Kyle Eaton @0xkyle
phishing, maldocs, threat intel Joined March 2015-
Tweets615
-
Followers1K
-
Following332
-
Likes5K
The PDF spec is where the phrase “bless this mess” originated.
Kyle Eaton retweeted
On this DISCARDED episode, we uncover real-world detection wins, explore persistent threats like #TA505 and #Emotet, and dive into the importance of instincts in cybersecurity—because, as our guest puts it, sometimes good detection is all about the vibes. brnw.ch/21wQWWl
virustotal.com/gui/file/f2a6f… Also expecting to see indiandefenceforces[.]link soon
virustotal.com/gui/file/f2a6f… Also expecting to see indiandefenceforces[.]link soon
7c8a483f3c745d23db9557479bedbc6e458104c77709edc6907fa108065fc63a PDF phish
7c8a483f3c745d23db9557479bedbc6e458104c77709edc6907fa108065fc63a PDF phish
ministryofdefenceindia[.]link does not pass the sniff test.
Kyle Eaton retweeted
So, if we want to detect these concatenated zips, we should focus on the last EOCD, and make sure that the bytes at the PKCD offset are not the PKCD header. Yara: github.com/EmergingThreat….
Kyle Eaton retweeted
My new blogged dropped!! proofpoint.com/us/blog/threat…
My new blogged dropped!! proofpoint.com/us/blog/threat…
I will be at @GrrCON this week talking about a new way we are detecting and clustering PDFs - come check it out
The iconic and legendary @pmelson on the Microsoft threat intel podcast 👀 podcasts.apple.com/us/podcast/mic…
#100DaysOfYara Still on PDFs, here we have a quick rule to ID the pdf version, not pretty because it's the hex value, but you can eyeball it (0x30 -> 0, etc.) And chain this with some grep/sort and you get nice output over the break down of PDFs.
Don’t miss @jacoblatonis on the MongoDB podcast!🎙️ open.spotify.com/episode/3VWJMz…
Again, not me.
FYI this isn’t me. I am one of the “crypto means cryptography” people.
FYI this isn’t me. I am one of the “crypto means cryptography” people.
This was one of my favorite talks this year and this slide in particular stood out to me. Too easy to neglect some of these areas.
This was one of my favorite talks this year and this slide in particular stood out to me. Too easy to neglect some of these areas. https://t.co/69pJfY4Zik
💻 Sherrod DeGrippo... @sherrod_im
36K Followers 7K Following Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Paul Melson @pmelson
14K Followers 1K Following Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him
Andrew Northern 𓅓 @ex_raritas
5K Followers 1K Following 🔮 Senior Threat Researcher at @proofpoint 🔮 | Knowledge Piñata 🪅 | Attack Chain Connoisseur | Epicurean
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Myrtus @Myrtus0x0
8K Followers 707 Following Malware Researcher | Developer | @Cryptolaemus1 | @NVIDIA bsky: [email protected]
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
A Beacon Of Wisdom In... @KyleTDavis1
604 Followers 499 Following Seldom wrong, never in doubt. Also, Hoya Saxa.
Joe Roosen @JRoosen
8K Followers 1K Following SpyCloud - Director of Security Research, Cryptolaemus Coordinator, Emotet(Ivan)/QBot(Boris) Destroyer, gold prospector & former sysadmin.
Silas Cutler (p1nk) @silascutler
13K Followers 2K Following You may know me from your logs Research @Censys Advisor @IST_org & #DEVSEC Built @Only_Scans, @mal_share, #KeyDrop
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
☠️🐻Andy Piazza... @klrgrz
6K Followers 3K Following Christian. Killer Grizz, Threat Intel & Thrunter. Hack things w/ @bsides_nova. @DEFCON Contests Dept Lead & Black Badge DC32. GSE #344. (VIEWS ARE MY OWN).
