ForensicGeek @GeekForensic
DFIR Joined September 2016-
Tweets151
-
Followers68
-
Following647
-
Likes253
¿Te imaginas un hospital que no puede recibir ambulancias ni dar medicamentos a sus recién operados porque está sufriendo un ciberataque? No te lo imagines, es real y ha pasado en España #TrabajaEnCiberseguridad #IMFxDeloitte youtu.be/ick1vssO0TU
U.S. Government seizes Bitcoin worth a record $3.6B connected to the 2016 Bitfinex hack blog.chainalysis.com/reports/bitfin…
Experience taught me that you only discover the true strength of your team and their tools in a real incident - sadly, there is no better teacher Only in their first domain-wide incident most orgs get …
Diario de un Incident Responder es una serie de artículos en los que el equipo de DFIR, Digital Forensics & Incident Response, de Deloitte explica cómo atiende incidentes de ciberseguridad. Conoce cómo solventaron un ataque de Ransomware: deloi.tt/3g31lUj
2021-08-05: 🆕🔥Introducing #BlackMatter #Ransomware x64 Linux Variant | esxcli variant | usual BlackMatter struct ➡️ “bot_id” | “bot_company” 1⃣Custom C Methods: /// esxi_utils files_proc file_encrypter setup_impl web_reporter /// 2⃣Encryption Mode | dark/white/min-size
2021-08-05: 🆕🔥Introducing #BlackMatter #Ransomware x64 Linux Variant | esxcli variant | usual BlackMatter struct ➡️ “bot_id” | “bot_company” 1⃣Custom C Methods: /// esxi_utils files_proc file_encrypter setup_impl web_reporter /// 2⃣Encryption Mode | dark/white/min-size https://t.co/tCiRHeuBsv
#HuntingTipOfTheDay If you know net.exe, you may know it calls net1.exe. Why?🤔net1.exe had Y2K fixes🗓️. It is still included for compatibility. Hunt for parent processes of net1 other than net. You may catch something 😀 📎hejox.se/sitedocs/windo… 📎docs.microsoft.com/en-us/previous…
🔥#CVE-2020-1472 Netlogon Elevation of Privilege Vulnerability (All in One) ➡️[BLOG]:secura.com/blog/zero-logon ➡️[PoCs]: ➡️[LOGS]: ➡️[DETECT]: #threathunting #blueteam #SOC #Vulnerability #Microsoft #Windows
🔥#CVE-2020-1472 Netlogon Elevation of Privilege Vulnerability (All in One) ➡️[BLOG]:secura.com/blog/zero-logon ➡️[PoCs]: ➡️[LOGS]: ➡️[DETECT]: #threathunting #blueteam #SOC #Vulnerability #Microsoft #Windows https://t.co/mYm2OtLaO6
Also, look for 2 password changes (event 4742) of the DC computer account in a short period of time. This password is only changed automatically every 30 days by default, so 2 changes in a short period of time is suspicious. Anyway, patch now :) [3/3]
Aurora is now Open Source. See the repo at github.com/cyb3rfox/Auror… I also recorded a walkthrough to get you started with the tool youtu.be/2j2XYcqQIm0. Precompiled downloads for mac, lx, and win are under the releases section on github.
SQLECmd is now available on ericzimmerman.github.io #DFIR
BREAKING: APT41 initiated a multi-month global campaign at over 75 @FireEye customers attempting to exploit Internet facing systems using recently released exploits for Citrix NetScaler/ADC, Cisco Routers & Zoho ManageEngine. fireeye.com/blog/threat-re…
#Citrix #Netscaler #Shitrix 🏹 Snort doc.emergingthreats.net/bin/view/Main/… Sigma github.com/Neo23x0/sigma/… YARA github.com/Neo23x0/signat… IOCs otx.alienvault.com/pulse/5e1c293e… Nmap NSE github.com/cyberstruggle/… MSF github.com/rapid7/metaspl… HoneyPot github.com/MalwareTech/Ci… SSH check
#Citrix #Netscaler #Shitrix 🏹 Snort doc.emergingthreats.net/bin/view/Main/… Sigma github.com/Neo23x0/sigma/… YARA github.com/Neo23x0/signat… IOCs otx.alienvault.com/pulse/5e1c293e… Nmap NSE github.com/cyberstruggle/… MSF github.com/rapid7/metaspl… HoneyPot github.com/MalwareTech/Ci… SSH check
Quick check via SSH for recently created template files on you #Citrix #Netscaler #ADC systems ssh -tt [netscaler-ip] 'find /netscaler/portal/templates /var/tmp/netscaler/portal/templates -mtime -5 -type f' based on report by @TrustedSec trustedsec.com/blog/netscaler…
2/2 1. Many off the shelf RATs don’t have proxy capability. Surprising but true. 2. Content policies that disallow the download of executables block 2nd stages. E.g. Emotet: Doc > PS > Download of EXE => blocked Many serious incidents were stopped / obstructed by proxies.
