Chris Collins @Alt_DataStreams
Security Analyst, Threat Intelligence Analyst, SOAR Engineer, Cloud Technologist, Threat Hunter, More at @firstenergycorp. Husband, Father of 5 @ Home. Joined June 2020-
Tweets81
-
Followers74
-
Following376
-
Likes64
cert.gov.ua/article/5702579 - Detection on --headless DeviceProcessEvents | where FileName contains "msedge.exe" or FileName contains "curl.exe" | where InitiatingProcessCommandLine contains "--headless=new"
MFA fatigue attacks 🔓 ✅ PDF : lnkd.in/gp7HGJNw If you want to know the number of times end-users have denied MFA notifications( MFA denials), you can use the query. #XDR #EDR #MicrosoftSecurity #Defender #AAD #MFA #MFAfatigue #KQL #SQL #Kusto #365daysofADX #ADX
You’re *almost* done with your SOC analyst interview. You’re asked, “Do you have any questions for us?” Here’s a couple to consider if not covered as part of the interview process (hint: they should be). 1. A year from now, this person has come in and absolutely knocked it…
Active #malware samples detected on 2023-06-11 posted by MalwarePatrol on @alienvault otx.alienvault.com/pulse/64865f57…
Want to find the use of SharpHound/BloodHound in your environment? Look for file creation & deletion (via cmdline) that follows the below naming schema: yyyyMMddhhmmss_<name>.zip ➡️ FileName regex - 202[0-9]{11}\_.*\.zip ➡️ File deletion regex - .*del/s+202[0-9]{11}\_.*\.zip.*
meanwhile i'm over here on the other side of nostalgia IT'S A WILD AND CRAZY NIGHT UP IN HERE
meanwhile i'm over here on the other side of nostalgia IT'S A WILD AND CRAZY NIGHT UP IN HERE https://t.co/Zpp0ftqLVU
Please support Parker in Cub Scouts by buying popcorn (Seller Code QB1PQA): pecatonicariverpopcorn.com/myprpopcorn/pu…
Since I spend so much time talking to and researching SOCs and SOC analysts, I often get asked, "What the biggest difference is between high and low growth SOCs?" The answer? Expectations. 1/
Uhh...just no. I haven't spent years coaching myself to be more direct just to have a random graphic I see on Twitter undo all that work. It's fine to be direct. If I say "Per my last email" I'm probably pissed, and you should know that.
Uhh...just no. I haven't spent years coaching myself to be more direct just to have a random graphic I see on Twitter undo all that work. It's fine to be direct. If I say "Per my last email" I'm probably pissed, and you should know that.
Exchange pwnage and new webshells finally crossed the point where we decided to create a Reddit thread to keep the community posted: reddit.com/r/msp/comments…
Bonus #HuntingTipOfTheDay: You know most executables end with .EXE - but that's not a requirement. You can execute files with any extension, or no ext at all!👀 Look for processes not ending with .EXE/COM/… and you may find 🔥 (Follow @JohnLaTwC for awesome daily tips!)
