profile picture.

Damini

@DaminiJohal
MalB3nder's profile picture. مسلم أحب الله و رسوله صلى الله عليه وسلم سهران الفجر علشان أجيب دخل

Youssef Madkour

@MalB3nder
omnitheon's profile picture. Offensive Security / Threathunter / Detection Engineer / @CDMDepaul and @NationalCCDC Alum

Adam Slowik

@omnitheon
AndreGironda's profile picture. He/Him; Pre-/Post-breach Cyber Responder

Andre Gironda

@AndreGironda
LucasMoretti's profile picture. Cyber Defender | SIEM & Threat Detection Engineer

Lucas Moretti

@LucasMoretti
Richardlee878's profile picture. British Army veteran. #Fitness #Security #Cyber #Innovation #OSINT #Intelligence Views are my own.

Richard

@Richardlee878
DFScoldtakes's profile picture.

nudacy

@DFScoldtakes
what_is_sos's profile picture. 🎖️State-Sponsored Threats Conference 🎉 AGENDA IS OUT! 🗓️ October 28, 2025 - Brussels, Belgium #what_is_sos

State of Statecraft Conference

@what_is_sos
StuartMunr58209's profile picture.

Stuart Munro

@StuartMunr58209
andy_chocoman's profile picture. Devops Engineer, band, foot-loose, shenanigans, food, music, hawthorn, coffee, piano, life.

Andy Van

@andy_chocoman
josh_murchie's profile picture. Senior Threat Analyst @Google | Threat Hunter | Digital Forensicator | Coffee Addict | Bourbon Enthusiast | Amateur Woodworker | Unapologetically Pro 2A

Josh++

@josh_murchie
Farmybabes's profile picture.

.

@Farmybabes
davemccollough's profile picture. Cloud, Security, AI | React Native/Expo | Mountain enthusiast - bike, climb, run

Dave McCollough

@davemccollough
groot0x12's profile picture. cybersecurity enthusiast

0xgr00t

@groot0x12
GiardulloLuca's profile picture.

Luca Giardullo

@GiardulloLuca
marqufabi's profile picture. CTI Analyst @ Deutsche Telekom Security. Open source. Open data. Tech geek. Tweets in 🇩🇪 and 🇬🇧. Views are my own.

Fabian Marquardt

@marqufabi
khannaanurag's profile picture. SANS Certified Instructor, Incident Response@CRWD, GSE #97, Detecting and Responding to Security breaches. My personal views. Down Under.

Anurag Khanna

@khannaanurag
ciphersuite's profile picture. Folsom Street Blues

ciphersuite

@ciphersuite
m19o__'s profile picture. Security Researcher | Speaker: DEFCON, Black Hat, TEDx, BSides | Organizer @BSides_ABQ & OWASPCairo | Hacker-minded: Build/break stuff | Coffee++ | @CyberDose_

AbuMuslim (أبومُسْلِم)

@m19o__
MisuaRaboki's profile picture. Evanescent liquidity benefactor, reaping emolument upon forevisioned oscillation anent quotient proxifying sovereign monies' temporal tollage

Misua Raboki

@MisuaRaboki
DeeJaayMac's profile picture. technology. privacy. freedom. strength. 2A/3D2A. XMR. BTC. open source. futurism. only bots follow me.

Sadistic Monkey

@DeeJaayMac
ciso254's profile picture. This is how I would go about doing my Cyber Security https://t.co/xOeJK1oOsF

cisoKE

@ciso254
Francisckrs's profile picture. The analysis is severely limited by my lack of understanding of what I am doing. @francisck@infosec.exchange @francisck.bsky.social

Fran Donoso (@[email protected])

@Francisckrs
7up47's profile picture.

7up4

@7up47
Possum_Sec's profile picture.

PossumSec

@Possum_Sec
elf32's profile picture.

Jim Cook

@elf32
mz70027305's profile picture.

mz

@mz70027305
K_A_Alotaibi's profile picture. Security enthusiast, interested in E-crime, PCI DSS, Ethical Hacking and Network Security.

Khalid Alotaibi

@K_A_Alotaibi
asteinbr's profile picture.

A

@asteinbr
pomomoh's profile picture. girl dad, self-made, angel investor, sci-fi, speed junkie, crypto, agency trumps IQ, risk is key, LEAPS = superpower, $ETH is money 🇺🇸🇳🇬

Paul Momoh (cryptozen.eth)

@pomomoh
0xArrow's profile picture. #CS #KKU | Conquer Your Dream or Die Trying | #INTJ | wannabe Hacker | #Purple_Team | DFIRing .. 👾💾

E 📀

@0xArrow
aikchar's profile picture. @aikchar.bsky.social Views are my own but ramblings are not.

