Devon Kerr @_devonkerr_
@ElasticSecLabs founder and mission-owner, custodian of secret histories, making environments hostile to threats since 2010. These tweets are mine. elastic.co/security-labs New York State Joined October 2014-
Tweets11K
-
Followers8K
-
Following635
-
Likes15K
I'm honored to join the CSRB, and I look forward to working with my fellow members to drive positive change in the cybersecurity community.
I'm honored to join the CSRB, and I look forward to working with my fellow members to drive positive change in the cybersecurity community.
🇰🇵Lazarus (APT38) is active again, this time impersonating @NGC_Ventures and one of its employees. Peonie Elis is a fake profile (the person from this picture is Wei Hao Partner from Sky9Capital). @Intel_Ops_io has noticed this behavior for a while. Lazarus typically starts by…
@ImposeCost This is key; we treat intelligence largely as a risk management function, and should always keep this in mind, while our adversaries try to use it for risk elimination. These are very different efforts.
We've got a new report: the LLM Safety Assessment! This brand new publication discusses LLM implementation risks, expands on @owasp‘s research, and provides mitigations for common threats. Get it for free: go.es.io/4a7FJiY #ElasticSecurityLabs #generativeAI #LLM
We’re releasing a new #detection ruleset for @awscloud’s Bedrock! This new publication from @stryker0x, @susan_shuc, and @JakeKing details the rules and our suggestions for standardizing security fields: go.es.io/3WozN1U #ElasticSecurityLabs #LLM #generativeai
Talent pipelines. It's unreasonable for someone to think they are going to go play for the Chicago Bulls when they've never played basketball before. There are some out here that think that should be the case. My advice is to put in the work, and you might make it. The reality…
Florian Roth @cyb3rops
181K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇
Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Andrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.
Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Mehmet Ergene @Cyb3rMonk
11K Followers 421 Following 👉 Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR at https://t.co/uAlYlXIpyV - Founder @BluRavenSec | Microsoft Security MVP | #DataScience
Chris Sanders 🔎 �.. @chrissanders88
32K Followers 505 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Ali Hadi | B!n@ry @binaryz0ne
29K Followers 568 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |
Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaF
Samir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Stephan Berger @malmoeb
24K Followers 2K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
DebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.
Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP Twitter
Mike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's grip
Nick Carr @ItsReallyNick
38K Followers 4K Following Lead, Cyber Crime Intelligence @Microsoft ☠🏛️ Former Incident Response + Threat Research @Mandiant 🦅 Former Chief Technical Analyst @CISAgov 🛡️
Jamie 🔜 RSAsí �.. @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.
The Haag™ @M_haggis
8K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.
Girth Brooks @r0wdy_
17K Followers 1K Following
Will @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvil
Steve YARA Synapse Mi.. @stvemillertime
15K Followers 1K Following cyber-physical intel @google writing & sharing on adversary tradecraft, dfir, malware, threat detection, ics/ot intel and all things #yara
Blue Team News @blueteamsec1
45K Followers 9K Following The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.
I//uS!0nS @c03rci0n
87 Followers 2K Following
Fletch @fletchpictures
74 Followers 210 Following Cybersecurity | Engineering | AI | Pickleball | Photography | Film
statictear Ⓥ 🇺�.. @statictear
778 Followers 2K Following @infosec.exchange @bsky.social @DC940 meme-ber. Doing my best to be an ally 🏳️⚧️🏳️🌈 Privacy is a human right. You lost the game.
🎙Cyber Distortion .. @DistortionCyber
2K Followers 2K Following The Cyber Distortion Podcast covers all of today's relevant topics related to anything and everything in the world of Cybersecurity. Our opinions are our own!