Jared Wilson @JWilsonSecurity
2K Followers 1K Following Mandiant Research and Discovery, Father, Husband, Trail Runner, Co-Founder CyberFriendsCircle
Dan Perez @MrDanPerez
4K Followers 1K Following 🇨🇳Mission TL @Google | #Malware Naming Wizard | #Attribution Connoisseur | All tweets are my own. #ThreatIntel #APT
Dan Nguyen @DANResponse
342 Followers 974 Following Passionate about DevOps and DevSecOps. Founder @ https://t.co/c2mTSXlx0g, former cybersecurity engineer and recovering consultant
Cris Brafman Kittner @criskittner
2K Followers 1K Following Cyber geek at @FireEye, @Mandiant, @GoogleCloud, now @Proofpoint. Interplanetary enthusiast. History geek. Opinions my own.
Norbert @NB1r0
57 Followers 3K Following
Yashraj Solanki @RustyNoob619
1K Followers 315 Following Cyber Threat Intelligence Analyst @bridewellsec (All tweets are my views) C2 Hunting | Malware Noob | ICS Addict
eversinc33 🤍🔪�... @eversinc33
6K Followers 1K Following computers be computin | https://t.co/Eiur8iOJQ4
Bewinner @bememe11
6 Followers 106 Following real person become a memer. IT student mbut💀. top tier yapping and hating
timlake @timlake252160
0 Followers 2K Following
Josie Moran @JosieMoran62359
5 Followers 174 Following Recruiting webshell engineers to penetrate websi tes, with a monthly salary of up to $100,000 . If interested, please contact https://t.co/K7ApJzjrav
Ameer Hamza @0xhamza
249 Followers 4K Following I have Diverse Interests: Interested in Global Politics Specific to Great Power Rivalry, Middle East, South Asia and OBOR. Interested in Information Security.
James @ozuriexv
16 Followers 74 Following Malware Analyst & Detection Engineer for the Emerging Threats team @proofpoint Exploit SME, RE rogue, Python pretender, sometimes look at PCAPs.
Byt? @byt_sol
845 Followers 7K Following
DaConMeo @kikdekat
1 Followers 28 Following
David | Warden @WorldWideWarden
70K Followers 12K Following Co-Founder @wardenprotocol | Ex @Uber & @binance | Programmable brains on immutable chains
RJ @RockstrJai
28 Followers 623 Following
Michele Dallachiesa @elehcimd
630 Followers 831 Following Data Products & AI Consulting | Join my email list: https://t.co/Wfgca1FO87
Akash Mishka 👾 | �... @Akash_Mishka
67K Followers 8K Following Blockchain lover 🚀👨🚀 and member of the cryptoverse | Love @wardenprotocol 👾
lala/jinga @arvi_noob
45 Followers 628 Following
Steven Patterson @steve_p08
1 Followers 13 Following
Sara_IB Baby @baby18157
18 Followers 103 Following
MSE @DigitalMistica
350 Followers 4K Following 🌐 I made this account to warn others and share my experience with a potential Trojan that auto-downloaded from the TikTok Seller website. 🆘
zoharbuber @zoharbuber
35 Followers 2K Following
spider @LulleLullu63135
132 Followers 3K Following
rip @bigmetalpiston
17 Followers 3K Following DFIR, Malware analysis & AI red teaming, what more could you ask for?
Ovidiu @digital_ovi
0 Followers 2K Following
Peter Schawacker @PeterSchawacker
1K Followers 7K Following Cyber Business Innovator & Strategist | CISO | AI | GRC & SOC | DFIR/TTX | SecOps | Drive Margin | Nearshoring | LATAM-USA | Emerging Markets | GTM Advisor
Amber ❤️ | BlueBi... @amberlinlinya
1K Followers 5K Following #蓝v互关 有关必回 被 NFT小图片拐到币圈 💰 懂艺术的Web3人 🎨 Ex @inovaitech🖌️@RootDataCrypto 币安注册 #Binance https://t.co/xQ5hEtxEsS OK注册:https://t.co/ACAOrUdOWE
Hussain Alqurashi @qurashi_hm
177 Followers 6K Following
Hackers vs Hackers @hackersversus
27 Followers 152 Following Hackers face off! Hosting polls, community face offs, and more for hackers to compete against each other to find the best hacker on the X space!