#HuntingTipOfTheDay You know command switches have shortcuts. e.g. for net.exe /domain and /do both work. Did you know every switch to net.exe works like this as long as it unambiguously matches? #AtomicRedTeam by @redcanary has you covered👍 📎github.com/redcanaryco/at…
#HuntingTipOfTheDay License key generators are very tempting. You might find some low hanging fruit if you search for a keygen. The keygen is one thing, but what comes with it is another 👀
A sneak peek of #Sysmon for Linux 💥 Thank you @kevsecurity for your hard work and for sharing your research @eBPFsummit ! #ebpf #ebpfSummit 🚨 Release scheduled for early October 2021 🚨 Looking forward to it 🍻 #MSTIC R&D team 😎
A sneak peek of #Sysmon for Linux 💥 Thank you @kevsecurity for your hard work and for sharing your research @eBPFsummit ! #ebpf #ebpfSummit 🚨 Release scheduled for early October 2021 🚨 Looking forward to it 🍻 #MSTIC R&D team 😎 https://t.co/IbaYTCnKec
C'mon @MsftSecIntel why is CyberChef flagged as malware? @GCHQ
#HuntingTipOfTheDay InstallUtil is a popular living-off-the-land binary for running payloads (🙏 @SubTee). Have a hunt for unusual parent processes and low prevalence /u param locations. 📎lolbas-project.github.io/lolbas/Binarie… 👉blackhillsinfosec.com/powershell-wit… 🙏 by @fullmetalcache (@BHinfoSecurity)
We always wanted a reference for Windows Logon types and credentials that can be extracted for each one. So @chiragsavla94 wrote one! #RedTeam #ActiveDirectory #Windows alteredsecurity.com/post/fantastic…
#HuntingTipOfTheDay If you write SIEM rules for Windows, this is the one blog you 💯need to read this week by @Wietze 🙏 👉 📎wietzebeukema.nl/blog/windows-c… 📎github.com/wietze/windows… h/t @Dinosn @DissectMalware 🙏
#HuntingTipOfTheDay If you write SIEM rules for Windows, this is the one blog you 💯need to read this week by @Wietze 🙏 👉 📎wietzebeukema.nl/blog/windows-c… 📎github.com/wietze/windows… h/t @Dinosn @DissectMalware 🙏
Ransomware group drama. RAMP, the forum started by Babuk ransomware group, has seen a surge of flooding and spamming. An unknown individual is stating they have 24 hours to pay $5,000 or else. Ransomware actors are ransoming other ransomware actors.
Esta_Rabs @Esther_Rabor
42 Followers 1K Following Soft lips, sharp mind. I don’t chase—I attract. 💋✨
Machael Jerel @brandley10613
3 Followers 99 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/sE1FuHtNtv
Sam @ImYourAuditor
57 Followers 376 Following IT Auditor (SOC 1, SOC 2, ISO 27001, ISO 42001, and HIPAA). DMs are open to discuss my firms services.
T @SayMyName9696
256 Followers 2K Following
Nikolo Exe @nikolo_exe
21 Followers 242 Following
www.CloudMalwareAnaly... @AnalysisGroups
476 Followers 5K Following CloudMalwareAnalysisGroups@CloudMalwareAnalysisGroups.vulnerabilities
Jamie Daniel 1 @jamjbolt
157 Followers 1K Following I've been knocked down, fallen more than once on my knees & flat on my butt... Yet, I will always get back up, learn from it and keep smiling.
Ahmet Manga @ahmet0x90
28 Followers 551 Following #DFIR | #MalwareAnalysis | #ThreatHunting | #ThreatIntelligence | #ThreatDetection | GSP | GX-FA | GX-CS | GREM | GCFA | GCTI | GIAC Advisory Board
R MC @player3802
4 Followers 128 Following
Thor Ragnarok @Thorrag17
3 Followers 48 Following
Savage Candor @SavageCandor
0 Followers 23 Following
Ankur @Ankuryogi11
345 Followers 6K Following
TomU | I'm still here... @c_APT_ure
8K Followers 6K Following #InfoSec professional, husband & father of two (in random order). #BlueTeam #DFIR #APT #CTI #RedTeaming #BSidesZH (RT/Likes ≠ endorsement) 👀➡️#MalwareChallenge
Evil Beagle @Evil_Beagle
1K Followers 6K Following Cybersecurity / OSINT nerd & Wildland FF(T2)/EMT. Pro-liberty, anti-idiocy. Doggo rescuer.
pandazhengzheng @panda_zheng
842 Followers 914 Following Malware Analysis Expert & Threat Intelligence Expert & APT Hunter
BUFFERZONE Security @BufferZoneSec
691 Followers 4K Following BUFFERZONE is a patented containment solution that isolates threats to defend #endpoints from #malware, #zerodays, #ransomware, #drivebays and more.