Hamza 🇺🇸🇵🇰

@aikchar
0x0aSky's profile picture. French CTI analyst. My interests, OSINT, CTI, IR, forensics and new technologies. Opinions are my own.

sky

@0x0aSky
CRDiegol's profile picture. CTI and former SCE at @IBMSecurity | Former IR at @Citi | Cybersecurity | Business Admin | Finance | OSINT | Dogs, Grilling and Motorcycles

Diego Alonso Sánchez

@CRDiegol
e_osmus's profile picture. Go Pokes! MS CSIA, GCIH, GPEN certified. Tweets don't represent my company. https://t.co/7QT1zw938L #infosec

Eric Osmus 🇺🇦 #StandWithUkraine

@e_osmus
antoine_leblond's profile picture. Analyste infosec et fan de beaucoup de choses. / Être gentil c'est gratuit, essayez. / Being kind is free, just try it. / #Dogs #BelieveInFilm FR/EN

Tapageur \_(0_o)_/

@antoine_leblond
jasonrathbun6's profile picture. SU ALUMNI - #infosec Cyber Security | CRTO | Technical Director of Threat Ops @ Blackpoint Cyber | Opinions are my own and not the views of my employer

Jason♕

@jasonrathbun6
D4n1Lopez's profile picture.

Daniel Lopez

@D4n1Lopez
vxunderground's profile picture. The largest collection of malware source code, samples, and papers on the internet. Password: infected

vx-underground

@vxunderground
cyb3rops's profile picture. Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim

Florian Roth ⚡️

@cyb3rops
likethecoins's profile picture. Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @likethecoins@infosec.exchange

Katie Nickels

@likethecoins
ImposeCost's profile picture. Head of Global Signals Operations @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.

Andrew Thompson

@ImposeCost
SwiftOnSecurity's profile picture. computer security person. former helpdesk.

SwiftOnSecurity

@SwiftOnSecurity
sherrod_im's profile picture. Host of THE Microsoft Threat Intelligence Podcast. I like tracking crime actors. Infosec is my passion.

💻 Sherrod DeGrippo 🛸

@sherrod_im
jamieantisocial's profile picture. threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷, ✌️🇺🇸➡️🇫🇷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**

J⩜⃝mie Williams

@jamieantisocial
brysonbort's profile picture. 🦄 @scythe_io @grimmcyber, Sr Advisor @IST_Org, NatSec Inst Sr Fellow, Co-Fdr @ICS_Village, @c2_matrix co-creator, USMA Science Board, Angel Investor, US Army

Bryson 🦄

@brysonbort
JohnHultquist's profile picture. Chief Analyst, Google Threat Intelligence Group. @CYBERWARCON and @SLEUTHCON founder. Johns Hopkins professor. Army vet.

John Hultquist

@JohnHultquist
BushidoToken's profile picture. Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil

Will

@BushidoToken
dakacki's profile picture. Dogfather / Goon / @WSIIAOfficial / Existing in bluer skies @ https://t.co/ROEAl8ngeA / https://t.co/m3LR3M8mBX

rand0h

@dakacki
tylabs's profile picture. Intrusion aficionado. @Google/@Mandiant Advanced Practices

Tyler McLellan

@tylabs
sansforensics's profile picture. The world's leading Digital Forensics and Incident Response provider. This feed updates you on latest DFIR news, events, and training.

SANS DFIR

@sansforensics
bryceabdo's profile picture. 🐗 🦅 🎯 Research & Discovery @ Google/Mandiant

Bryce

@bryceabdo
MITREattack's profile picture. MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Re-tweeting ≠ endorsement. @ https://t.co/wt46ArkZVt

ATT&CK

@MITREattack
_whatshisface's profile picture. I lead @mitreattack. Ask me about deception, but don't believe the answers. Non ATT&CK tweets only speak for me. @whatshisface@infosec.exchange

Adam Pennington

@_whatshisface
gabby_roncone's profile picture. hunting russian apt cyber ops @Mandiant @GoogleCloud. views expressed here are mine, not my employer’s. she/her.

Gabby Roncone 🇺🇦 🇵🇸

@gabby_roncone
stvemillertime's profile picture. AI threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara

Steve YARA Synapse Miller

@stvemillertime
strandjs's profile picture. I will light the way by the bridges I burn. Retired Senior SANS Instructor IANS Faculty Black Hills Information Security Active Countermeasures

strandjs - [email protected]

@strandjs
ItsReallyNick's profile picture. Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA

Nick Carr

@ItsReallyNick
hacks4pancakes's profile picture. ICS DFIR @dragosinc, martial artist, marksman, humanist, Lvl14 Neutral Good rogue, USAF Ret. Tweet *very serious* things about infosec. Thoughts mine. They/them

Lesley Carhart

@hacks4pancakes
AOC's profile picture. US Congresswoman, NY-14. In a modern, moral, and wealthy society, no American should be too poor to live. People-Funded, takes no lobbyist💰. Personal account.