nc 🌐🕸️🐱 @thoughtfault
5K Followers 2K Following Supreme Leader @SpacialSec SpacialSec discord: https://t.co/12VEpIIgYL
ikram_ulhaq @salluloveg
25 Followers 633 Following
Wayback @Ptester1187
46 Followers 651 Following
Adrian Covich @AdrianCovich
145 Followers 2K Following Interested in infosec topics (amongst other things). SE director at Proofpoint Australia- views my own.
Roger Lim @RogerLi10227161
0 Followers 9 Following
exlagsx @Exodia6542
151 Followers 1K Following 🖥️ Inzusiast and resercher | actively fighting cybercrime. 🪐
💻 Sherrod DeGrippo... @sherrod_im
36K Followers 7K Following Weird security voyeur. Vibe merchant. CISO of your 🩷 Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast. I like crime actors.
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Paul Melson @pmelson
14K Followers 1K Following Author/Operator of @ScumBots. Blue Team by day, Blue Team by night. Opinions, typos, and bad grammar do not represent my employer. He/Him
John Hultquist @JohnHultquist
29K Followers 1K Following Chief Analyst, Google Threat Intelligence Group. @CYBERWARCON and @SLEUTHCON founder. Johns Hopkins professor. Army vet.
Andrew Northern 𓅓 @ex_raritas
5K Followers 1K Following 🔮 Senior Threat Researcher at @proofpoint 🔮 | Knowledge Piñata 🪅 | Attack Chain Connoisseur | Epicurean
Joe Słowik 🌻 @jfslowik
28K Followers 1K Following CTI, OT/ICS, DE&TH, and related infosec content. Oh, and memes. And shitposting. Lots of shitposting.
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Dave Kennedy @HackingDave
223K Followers 6K Following Founder @Binary_Defense @TrustedSec Co-Owner https://t.co/HQC75WhdJh. @WeHackHealth Pod. God + Family/Hacker/CSO/USMC/Intel/Fitness. Make the world a better place.
Myrtus @Myrtus0x0
8K Followers 707 Following Malware Researcher | Developer | @Cryptolaemus1 | @NVIDIA bsky: [email protected]
Steve YARA Synapse Mi... @stvemillertime
17K Followers 1K Following threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Nick Carr @ItsReallyNick
38K Followers 3K Following Tech Director / Threat Intelligence at Microsoft. Previously, Director of Incident Response & Intel Research at Mandiant. Former Chief Technical Analyst at CISA
Chris Sanders 🔎 �... @chrissanders88
34K Followers 489 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Tyler McLellan @tylabs
3K Followers 588 Following Intrusion aficionado. @Google/@Mandiant Advanced Practices
Gabby Roncone 🇺�... @gabby_roncone
5K Followers 1K Following hunting russian apt cyber ops @Mandiant @GoogleCloud. views expressed here are mine, not my employer’s. she/her.
A Beacon Of Wisdom In... @KyleTDavis1
604 Followers 499 Following Seldom wrong, never in doubt. Also, Hoya Saxa.
Cris Brafman Kittner @criskittner
2K Followers 1K Following Cyber geek at @FireEye, @Mandiant, @GoogleCloud, now @Proofpoint. Interplanetary enthusiast. History geek. Opinions my own.