CaPPsiE 🇬🇧🇪�... @cappsie
2K Followers 5K Following Dispelling disinformation. Anti-crank, anti-grifter, anti-pseudoscience. 🦋 https://t.co/24ocMnQdm6 "77th!" They keep saying. Am I? 🤔
WifiRumHam @WifiRumHam
2K Followers 1K Following Why not RumHam? https://t.co/g137QVijhq Azure/Sentinel PHISHING,OSINT. FORENSICS Dont mistake my generosity for generosity
Frumentarii @Frumentarii22
3 Followers 144 Following
Xavier Knol @XEJKnol
99 Followers 2K Following Interested in IT, OSINT and Cybersecurity Views expressed are my own and do not represent my employer. retweet ≠ endorsement https://t.co/fAyBzcZe6d
Brian Zapata @theS3r4ph1m
66 Followers 587 Following InfoSec operations wannabe Detection Engineering | Threat Intel | Threat Hunting | IR | OSINT I'm trying to learn from everyone and from everything
Mr. Smith @chow_cloud
1K Followers 5K Following Wave-particle vibes and cosmic mysteries. Responses will be like misfired fireworks cruising to an unknown destination. 🌌 Architect of the Rubric, e/acc
th_coi22093 @TCoi22093
0 Followers 51 Following
Marco Frydshou @notveryrandomly
679 Followers 4K Following
Brett @brett_sec
242 Followers 2K Following i tend to do tech things for folks for money. Facts used here are up for debate.
Intel_Owl @Intel_Owl_lOvOl
180 Followers 765 Following Interested in OSINT/SOCMINT, GEOINT, SIGINT, Cyber Threat Intel, and PsyOps/Disinfo Campaigns
DSU Monitor @DSUMonitor
487 Followers 2K Following Monitoring the Situation at Dickinson State University (Dickinson, North Dakota) #HawksAreUp #DiscoverDSU
Mario de Sousa Lima @MarioSousaLima
130 Followers 5K Following
Νοημοσύνη α... @metisreginae
15 Followers 168 Following Cyber Threat Intel Analyst/Engr. DFIR prior. Combating my impostor syndrome one indicator at a time. In dire need of upskilling. Some tweets are via automation.
Corsin Camichel 🌻 @cocaman
4K Followers 773 Following it security & cyber guy, research @ https://t.co/M5rsSPPPWy, friendly, swiss | Opinions are my own | also https://t.co/v6cAL269P7
Is Now on VT! @Now_on_VT
4K Followers 788 Following Stay ahead of cyber threats. Get real-time alerts on notable APT/FIN/ORB indicators from VirusTotal. A threat intel project by @craiu.
Erica Lynn @Cyb3rDre4ms4202
624 Followers 1K Following ➡️ Brooklyn @ 1988💙💗MamaOF2 💻ITSEC Analyst📚💙🤍 NYY girl🏀🥎 Lover🖤 Survivor✌🏼Sarcasm&Food🍀My thoughts R my own🍀 #OSINT #CTI #THREATHUNT #PURPLETEAM
Brett Callow @BrettCallow
9K Followers 196 Following Managing Director, Cybersecurity & Data Privacy Communications @FTIConsulting
Kijo Ninja @kj_ninja25
2K Followers 97 Following Security PM, R&D @Microsoft - Microsoft Defender XDR, Kijo Ninja 🥷 #修行中 - learning C/C++ #Triathlete 🏊♂️ 🚴 🏃♀️ My tweets are my own
StokedOnSOAR @StokedOnSOAR
161 Followers 2K Following Life in the SOC isn’t easy. As a security community, we can make it better. Who's ready to take the suck out of the SOC?
stacy @psykh3__
44 Followers 379 Following Malware analysis | Digital Forensics | Software Development🔮
lDEl @danielelkabes
2K Followers 29 Following Reverse Engineering l Vulnerability Research l Malware Research | Vulnerability Research Team Lead at Private
Trend Micro Research @TrendMicroRSRCH
52K Followers 363 Following Security research, news, and information direct from @TrendMicro experts.
wavellan @wavellan
1K Followers 883 Following Malware URL's @ Pastebin https://t.co/pw0fnkvg0W All URL's submitted: https://t.co/poxxmU3FH7 https://t.co/TgYqVaHZZW
Dodge This Security @shotgunner101
7K Followers 5K Following Computer Security Professional. Tweets are my own. Rooster Teeth Archive Project: https://t.co/gawoj5ZZyG
1nternaut 🕵️ @1nternaut
1K Followers 5K Following Hero without a KAPE🦸. Also known as the Gordon Ramsay of Digital Forensics 🕵️. #APT #DFIR #4n6 #Blueteam
Toffee @PolarToffee
11K Followers 217 Following
Cyjax @Cyjax_Ltd
2K Followers 1K Following Cyjax provides actionable intelligence and situational awareness to help protect your intellectual property, brand, and reputation.