Alexandria Ocasio-Cortez

@AOC
willsommer's profile picture. Senior reporter @bulwarkonline, False Flag newsletter. Author of "Trust the Plan." Email: sommer -at- https://t.co/glNchX9kIl. Signal: willsommer.38.

Will Sommer

@willsommer
mahlerware's profile picture. security @xai

Matt Lin

@mahlerware
AlexandriaVATES's profile picture. Official tweets from the City of Alexandria Department of Transportation & Environmental Services. Monitored M-F, 8AM-5PM. 703-746-4311 / 9-1-1 for emergencies.

Alexandria Transportation & Environmental Services

@AlexandriaVATES
F1's profile picture. NEXT STOP: LAS VEGAS 🎲🎲 November 20th-22nd

Formula 1

@F1
Big_Bad_W0lf_'s profile picture. Bad guys and Breaches with #AdvancedPractices 🦅 @Mandiant / @Google | tweets are my own

John

@Big_Bad_W0lf_
aptwhatnow's profile picture.

aptwhatnow

@aptwhatnow
AustinLarsen_'s profile picture. Principal Analyst @Google Threat Intelligence Group

Austin Larsen

@AustinLarsen_
BertJanCyber's profile picture. CSIRT | https://t.co/Tu1l2ZFe0T | Microsoft Security MVP | Blue & Purple Team | SOC | SIEM | Threat Hunting | Detection Engineering | #KQL |

Bert-Jan 🛡️

@BertJanCyber
greglesnewich's profile picture. great, now I'm on twitter

Greg Lesnewich

@greglesnewich
tomchop_'s profile picture. DFIR @Google by day; threat intel and malware analysis by night · BlueTeam (views are my own) · he/him · @tomchop@infosec.exchange / @tomchop.bsky.social

tomchop

@tomchop_
WLesicki's profile picture. Lead, Threat Assessment and Countermeasures Things that I like to do: IR/TH CTI ICS/OT security cloud security(mostly Azure) #TogetherWeAreStronger

Wojciech Lesicki

@WLesicki
a_greenberg's profile picture. WIRED writer, author of SANDWORM and now TRACERS IN THE DARK: The Global Hunt for the Crime Lords of Cryptocurrency. Andy.01 on Signal. agreenberg@wired.com

Andy Greenberg (@agreenberg at the other places)

@a_greenberg
JonnyJohnson_'s profile picture. Principal Windows Security Researcher @HuntressLabs | Windows Internals & Telemetry Research

Jonny Johnson

@JonnyJohnson_
THIR_Sec's profile picture. 🏹 @SentinelOne | @SANS_EDU #MSISE Alum | Former @TheDFIRReport Contributor. Expressed opinions are my own.

43 56

@THIR_Sec
SLEUTHCON's profile picture. 2025 talks now available! | https://t.co/eDLUuWTyDX

SLEUTHCON

@SLEUTHCON
KyleChrzanowsk3's profile picture. Security Strategy & Transformation Consultant at Mandiant (Google Cloud). Georgia Tech & ATL sports fan. Views expressed are my own.

Kyle Chrzanowski

@KyleChrzanowsk3
NConstandelis's profile picture. Interested in digital forensics, incident response, penetration testing, and all things infosec.

Nico

@NConstandelis
JohnFScarbrough's profile picture. Incident Response @mandiant. Opinions my own.

John Scarbrough

@JohnFScarbrough
raikiasec's profile picture. Mandiant (Google Cloud) Red Team Director. My views and comments are my own and do not reflect my employer's view

Chris King

@raikiasec
kevincollier's profile picture. I cover digital threats @nbcnews. From WV. Dormant account. Try https://t.co/9UJdWRwcOS. kevin.collier@nbcuni.com, signal: kevincollier.01.

Kevin Collier

@kevincollier
ericalikestech's profile picture.

.