Swim Into The Sound @SwimIntoSound
3K Followers 3K Following Words on Music and Life. Ad-free, independent, and from the heart. Forever. 🖤
e𝒬uipment @equipment_ohio
10K Followers 1K Following 🌒 @brain_synth & @kleptophase booking: [email protected]
Rude Tales of Magic @of_rude
8K Followers 85 Following Current campaign: Nethermurk! New eps every other Tuesday. @bransonreese @whirringblender @alifisher @jplepore @Timothyplatt and Christopher Hastings. @headgum
Mathew @mittypk
1K Followers 750 Following Frontline Intel Ops 🦅 Advanced Practices @Mandiant | AU Military DCO | My views are my own
Steven Patterson @steve_p08
1 Followers 13 Following
Macseal @macsealband
7K Followers 521 Following ⭐️ on tour with The Starting Line 8/22-8/29 ⭐️ worldwide booking [email protected] • UK/EU booking [email protected]
DogsVoiceUK @dogsvoiceuk
180 Followers 52 Following Animal welfare in the UK private security industry is non-existent, we aim to expose that and raise awareness. [email protected]
Kyle Cucci @d4rksystem
6K Followers 560 Following Threat Research @proofpoint | Author of "Evasive Malware" @nostarch | Talks about cybercrime, threat intel, and malware stuff.
Zack Smith 🏴☠... @SecOpsEngineer
928 Followers 1K Following #infosec engineer | I like snowboarding, playing chess, & martial arts | currently in the Grand Rapids area
Bobby Filar @filar
2K Followers 973 Following dad. security machine learning @sublime_sec fmr:@elastic, @endgameinc Wizards/Timberwolves/LFC
Erica Peterson @ericalikestech
3K Followers 4K Following Co-Founder @cyberlawcon | J.D. Candidate @duqklinelaw
ARCHIVED: Jen Easterl... @CISAJen
63K Followers 49 Following Archived: Director, CISA—America’s Cyber Defense Agency. Combat Veteran. Proud Mom. Rubik’s Cuber. Aspiring Electric 🎸. ❤️/RT ≠ endorsement
green day @Pdaddynthehyena
22K Followers 554 Following music band . hmu MGMT: [email protected] BOOKING: [email protected]
🦌 Michael Cera Pal... @mcp_emo
12K Followers 532 Following Emotive indie punk from ATL, est. 2015 • LP1 OUT NOW • US Booking: [email protected] • UK/EU Booking: [email protected]
Carly Cosgrove 🏡 @CarlyCosgrovePA
7K Followers 220 Following ‘The Cleanest of Houses Are Empty’ out now 🏡🧹🫙FDS 🌷🌸 Booking: [email protected] UK: [email protected]
summerbruise (the ban... @summerbruise69
4K Followers 1K Following indianapolis fake emo @sideonedummy @kleptophase @blackvalvemedia @conorshack ✉️:[email protected] 📷:@deadbeatbugz
J⩜⃝mie Williams @jamieantisocial
10K Followers 7K Following threats && stuff || #UNC1799 forever 🤘|| @DistrictHeather ♥️ + 🍷 **𝚅𝚒𝚎𝚠𝚜 𝚎𝚡𝚙𝚛𝚎𝚜𝚜𝚎𝚍 𝚊𝚛𝚎 𝚖𝚈 օ𝚠𝚗**
The Vertex Project @vtxproject
3K Followers 4K Following On a mission to create an intelligence-driven future with Synapse.
なすび @hamatsutomoaki
73K Followers 174 Following なすびのX。福島県出身。2016年5月19日に4度目の挑戦でエベレスト登頂に成功。 福島県あったかふくしま観光交流大使/山の日アンバサダー/富良野自然塾裏磐梯校特別インストラクター/安達太良山観光大使/福島環境・未来アンバサダー第1号/NARAHAアンバサダー/広野夢大使/会津美里町観光大使/石川県観光大使
NWS Grand Rapids @NWSGrandRapids
34K Followers 150 Following Official Twitter account for the National Weather Service Grand Rapids, Michigan. Details: https://t.co/b4lf05MEge
Jamie Collier @TheCollierJam
3K Followers 1K Following Cyber threat connoisseur @Google/ @Mandiant. Associate Fellow @RUSI_org.