nanjin002 @nanjin00272827
21 Followers 4K Following
M.Jägger @m_jagger8410
92 Followers 3K Following
crawler_cookie_0 @crawler_cookie0
49 Followers 4K Following
Fredy M. @afmo2004
73 Followers 758 Following
Omar Reynoso @0mar_Reynoso
142 Followers 2K Following 🪖⛑️🪂🚁🧑💼👨💻. I'm on here to learn, help out, and share what and who I know. #antihumantrafficking #osintforgood #research #ncptf #tracelabs #veteran
El Enemigo Anónimo @EnemigoAnonimo_
6K Followers 550 Following La primera serie documental sobre ciberseguridad hecha en España. Un proyecto del periodista @ottoreuss. ¡Tenemos nuevo proyecto! Mira la url de abajo
Omar Abad Cabal @OmarAbadCabal
1 Followers 7 Following
Minery Report @MineryReport
240 Followers 361 Following Expertos en ciberseguridad y servicios IT para empresas.
DonD @dhcamus
536 Followers 5K Following Atacameño en Santiago, Chile Administrador de Sistemas - Sysadmin, o intentando resolver problemas de la casa. creo en la democracia y nueva constitución
Navid @untraindObsrver
95 Followers 542 Following Another way to communicate and reading stuff in Twitterverse. I'll write whatever I wanna keep it as a note to myself later in future. اعصاب ندارما!
🤖 @JW2311_
151 Followers 892 Following
Pedofiraptor @PitonIisa
17 Followers 202 Following Digital Forensics and Incident Response (DFIR) is a field within cybersecurity that focuses on the identification, investigation, and remediation of cyberattack
Carlos Morales Diego @CarlosMoralesD1
569 Followers 2K Following Auditor Informático.Web developer, but the most important happy father of twins. #Cibercooperante
PABLO FRANCO PFR @PABLOFRANCOPFR
1K Followers 5K Following /Abogado laboralista|despidos-IPA-IPT/derechoinformatico/2a.oportunidad/ContenciosoAdtvo/Málaga&Madrid/ @ASNALA_ /@AbogaciaMalaga
ProtAAPP - Protege la... @ProtAAPP
8K Followers 7K Following ProtAAPP, Protege las Administraciones Públicas. Comunidad de empleados públicos con interés en la ciberseguridad. Únete en https://t.co/W7MD7wSs06
Luis Méndez Alejo @gnumax
5K Followers 5K Following CiberProtector Support | OSINT Lover 🦊 | Security Support | Linux enthusiast | Ethical hacking | Unforgivable passion for @CiberProtector
Mayday.conf @MaydayConf
356 Followers 5K Following MayDay Security Conference - an international conference which is aimed to help you to enhance your knowledge in the cyber security field
EsferaRed |SI VIS PAC... @ESFERARED
4K Followers 4K Following Cybersecurity Specialist,Evangelist,Computer & Networks ,| OSINT-GeoPolítics-Cibercooperante-Speaker-IT Pentest-Researcher https://t.co/kUEe4J7Nq8
ATISoluciones @Atisoluciones
2K Followers 2K Following Especialistas en diseño de hardware y software, seguridad integral e I+D+i #InTechWeTrust
Press Outreach Servic... @pressoutreach
161 Followers 2K Following Outreach is our craft and press is the result. We enliven brands by distributing their brand story to the right publications.
gabrielregino @gabrielregino
40K Followers 13K Following Abogado Penalista. Profesor de Filosofía del Derecho y Procesal Penal en la Facultad de Derecho UNAM. Titular de REGINO ABOGADOS.
