You might like
🧵We are excited to share that @Zeekurity is now a component of @Microsoft @Windows ! An incredible development that truly establishes Zeek as the de facto standard for #networkevidence: corelight.com/company/zeek-n… 1/4
Blog: A glimpse into the shadowy realm of a Chinese APT: detailed analysis of a ShadowPad intrusion by William Backhouse ( @Will0x04 ), Michael Mullen ( @DropTheBase64 ) and Nikolaos Pantazopoulos research.nccgroup.com/2022/09/30/a-g…
In case you missed it at #BHUSA, check out @tr1ana's Monkey365, a tool for security consultants to easily conduct not only Microsoft 365, but also Azure subscriptions and Azure Active Directory security configuration reviews research.nccgroup.com/2022/09/07/too…
Blog: Back in Black: Unlocking a LockBit 3.0 Ransomware Attack - explores some of the TTPs employed by a threat actor who were observed deploying LockBit 3.0 ransomware during an incident response engagement - by @rdi_x64 - research.nccgroup.com/2022/08/19/bac…
Blog: Climbing Mount Everest: Black-Byte Bytes Back? - research.nccgroup.com/2022/07/13/cli… by Michael Mullen and Nikolaos Pantazopoulos
Are you using any of the Microsoft Security products and/or #Sentinel? Then this thread is for you! The best resources for #KQL Advanced Hunting Queries or Analytics rules in my opinion. #MDE #ThreatHunting #Detection #DFIR
Blog: Metastealer - filling the Racoon void - research.nccgroup.com/2022/05/20/met… by by Peter Gurney
Blog: North Korea’s Lazarus - their initial access trade-craft using social media and social engineering by @MMatthews32 and Nikolaos Pantazopoulos - research.nccgroup.com/2022/05/05/nor…
Blog: LAPSUS$ - Recent techniques, tactics and procedures - research.nccgroup.com/2022/04/28/lap… - by @davidbrown1982 @MMatthews32 and @_bobbysmalls
Blog: Adventures in the land of BumbleBee – a new malicious loader - research.nccgroup.com/2022/04/29/adv… by @Mike_stokkel, Nikolaos Totosis and Nikolaos Pantazopoulos
Great effort by the team who have been working hard on this one. The detection mentioned is well worth monitoring for.
Blog: Detecting Karakurt – an extortion focused threat actor by NCC Group's Cyber Incident Response Team members - Simon Biggs, Richard Footman and Michael Mullen - research.nccgroup.com/2022/02/17/det… #Karakurt
Thanks to all the folks in the community doing what you do, we appreciate you: @ankit_anubhav,@likethecoins,@BushidoToken,@James_inthe_box,@ffforward,@0xThiebaut,@MichalKoczwara,@malware_traffic,@Hexacorn,@beardofbinary,@DidierStevens,@MalwareRE,@ForensicITGuy,@Paulsec4
Blog: Log4Shell: Reconnaissance and post exploitation network detection - includes numerous @Suricata_IDS rules and IoCs - research.nccgroup.com/2021/12/12/log…
Blog: Tracking a P2P network related to #TA505 - we've identified a new peer2peer implant capability we attribute to the authors of Grace - research.nccgroup.com/2021/12/01/tra…
Analysis and reporting completed by @Kostastsale, @pigerlin, and @_pete_0 📢Shout-outs to @James_inthe_box, @TheRecord_Media, @malware_traffic, @redcanary, @Hexacorn, @DidierStevens, @nccgroup, @beardofbinary, and @campuscodi.
TA505 exploits SolarWinds Serv-U vulnerability (CVE-2021-35211) for initial access research.nccgroup.com/2021/11/08/ta5…
Analysis and reporting completed by @kostastsale Reviewed by @iiamaleks and @pigerlin 📢Shout-outs to @TheRecord_Media, @BHinfoSecurity, @malware_traffic, @NCCGroupInfosec, @redcanary, & @AltShiftPrtScn
BazarLoader and the Conti Leaks Discovery: AdFind, Advanced IP Scanner, PowerSploit, Nltest, Net, etc. Credential Access: ntdsAudit, ntdsutil, LSASS Access Defense Evasion: Process Injection C2: #CobaltStrike, AnyDesk Exfil: Rclone (upload to mega) thedfirreport.com/2021/10/04/baz…
United States Trends
- 1. Jokic 25.5K posts
- 2. Lakers 52.7K posts
- 3. Epstein 1.67M posts
- 4. #AEWDynamite 50.2K posts
- 5. #River 4,989 posts
- 6. Nemec 3,335 posts
- 7. Clippers 14.4K posts
- 8. Shai 16.3K posts
- 9. #ReasonableDoubtHulu N/A
- 10. Thunder 40.8K posts
- 11. #NJDevils 3,113 posts
- 12. Markstrom 1,255 posts
- 13. #Blackhawks 1,605 posts
- 14. Ty Lue 1,143 posts
- 15. Nemo 8,571 posts
- 16. Mikey 71.7K posts
- 17. Lafferty N/A
- 18. Rory 8,049 posts
- 19. Joker 26.6K posts
- 20. Jordan Miller N/A
You might like
-
Sophia 🦊
@spookphia -
Pierre
@pigerlin -
Tornado
@0xtornado -
[email protected]
@tas_kmanager -
DTM
@dtmsecurity -
Maxime Thiebaut
@0xThiebaut -
Adrien B
@Int2e_ -
Ross
@rdi_x64 -
Wojciech Lesicki
@WLesicki -
MetallicHack
@MetallicHack -
Russ Rogers (v3rtig0 - Speedrussr)
@v3rtig0 -
TRΛVIS 🚀
@DreamFighter22 -
Calwarez
@calwarez -
Austin
@YouDownWithTTPs -
Ian Crocker
@IanCrocker2
Something went wrong.
Something went wrong.