City of Grand Rapids @CityGrandRapids
27K Followers 16 Following Official account for City of Grand Rapids, MI Report issues: Call 311 (616.456.3000) or email [email protected] Comment policy: https://t.co/i2uztBoUPb
Josh Stroschein | The... @jstrosch
12K Followers 1K Following Reverse engineer at FLARE/@Google | @pluralsight author | 😱 1M+ views on YT | 🎙️ Host of Behind the Binary podcast 👇
Costin Raiu @craiu
39K Followers 7K Following Cybersecurity researcher focused on threat intel & APTs. Breaking down attacks, hunting threats, and crafting YARA rules. 🛡️💻 #ThreatIntel #CTI #Crypto #YARA
Mark Karayan @Mgkarayan
967 Followers 4K Following @googlecloud Threat Intel Comms Lead. I don't want to sell anything, buy anything, or process anything as a career. @markkarayan.bsky.social
aptwhatnow @aptwhatnow
1K Followers 639 Following
Alexander Leslie @aejleslie
4K Followers 481 Following Cybercrime & Hacktivism @RecordedFuture | @Georgetown, @AmericanU Alum. | @CuratedIntel Member | #ChiefsKingdom | Same handle on the other sites.
The Culturist @the_culturist_
1.6M Followers 1K Following A new, independent culture publication — read / support us here 👇
U.S. Central Command @CENTCOM
886K Followers 340 Following Official Account of U.S. Central Command (CENTCOM).
Josh Kamdjou @jkamdjou
2K Followers 888 Following Founder/CEO @sublime_sec @emailrepio. "Do what you will, make the world a better place."
Andy Moore @malwaresoup
1K Followers 283 Following Yet another cyber threat analyst. Standard "thoughts and opinions are my own" disclaimer
Isaac @isashau
84 Followers 440 Following Detection Person at Emerging Threats/Proofpoint - Tweets are my own etc.
Mandiant (part of Goo... @Mandiant
127K Followers 4K Following We’re determined to make organizations secure against cyber threats and confident in their readiness.
J. A. Guerrero-Saade @juanandres_gs
16K Followers 273 Following Executive Director for Intelligence and Research @SentinelOne | Distinguished Fellow, @SAISHopkins Alperovitch |LABScon|Cyber Paleontologist|4thParty Collector
mWISE Conference @mWISEConference
1K Followers 93 Following mWISE, formerly Cyber Defense Summit, brings the security community together to address today's threats and the challenges on the horizon. #mWISE
Earth Updates @Earth_Updates
695K Followers 218 Following Follow so you won’t miss out on new updates | You can submit update ideas in our Twitter community
Proofpoint @proofpoint
31K Followers 2K Following Protect people. Defend data. Mitigate human risk. Follow @threatinsight for updates on the threat landscape.
Denis @unmaskparasites
2K Followers 40 Following Working with the world's largest collection of classified website malwareTrends for United States
193 B posts
67,6 B posts
53,8 B posts
65,6 B posts
224 B posts
183 B posts
73 B posts
40,6 B posts
55,2 B posts
7.795 posts
5.336 posts
5.275 posts
6.893 posts
5.091 posts
24 B posts
128 B posts
3.894 posts
5.791 posts
2.641 posts
3.936 posts
You might like
Paul Melson
@pmelson
14K Followers
Van
@Wanna_VanTa
4K Followers
Dan Perez
@MrDanPerez
4K Followers
Greg Lesnewich
@greglesnewich
4K Followers
Digital_Monet
@aRtAGGI
2K Followers
French
@notareverser
899 Followers
SLEUTHCON
@SLEUTHCON
3K Followers
nick
@3dRailForensics
2K Followers
0xBurgers
@0xBurgers
1K Followers
Chris Beckett
@cbecks_2
805 Followers
The Vertex Project
@vtxproject
3K Followers
Chris Magistrado
@REal0day
907 Followers
HyperDbg
@HyperDbg
4K Followers
Jared Wilson
@JWilsonSecurity
2K Followers
DW
@DaveWestgard
692 Followers