SOCLabs @DetectionLabs
We are building a SIEM learning and training platform for detection engineers. soc-labs.top Joined April 2024-
Tweets33
-
Followers53
-
Following188
-
Likes43
I did a great detection rule. soc-labs.top/en/detections/… via @DetectionLabs
Found an interesting detail during a DFIR case: On macOS, the last log does not record all SSH logins. When an attacker runs: ssh [email protected] "command" the login won’t show up in last. ⚠️ This means attackers can bypass the usual login traces.
😈 ChromeAlone - Transform Chromium browsers into a C2 Implant. A la Cobalt Strike or Meterpreter. @defcon talk and tool release by @praetorianlabs' Michael Weber. ChromeAlone contains a number of out of the box components, including: - A malicious Chrome extension that can…
A critical server’s login sources are usually limited to a few stable IPs ⚠️ When a new, unfamiliar IP suddenly shows up in the logs— it could be the first sign of an intrusion 🎯 New Challenge: 《IP Access Baseline Deviation Detection》 👀 Can you detect it right away?…
Two years ago I published a two part series on #MSGraph logs and how to use them for threat hunting. Now comes part 3 and the logs are finally available to the masses. #EntraID #KQL #Security cloudbrothers.info/en/detect-thre…
🎣 New Detection Challenge Live! We've just released our latest security detection challenge: "Double Extension Spoofing" Double extension spoofing is a classic phishing technique where attackers disguise executable files as regular documents. Can you spot this phishing trick?…
🚨 Just released: Browser Credential Theft Detection Challenge! 🕵️♂️🔐 It covers credential theft methods for multiple browsers 🛡️ Test if you can complete the challenge and validate your detection rules! 👇 Try it now:soc-labs.top/en/detections/… #ThreatDetection #BlueTeam #SIEM…
🚨 New Detection Challenge! 🚨 SOCLabs just launched a Password Spraying & Credential Access Detection challenge! Test your SIEM query skills and see if you can catch the attack. Ready to level up? Try it now on SOCLabs! 🔍💻 👉 soc-labs.top/en/detections/… #CyberSecurity #SIEM…
ClickFix variant targeting Mac users through X ads. Tries tricking users into "cleaning" their Macs by running a terminal command. Domain: hxxps://top-fixer[.]com/?p=141 Distributes install[.]sh file: virustotal.com/gui/file/525be…
Thanks for the shoutout to the Zen of Security Rules br0k3nlab.com/resources/zen-… Cool initiative to see this applied to threat hunting as well 🤙 Thanks for sharing @_w0rk3r
Thanks for the shoutout to the Zen of Security Rules br0k3nlab.com/resources/zen-… Cool initiative to see this applied to threat hunting as well 🤙 Thanks for sharing @_w0rk3r
An increased visibility into threads' call stacks helps with more reliable malware detection. The approach is based on ETW telemetry and module's Export Directory data for information enrichment. A post by John Uhlmann of @elasticseclabs. Great read! #redteam #blueteam #maldev…
Used Claude to generate a Splunk query to hunt for browser exploits and potential @mrd0x #FileFix #clickfix like behaviors in Sysmon Process Create events. Ran it in a fortune 50 environment and for a 7 day period only had 200~ events out of 200 Million pastebin.com/PJGZuArj
Inspired by this new FileFix technique from @mrd0x , we've launched a hands-on detection challenge! Write and test SIEM rules Splunk, Elastic, KQL, Sigma, OpenSearch in your browser. Try it now: 👉 https:soc-labs.top/en/detections/… #SIEM #DetectionEngineering #CyberSecurity #FileFix
Inspired by this new FileFix technique from @mrd0x , we've launched a hands-on detection challenge! Write and test SIEM rules Splunk, Elastic, KQL, Sigma, OpenSearch in your browser. Try it now: 👉 https:soc-labs.top/en/detections/… #SIEM #DetectionEngineering #CyberSecurity #FileFix