2ero @BaoshengbinCumt
3K Followers 945 Following #APT Hunter #CTI Twitter only represents my personal opinion
avallach (@xorhex@inf... @xorhex
1K Followers 1K Following 🇺🇦Malware Researcher 🇺🇦 Tweets are my own and do not reflect my employer. On Mastodon as @[email protected] Creator of https://t.co/woQLhjSmV0
Anurag @Malwarehunterr
334 Followers 544 Following Threat hunting | Malware Analysis | I write blogs on my findings | These views are my own and not my employers. Contact: [email protected]
Katechondic @katechondic
585 Followers 616 Following #malwareanalysis and an all round fun person x; views are not that of my employer. Not on Twitter xx
PhishingKitTracker @PhishKitTracker
3K Followers 1 Following Project Paused 1/11/22, Tracked Threat Actor Emails in Phishing Kits. CC @PhishKitTracker if you find a #phishingkit , created by @neonprimetime
Joe Morales @mojoesec
2K Followers 294 Following Threat Intel | Threat Hunting | DFIR | https://t.co/rjFbBoivbs
Fabian Wosar @fwosar
11K Followers 21 Following Slayer of ransomware, lover of cats and polar bears. Not to be taken too seriously. All posts are my own.
Vikas Singh @vikas891
470 Followers 183 Following I do DF/IR @KrollWire GX-IH. GCIH. GCFA. Lethal Forensicator. DFIR Netwars Champion.
Aaron Stephens @x04steve
3K Followers 524 Following
Luigi Martire @luigi_martire94
740 Followers 556 Following Malware Analyst, Threat Researcher, Cyber Security Addicted. Opinions are my own.
Denis @unmaskparasites
2K Followers 40 Following Working with the world's largest collection of classified website malware
💲☢🌎❌⭕❗�... @vm001cn
345 Followers 2K Following 计算机、数学物理化学爱好者 相信科学,实事求是,反对迷信 会说中文/English 点赞和转推不代表个人观点
Christiaan Beek @ChristiaanBeek
10K Followers 2K Following Saved by His Grace • sr dir Threat Analytics @Rapid7 - opinions are my own• Speaker•Former @Foundstone @Intel @Kon_Marine https://t.co/2MSYGTBKuq
chris doman @chrisdoman
5K Followers 3K Following Co-Founder @cadosecurity - Cloud Forensics & Incident Response - https://t.co/fuIUlGcB3D LinkedIn: https://t.co/Q1YJuNdgy5
uɐpʇou@ ✸ @notdan
21K Followers 3K Following genuinely flawed satire ه҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿҈̿ im U17r4H4rd(0r3 d00d
pandazhengzheng @panda_zheng
842 Followers 914 Following Malware Analysis Expert & Threat Intelligence Expert & APT Hunter
PCrisk @pcrisk
5K Followers 710 Following Security news and malware removal guides. Tweets by Tomas Meskauskas https://t.co/peJDpEo8HG
Jake Goldi @ubersec
8K Followers 8K Following Entrepreneur | Investor | Stock picker | Geopolitics | Reverse Engineer | Professor | Early in $PLTR, $TSLA, $IONQ, $OKLO, $ARM, $QBTS, $MP | Cyclist for fun |₿
Kyle Cucci @d4rksystem
6K Followers 560 Following Threat Research @proofpoint | Author of "Evasive Malware" @nostarch | Talks about cybercrime, threat intel, and malware stuff.
CSIS Security Group @csis_cyber
1K Followers 69 Following Leading European provider of tech-enabled cybersecurity and intelligence services. #ITsecurity #Antiphishing #ManagedSecurity #antifraud
Myrtus @Myrtus0x0
8K Followers 707 Following Malware Researcher | Developer | @Cryptolaemus1 | @NVIDIA bsky: [email protected]Trends for United States
You might like