Anna Chappman @ChappmanAnna
128 Followers 786 Following Security & Tech enthusiast; In search of the sweetest coffee ☕️
Luis Nobre @brstorm32
1 Followers 189 Following Architect Innovative Technologies Si vous recherchez une aide efficace, vous avez trouvé votre homme ! Projet ICOT IA NanoTools brevets sciences technologies
kenhy dalglish @KenhyDalglish
7 Followers 523 Following
Carlos Guereta @CarlosGuereta
345 Followers 2K Following #DFIR #ThreatHunting #Infosec All thoughts and opinions expressed here are my own.
Archangel @archangeldot
1 Followers 35 Following
Javier Olmedo @JJavierOlmedo
1K Followers 1K Following 👨💻 OSCP - OSWE | Pentester - Author https://t.co/LS398UfRID blog
Arsenal Recon @ArsenalRecon
3K Followers 1K Following Developers of digital forensics weapons which include Arsenal Image Mounter, Hibernation Recon, LevelDB Recon, HBIN Recon, & Registry Recon. Arm Yourself! #DFIR
Ayesa @ITS_Security_
563 Followers 829 Following Ahora somos Ayesa, nos integramos bajo una única marca. ¡Sigue nuestra actualidad en @AyesaNews!
devy @devy_devy_Go
55 Followers 1K Following Vivo en un planeta en el que los hombres resbalan con cáscaras de plátano. El que no hace lo que quiere, puto nace puto se muere.
i-Sagis @i_sagis
1 Followers 18 Following Forensic tools. Ethical hacking. Information Security. Web Apps.
Cesar Malo @cesarmalo1870
24 Followers 79 Following
Carlos Vila @cvilamartinez
336 Followers 628 Following Cofundador de 3inLAB Informática Forense • Fundador de CVCtic Consultores • DPO del CPETIG
Isaac Castro Fuentes @IsaacCF
410 Followers 901 Following Voluntario en @PCCuntis, onde tamén manexo as redes sociais. Vicepresidente do @cpetig. Piloto/Controlador en Vatsim.
Javier Tux @J4V13RTUX
313 Followers 1K Following A priori no me creo la versión oficial💬A veces uso Windows💬Sentido común, úsalo💬Pentester 💬 No me gusta en general como funciona el sistema de la vida 💬
Juvtmall @Davy04742176
370 Followers 2K Following 🤠#Juvtmall is #PCBfab, supply #offshorePCB/ #Assemble service, prototype/ Medium/ large batch.. Also run kinds of components. e-mail: [email protected]
Michelle @Michelle23246
332 Followers 2K Following We've made PCB and PCBA for many years, it is professional in it. If you need these services, please contact me: [email protected]
Wifidom, an ALLNET.IT... @Wifidom
1K Followers 899 Following 20 años siendo Líderes en soluciones de #conectividad #movilidad #VoIP #Wireless #VoIP #Videoconferencia #IoT #Seguridad
rafa nieto @rnietomar
21 Followers 263 Following
Sidertia by Izertis @sidertia
469 Followers 382 Following #Protegetudato Protege tu dato para la continuidad de tu negocio en la actual transformación digital.
Out of Context Human ... @NoContextHumans
4.2M Followers 305 Following The ORIGINAL Out of Context Human Race page! Subscribe to us for $1!↗️ No Copyright intended. @Rainbetcom
ThreatMon Ransomware ... @TMRansomMon
16K Followers 2 Following ThreatMon End-to-End Threat Intelligence Platform Developed by @MonThreat for IOC data and C2 data: https://t.co/GHSgNatwbC
War Monitor @WarMonitors
1.2M Followers 95 Following Proud Semite 🇱🇧 || Breaking News || Geopolitics || Backup: @beyondmonitor || Want to support me? Donate: https://t.co/CkqsdOqqhV
GMI @Global_Mil_Info
338K Followers 53 Following Diligently curating and verifying information from diverse sources to ensure accuracy and objectivity.
OSINTdefender @sentdefender
1.5M Followers 1K Following Open Source Intelligence Monitor focused on Europe and Conflicts across the World. RT ≠ Endorsement. Want to Support my Work? https://t.co/PcUbewvWPr
Indian Cyber Force @CyberForceX
30K Followers 7 Following Your control is Temporary, Our reach is Infinite | Feel The Power Of Cyber Force Of India. | Jai Hind Jai Bharat
FalconFeeds.io @FalconFeedsio
59K Followers 783 Following Democratizing Cyber Security. Threat intelligence platform for Cyber Security professionals and business. For API integration contact: [email protected]
PRODAFT @PRODAFT
9K Followers 11 Following Proactive Defense Against Future Threats | Pioneering #CyberSec and #ThreatIntelligence in Europe & MENA since ’12. CTI Platform: #USTA Risk Intel: #BLINDSPOT
Fox_threatintel @banthisguy9349
14K Followers 261 Following Just a person who is against cyber crime and dictators like Putin
The Citizen Lab @citizenlab
118K Followers 1K Following The Citizen Lab is an academic research group at @UofT focusing on the intersection of technologies, human rights and global security.