And us
Did you know that you can kerberoast without any valid credentials? All you need is an account that is ASREProastable. This allows you to request service tickets for any account with a set SPN🔥 NetExec now has a native implementation of this technique, thanks to Azox
Have you ever detected suspicious ipconfig commands? Check out this great article (by monik123 ) on how to spot suspicious ipconfig process chains 👇: medium.com/@monik123/dete…… #Cybersecurity #SIEM #DetectionEngineering #ThreatDetection #BlueTeam
#ElasticSecurityLabs has uncovered EDDIESTEALER, a novel Rust-based info stealer distributed via fake CAPTCHA campaigns. This malware targets credentials, browser info, & crypto wallets. Read our full analysis here: go.es.io/3St6tnY #Cybersecurity #MalwareAnalysis
Angela @williams95angel
643 Followers 3K Following
[email protected]... @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/him
Yvleaefa @Yvleaefa53243
93 Followers 2K Following
Edison Ong @l0n3_w017
30 Followers 483 Following Always Security n00b | Linux enthusiast | Open source fan
Charles Shirer @bsdbandit
25K Followers 26K Following A Hacker who is A Lover of People, and Life @RetroTwinz @Secbsd, @GrumpyHackers, @NovaHackers, @deadpixelsec @hacknotcrime Advocate @PositivelyBlue_ OSCP, OSWP
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
Two Seven One Three @TwoSevenOneT
2K Followers 1K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
Hacken @husterxu
171 Followers 4K Following
Gaz @_GarethP
751 Followers 703 Following Threat Hunting & Malware Analysis | Automotive Security & Drones
Karsten Hahn @struppigel
24K Followers 757 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
Thunter_0x0 @THunter_0x0
9 Followers 323 Following Research & Intel & Hunt & Detection & Response cyber-topic retweets from this account are an archive of things that I will research, not intended to spam
John Fowler @StilleSecurity
48 Followers 498 Following Security solutions architect. Bridging AI w/ enterprise security via threat intel, cloud, & NIST. #AISec #CyberRisk #InfoSec
Justin Ibarra @br0k3ns0und
2K Followers 917 Following Tech Lead, security intel @elastic @elasticseclabs via @endgameinc | security research | detection engineering | bench press: 455lbs & 📈 | I like my own tweets
Michele Kostopoulos @MicheleKostop12
354 Followers 744 Following
Hussein Sherafat @Hussein_Sherafa
233 Followers 6K Following
cybersec_tim @timcybersec
42 Followers 489 Following SOC Operations | 🕵️♂️ Cyber Threat Intelligence Analyst | 🔍OSINT | Safeguarding systems & analyzing threats to fortify digital landscapes.
Friday Security News @fridaysecurity
2K Followers 984 Following Friday Security News allows you to reach the latest news about Cyber Security in one place.
Lenore Collins @LenoreC69374
40 Followers 3K Following
Mirai Intel @Mirai_Intel
0 Followers 11 Following
Tu Tri Mi @trimituvn
49 Followers 1K Following
Defender Ciprian Davi... @CiprianDefender
41 Followers 3K Following
Dario Candia @DarioLp8
348 Followers 5K Following Ciberseguridad/SOC/Blue Team/Investigador/ Threat Intelligence/
Balkrishna Jadhav @hacker3j
823 Followers 8K Following AVP - Threat Hunting @ Kotak Mahindra Bank| Senior Threat Intelligence|Forensicator|MindHunter| Innovator|Malwarologist|Espionage||Inventor
James Ibrahim @JamesIb54140322
54 Followers 3K Following
Chikwado Cyprian @ChikwadoCy
5K Followers 6K Following Cyber Security Professional. A husband to a beautiful wife and a father to a handsome boy. YNWA
Shina Mashiro @ShiinaaM
401 Followers 3K Following Microsoft Sentinel Enthusiast | 4n6 Investigator | Cloud Security | 🇮🇩 S.Kom
thatOSINTguy @wilklins__
2K Followers 2K Following InfoSec | CTF Player @_ChasingFlags | @aws Community Builder | @wazuh Ambassador | Aviation🛩️ | F1 @redbullracing 🏎️.