@ericalikestech
voodoodahl1's profile picture. Principal Intelligence Analyst Global Threat Analysis Cell @CrowdStrike | Father of @badtakeblake | Opinions are my own

Matt Dahl

@voodoodahl1
th3_protoCOL's profile picture. Threat Intelligence 🏹 Malware Research 🧬 Managed Detection and Response @Sophos

Colin Cowie👨🏼‍💻| @[email protected]

@th3_protoCOL
_John_Doyle's profile picture. Cyber threat intelligence | Mandiant | SANS FOR578 instructor | Member of @curatedintelligence | Arcane Trickster | Ex-CIA | Posts represent my personal views

InfoSecProf

@_John_Doyle
thomasareed's profile picture. Director of Core Technology at Malwarebytes, self-taught security researcher, Mac fan since 1984, @thomasareed@infosec.exchange on Mastodon

Thomas Reed

@thomasareed
objective_see's profile picture. 🍎 🛡️ 🛠️ Open-Source Tools 📚 "The Art of Mac Malware" books 🫂 "Objective by the Sea" conference Support us on https://t.co/tuGceSeyiC 🙏

Objective-See Foundation

@objective_see
philofishal's profile picture. Now exclusively on bluesky @philofishal.bsky.social

Phil Stokes ⫍🐠⫎

@philofishal
jbradley89's profile picture. MacOS Intrusion Analyst, APT Smiter , Haole. Author of OS X Incident Response Scripting and Analysis Owner of https://t.co/oApHpiRaQ0

Jaron Bradley

@jbradley89
jhencinski's profile picture. Head of SecOps @ProphetSec

Jon Hencinski

@jhencinski
Adam_Mashinchi's profile picture. Product Person @redcanary. Involved with: #AtomicRedTeam, @c2_matrix, @WWHackinFest, and the #PoweredByBlockchain stickers. (@Adam_Mashinchi@infosec.exchange)

Adam Mashinchi

@Adam_Mashinchi
CyberStatecraft's profile picture. Official account of the @AtlanticCouncil's Cyber Statecraft Initiative. Working at the nexus of geopolitics & nat sec with cyber. RT≠Endorsement

Cyber Statecraft

@CyberStatecraft
7ufail's profile picture. Typos in tweets should be expected. Tweets and opinions are my own. Threat Analyst @Mandiant @Google Cloud Advanced Practices 🦅

Tufail Ahmed

@7ufail
JayceNichols_'s profile picture. @Mandiant Intel, now @Google. Intel analyst at heart. ML tinkerer. Micah 6:8 aspirant. Random other things. Opinions my own.

Jayce Nichols

@JayceNichols_
DLL_Cool_J's profile picture. Maker of things, breaker of bits. Statements are my own and do not reflect the views of my employer(s). #Founder of #APT Hot Sauce

Jared

@DLL_Cool_J
spontiroli's profile picture. I break down #malware so you don’t have to 👾 Lead Security Researcher @Acronis TRU doing #ThreatIntel #CTI GReAT past, and even greater challenges ahead

Santiago Pontiroli

@spontiroli
dimitribest's profile picture. #CTI #Trainer #Speaker Former Senior Director CTI at BlackBerry, Former GReAT team Director in LatAm

Dmitry Bestuzhev

@dimitribest
GoogleCloudSec's profile picture. Make Google part of your security team with Mandiant frontline experts, intel-driven security operations, and a secure cloud platform — supercharged with AI.

Google Cloud Security

@GoogleCloudSec
dbrand's profile picture. toxic electric tape // support @robot

dbrand

@dbrand
MKBHD's profile picture. Web Video Producer | ⋈ | Pro Ultimate Frisbee Player | Host of @WVFRM @TheStudio

Marques Brownlee

@MKBHD
JumpforJoyce's profile picture. VP, Google Threat Intelligence @ Google. Board Member. Mom/Wife. Veteran. PhD Student

Sandra Joyce

@JumpforJoyce
NCSC's profile picture. We are the National Cyber Security Centre – part of the UK’s intelligence & cyber agency @GCHQ. We help to make the UK the safest place to live and work online.

NCSC UK

@NCSC
bellingcat's profile picture. Support our charity https://t.co/XMTKIEDiTB Buy our book: https://t.co/2JiuWFfTpO Follow us: https://t.co/LPUEQI8TdZ

Bellingcat

@bellingcat
digihash's profile picture. Cyber Threat Research Lead @CCB_Belgium/@CCBalert | #FOR578: #CTI @SANSInstitute instructor | @CuratedIntel | loves to try new things: food, beer whisky, etc.

Kevin Holvoet

@digihash
CircleCI's profile picture. Win at software with the only CI/CD platform that gives developers that green build feeling. Get started for free. https://t.co/ernIg8eL5d

CircleCI

@CircleCI
vtxproject's profile picture. On a mission to create an intelligence-driven future with Synapse.

The Vertex Project

@vtxproject
bkMSFT's profile picture. Partner Director of Threat Intelligence at @Microsoft Threat Intelligence Center (MSTIC).

bk (Ben Koehl)

@bkMSFT

United States Tendenze

Potrebbero piacerti

Something went wrong.


Something went wrong.