Michael Koczwara @MichalKoczwara
23K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
DarkFeed @ido_cohen2
43K Followers 0 Following DarkFeed: Cyber Threat Intelligence Platform, Putting things at order in the ransomware crazy world #OSINT | #Ransomware | #Cyberattacks | #Hacktivism
Christopher Stanley @cstanley
112K Followers 523 Following {title: "Security Engineering", company: 〚"@SpaceX", "@X", “@xAI”〛, education: "M.S Computer Science // Cyber Security"}
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
briankrebs @briankrebs
333K Followers 2K Following Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: https://t.co/fTKNavlMwp
𝕯𝖒𝖎𝖙𝖗�... @ddd1ms
11K Followers 1K Following
Ж @flammaveritatis
249 Followers 73 Following Time Magazine Person of The Year 2006, student, advocatus diaboli, agnostic, speaks en/de/gsw/fr/ru
Belarusian Cyber-Part... @cpartisans
14K Followers 4 Following #hacktivists Tg https://t.co/sR1ZIKZXC7 🌐 https://t.co/1xxZIBj7GK Spokes.: @yuliana_shem ✉️ [email protected] Donations - https://t.co/rcr6B1ucuZ
Anonymous @YourAnonNews
7.7M Followers 860 Following We are Anonymous, we are legion, we do not forgive, we do not forget. Expect us. Here to counter propaganda and un-fuck your mind!
CyberKnow @Cyberknow20
36K Followers 3K Following Situational Awareness | Threat Intelligence | cybertracker | Hacktivism | Meme Farmer Digital Owl of the Cyber Realm Posts and Opinions are my own
El Enemigo Anónimo @EnemigoAnonimo_
6K Followers 550 Following La primera serie documental sobre ciberseguridad hecha en España. Un proyecto del periodista @ottoreuss. ¡Tenemos nuevo proyecto! Mira la url de abajo
Deloitte España @Deloitte_ES
24K Followers 276 Following Conoce las últimas noticias y actividades de Deloitte España, la firma líder de servicios profesionales.
The DFIR Report @TheDFIRReport
62K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
Max_Malyutin @Max_Mal_
13K Followers 310 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Rufus @rufusmbrown
1K Followers 279 Following @Mandiant / @GoogleCloud | Advanced Practices 🦅| @GeorgiaTech | opinions are my own
Jiří Vinopal @vinopaljiri
10K Followers 462 Following Threat Researcher at Check Point @_CPResearch_ #DFIR #Reversing - All opinions expressed here are mine only. https://t.co/iWvwWF1AnN
Ladislav B @ladislav_b
384 Followers 146 Following Malware Analysis & Reversing, Network DFIR, Threat Hunting, Threat Intelligence, Trainings, Conferences. Tips&tricks: @malwarelab_eu Opinions are my own. @ESET
MalwareLab @malwarelab_eu
3K Followers 267 Following #Malware Analysis, #DFIR, Computer #Forensics, Incident Response, #ThreatIntel, #OSINT, #CyberSecurity Tips, Tricks, Tools and Trainings by @ladislav_b
The Dark Web Journal @darkwebjournal
1K Followers 754 Following The Dark Web Journal is an independent media publication that aims to demystify the dark web & provide insights into cybersecurity and internet privacy.
ThreatDown @Threat_Down
18K Followers 95 Following No complexity, just security. We overpower threats and empower IT to cover every stage of an attack, and every size of business.
Fusion Intelligence C... @stealthmole_int
123K Followers 4K Following StealthMole : #Criminal #Intelligence #Profiling #Investigation Platform, #OSINT #DarkWeb #DeepWeb #Leaked #DataBreach #Terror #Drugs #Cryptoassets #Ransomware
Andrew Rathbun @bunsofwrath12
3K Followers 706 Following Husband, Father, #DFIR @ Unit 42, Digital Forensics Discord Admin, AboutDFIR Contributor, Author, #USMC Veteran, Former LE, NHL Fan, Dark Mode, Animals, Music
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Carbon Black @carbonb1ack
27K Followers 5K Following Carbon Black empowers top security teams to close the Risk Gap they face today: https://t.co/VDD65U8Ty9
Antonio Sanz @antoniosanzalc
10K Followers 120 Following Fighting evil 24x7. Incident Response & Digital Forensic guy, infosec maniac... and a fine cook! #DFIR - [email protected] / @antoniosanzalc.bsky
blueteamblog @blueteamblog
12K Followers 671 Following Check out my blog - https://t.co/sVkckZJoqF Support my site - https://t.co/3id8vdp6ab
Guido van Rossum @gvanrossum
288K Followers 480 Following Python's BDFL-emeritus, Distinguished Engineer at Microsoft, Computer History Fellow, fully vaccinated. Opinions are my own. He/him.Trends for United States
You might like