What. @VoidStation_
227 Followers 4K Following CyberSec Engineer, OffSec, Adversary Emulation, Retro PC stuff and all things IT infrastructure 😙
R. @JiggaPls
4 Followers 1K Following
Aura @SecurityAura
6K Followers 651 Following GCIH, GCFE, GDAT | DFIR, TH, DE | @CuratedIntel DFIR https://t.co/BMWUwziTLh https://t.co/MmX2YNVqdk https://t.co/R20zseQfLk
Micky Johnson @cyberket96
0 Followers 107 Following
Zoro @n0000p4
70 Followers 827 Following
Dodge This Security @shotgunner101
7K Followers 5K Following Computer Security Professional. Tweets are my own. Rooster Teeth Archive Project: https://t.co/gawoj5ZZyG
Oliv Ton @olivtoon
2 Followers 219 Following
Jeff Domedion @Jdomedion
132 Followers 944 Following
Yiran Wu @YiranWu18
232 Followers 302 Following Co-Creator of #AutoGen #AG2, PhD Candidate @PennState. Intern @MSFTResearch 24 &25. Interested in Agentic AI, LLM reasoning and RL.
h43z @h43z
5K Followers 382 Following Interested in the unexpected - js, web, security, linux, mind, religion, drugs, history, psychology, culture, freedom and trailrunning
bolt.new @boltdotnew
106K Followers 36 Following Build stunning apps & websites by chatting with AI ▶️ https://t.co/gDWrzOIKuR
Shehap-10 @SBE10OC
88 Followers 372 Following Network Security student @AOU_KSAB| Learning #Security+ & #N+ | SOC blue team defense & web security | trying to make sense of the world of cybersecurity
garffff @garffff_bot
277 Followers 325 Following
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Sean Metcalf @PyroTek3
36K Followers 615 Following Identity Security Architect @ TrustedSec. Microsoft Certified Master #ActiveDirectory & former Microsoft MVP. Co-Host @ Enterprise Security Weekly. He/Him. #BLM
Meisty @SuperMeisty
2K Followers 2K Following Lead Automation and Cybersecurity Engineer | CPTS | CWES | CTF Player | Ethical hacker | trying to learn something new everyday
Ugur Koc @UgurKocDe
3K Followers 260 Following Product Manager @ glueckkanja | Microsoft MVP | https://t.co/jWfpL5YK1s
rootsecdev @rootsecdev
26K Followers 1K Following Senior Security Consultant @TrustedSec | Military grade meme poster, researcher, cloud penetration tester, voider of warranties. My thoughts are my own.
Matt Soseman @SosemanMatt
3K Followers 25 Following CTO, Ex-Microsoft, Cyber Security Strategist, Evangelist, and Architect. https://t.co/6i52fcJpkr and https://t.co/hw1B6QIHxi
Thomas Naunheim @Thomas_Live
7K Followers 458 Following #MicrosoftMVP | Cyber Security Architect 🛡️| #MicrosoftEntra 🔑 + #Azure ☁️ | #Schaengel
David Weston (DWIZZZL... @dwizzzleMSFT
25K Followers 2K Following Corporate Vice President, OS Security and Enterprise @Microsoft
Smukx.E @5mukx
14K Followers 230 Following Malware Researcher & Red Teamer | 0-Day 🔬 at 🌒 | Crafts codes in Rust | 0x15 Y/o
Mike Manrod @CroodSolutions
2K Followers 2K Following CISO and faculty by day, adversary emulation/tools by night, bad jokes and memes all the time. Profile photo image credit to Tib3rius. My dog disapproves.
SlugNoodle 🅅 @RetweetableN14
2K Followers 1K Following .ooM | InfoSec's answer to Mr Rogers | Yesterday. Today. Tomorrow | Advocate of women in tech & LGBTQ+ | Just be nice to each other
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Florian Hansemann @CyberWarship
84K Followers 47 Following Father, Founder @HanseSecure, Pentesting, Student, ExploitDev, Redteaming, InfoSec & CyberCyber; -- Mastodon: https://t.co/KFSKYUN98M
Adam Chester 🏴�... @_xpn_
36K Followers 501 Following Hacker for Hire at @SpecterOps | Blog at https://t.co/tjfTOllCEu | Insta at https://t.co/PqR6CZPwjl
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Olaf Hartong @olafhartong
17K Followers 965 Following @FalconForceTeam | researcher with a camera | Microsoft MVP | Snow man role model
[email protected]... @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/him
Charles Shirer @bsdbandit
25K Followers 26K Following A Hacker who is A Lover of People, and Life @RetroTwinz @Secbsd, @GrumpyHackers, @NovaHackers, @deadpixelsec @hacknotcrime Advocate @PositivelyBlue_ OSCP, OSWP
Microsoft SIEM and XD... @MSThreatProtect
11K Followers 1K Following Stop threats across your entire organization with integrated SIEM and XDR from Microsoft.
Hacking Articles @hackinarticles
276K Followers 453 Following House of Pentesters Join us: https://t.co/Y6XOlSOA92
V4R4N3🗿 @V4R4N3
289 Followers 681 Following Bsc Cyber security 💻|| ISC2 CC || @qualys certified specialist || SOC ANALYST…
Exeon Analytics @exeonanalytics
66 Followers 95 Following Advanced Security Analytics for Corporate Networks, Swiss-Made. Detecting Cyber Attackers for Banks, Airlines & Many Others.
Ewelina Paczkowska (W... @WelkasWorld
403 Followers 86 Following Solution Architect | M365 Security & Compliance User Group Co-organiser | https://t.co/gGyUKVLDPd
Dr. Nestori Syynimaa @DrAzureAD
20K Followers 2K Following Principal Identity Security Researcher at Microsoft. Ex-Secureworks. (MSc, MEng, PhD, CITP, CCSK). And yes, opinions are my own ;)
Varys @_ChezDaniela
3K Followers 6K Following Somewhere in between foodie, wine lover and security geek Python 💙|Personal tweets|GSNA/GPEN/GCFR | cancer survivor
Merill Fernando @merill
18K Followers 4K Following Product Manager @microsoft | Tweets my own Built → https://t.co/ujxKqxXjf2 • https://t.co/QbUp63ffXf • Graph XRay • https://t.co/tSWrIw8Ajh 📰 Newsletter→ https://t.co/tPzAEl0Zuq 🎙️ Podcast→ https://t.co/TBlNKTzn8t
Nıŋʝąƈąɬ 🐈 ... @RavivTamir
4K Followers 373 Following CyberNinjaCat Herder. VP of product strategy for the Microsoft Sentinel and Defender suite. Opinions r my own
Keanu Nys @RedByte1337
896 Followers 74 Following Offensive Security Lead @ Spotit. Creator of GraphSpy
Fabian Bader @fabian_bader
9K Followers 813 Following #Security #Azure #AAD #MDE #M365 #AD #PKI Microsoft MVP Tweets and opinions are my own @[email protected]
Two Seven One Three @TwoSevenOneT
2K Followers 1K Following Chief Security Officer (CSO) || Security Researcher at https://t.co/YsorB5YEAu || Penetration Tester || Red Teamer || Social Engineering Awareness Trainer
Magic Sword @magicswordio
453 Followers 24 Following It Ends with Us! ⚔️Watch 📺 https://t.co/zofSxbxVDA Follow 🥷 https://t.co/kGRIGi9ayg Read 📓 https://t.co/Q4AbyyDfjR
Ryan M. Montgomery @0dayCTF
102K Followers 611 Following Pentester / Serial Entrepreneur / Child Safety Warrior — https://t.co/9c4DBWMYiQ
Will Hunt @Stealthspl... @Stealthsploit
1K Followers 477 Following Hacker, Black Hat trainer, speaker, musician, gamer. Co-founded @insecurity_ltd. https://t.co/T3s2B55WJl Discord - https://t.co/nFzmfIfjxa
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
Thijs Xhaflaire @txhaflaire
107 Followers 49 Following Senior Threat and Detections Researcher at Jamf Threat LabsTrends for United States
You might like