Joe B. - BlindHacker .. @TheBlindHacker
13K Followers 3K Following | #Hacker | #Speaker | #Mentor | #Streamer | #BlindGuy | #LHON | #a11y | #988 | @DeadPixelSec @NovaHackers @hacknotcrime Advocate | Legendary Ambassador 💀
diarrhea_goat @diarrhea_goat
2 Followers 288 Following Systems eng by day, pentester by night. Sharing what I learn along the way and randomly bitching about IBD.
Andrew Paolucci @splitnicer
145 Followers 384 Following
Anjum @jack8daniels2
116 Followers 97 Following Security @Cloudflare. Previously @endgameinc, @TalosSecurity
Just A Spider @Taraacula
0 Followers 152 Following A beautiful bunch of ripe banana (Daylight come and me wan' go home) Hide the deadly black tarantula (Daylight come and me wan' go
Sviatoslav Makhynko @SviatMak
112 Followers 2K Following Husband & father of four (soon five) | Software Engineer | *BSD/Linux/MacOS | OSS | Psychology | @[email protected]
Ben @liuliuyu7
20 Followers 62 Following
USER04725852 @user04725841960
0 Followers 2K Following
Cédric @Cdou_35
20 Followers 28 Following
Fry @KahneSky
1 Followers 122 Following
Matthew VanDyke @Matt_VanDyke
538K Followers 443K Following Founder, Sons of Liberty International, #veterans training Ukrainian forces to fight Russia. A 501c3 nonprofit org: https://t.co/iJVW8PgiN9
Daniel Jary @JanielDary
67 Followers 228 Following Cyber security researcher - Reading other folks cool research
kwstas kwstas @igetsh3llz
82 Followers 541 Following
Sm1l3z @_Sm1l3z
69 Followers 164 Following
M4rdc0re @M4rdc0re
30 Followers 203 Following Ethical Hacker | Offensive Security Lost in a sea of 1's and 0's.
Alex Martirosyan @almartiros
206 Followers 621 Following CRTO, OSCP | Infosec, Mathematics, and Fitness Ⓥ
NL @NLx64
57 Followers 684 Following
Dot & Key Consulting .. @dotandkeysl
5 Followers 262 Following ✨ Transforma tu estrategia digital con Dot & Key: el aliado definitivo en observabilidad y monitorización. 🚀 #Observability #Monitoring #IT
Ted Foxx @TedFoxx238985
190 Followers 4K Following #cancersucks Constantly searching for help for cancer patients.
shif @shif78317903
79 Followers 248 Following
Hesesee @hesesee41165
174 Followers 3K Following
Chuck @cspurling999
2 Followers 1K Following
johnygalleno @johnygalleno
14 Followers 13 Following
Donnah Mikal Adhiambo @Adhiambo_AM
2K Followers 429 Following She/her Numero Uno Cybersecurity River Lake Girlie. To be indispensable.
sysesc sysesc @sysesc63551
51 Followers 189 Following
cat name | less @catpipeless
72 Followers 398 Following
Llama @Llama1021048
53 Followers 271 Following
Nsk @nsk_offl_
319 Followers 3K Following Director🎬& Lyricist of Kattravai Katrapin & Onedaykadhalan CyberSecurity Analyst,Travel freak, Ardent Suriya ❤ Jo,Maddy🤩,VJS😍 Fan,CR7MSD Fan🤟,Maduraikaran😎
Berke @Berke752252
20 Followers 28 Following
Mario de Sousa Lima @MarioSousaLima
117 Followers 5K Following
Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Andrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.
Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Mehmet Ergene @Cyb3rMonk
11K Followers 421 Following 👉 Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR at https://t.co/uAlYlXIpyV - Founder @BluRavenSec | Microsoft Security MVP | #DataScience
Ali Hadi | B!n@ry @binaryz0ne
29K Followers 568 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |
Sherrod 🆗🆒 #RSA.. @sherrod_im
31K Followers 7K Following Strawberry Tempest. Weird security voyeur. Vibe merchant. CISO of your heart. Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast.
Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaF
Samir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Grzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
DebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.
Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP Twitter
Nick Carr @ItsReallyNick
38K Followers 4K Following Lead, Cyber Crime Intelligence @Microsoft ☠🏛️ Former Incident Response + Threat Research @Mandiant 🦅 Former Chief Technical Analyst @CISAgov 🛡️
Jamie 🔜 RSAsí �.. @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.
blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need Job
Unit 42 @Unit42_Intel
51K Followers 88 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
The Haag™ @M_haggis
8K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.
Yarden Shafir @yarden_shafir
19K Followers 273 Following A circus artist with a visual studio license
Seth Abramson @SethAbramson
892K Followers 17 Following “An unreadable nonsense machine.” —Elon Musk New York Times-bestselling journalist and lawyer. 🗣️: https://t.co/bGlpbdTQ7y; https://t.co/IArPG4otQC
Florian @floesen_
2K Followers 88 Following Passionate about reverse engineering and low level development. @the_secret_club
nzyme - Network Defen.. @nzyme_defense
750 Followers 477 Following nzyme - Network Defense System, free and open
Jonathan Bar Or (JBO).. @yo_yo_yo_jbo
3K Followers 1K Following Security research architect for @Microsoft Defender for cross-platform. Member of @thegooniesctf. Linux, Windows, Android, MacOS, iOS, ChromeOS, baremetal.
RussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 359 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware Addict
PIVOTcon @pivot_con
493 Followers 257 Following Threat Research Conference in Europe - Malaga, Spain - May 2024. #StayTuned #ComingSoon #PIVOTcon #PIVOTcon24
ringwiss @ringwiss
18K Followers 175 Following 🏳️🌈 🇪🇺 🇵🇱 🇬🇧 He/him. Armchair parliamentarian. I type at 140 wpm. RTs are endorsements.
Miixxedup @Miixxedup
328 Followers 529 Following CTI at @Mandiant | Analyst at @TheDFIRReport | Security Intelligence, Automation and Innovation | Sourdough baker noob but a connoisseur anyway.
Max_Malyutin @Max_Mal_
11K Followers 303 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Jeff Dimmock @bluscreenofjeff
8K Followers 305 Following @SpecterOps | https://t.co/84xca2tQdx | Tweets are my own
Craig @bumbucha
389 Followers 1K Following
Matt Anderson @nosecurething
1K Followers 962 Following Senior Detection Engineer @HuntressLabs Threat Research | Threat Hunting | Malware Analysis
SentinelLabs @LabsSentinel
5K Followers 365 Following We are the Threat Intelligence and Malware Analysis team of @SentinelOne
Ryan "Chaps" Chapman @rj_chap
7K Followers 3K Following DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.
Caitlin @TheGamblingBird
3K Followers 2K Following Incident response and systems thinking. Birder. Equal parts minx and battle axe. Forever a wild card.
Whose Slide Is It Any.. @WSIIAOfficial
1K Followers 565 Following Because we lost the login creds to @WhoseSlide
DrJackBrown 🌊 @DrGJackBrown
183K Followers 24K Following Body Language & Emotional Intelligence Expert • Physician • Anti-Fascist • RT≠endorsement • #LGBTQ Ally • #BLM • https://t.co/qFVwJ2nW4A 🇺🇦
Vlado Vajdic @vvlado
450 Followers 503 Following threat detection and response, cloud security, identity protection
Allan “Ransomware S.. @uuallan
16K Followers 6K Following @RecordedFuture CSIRT || Ransomware Researcher || Certified Sommelier || Author || Comic Book Creator
Bartek Jerzman ✈️.. @secman_pl
2K Followers 3K Following Hunting ghosts in wires and boxes, former NCSC-PL, PL Navy #fightingthreats | @PIVOT_con co-founder
Aaron Stephens @x04steve
3K Followers 524 Following @Mandiant Intelligence 🦅 Enabling analysts with tools and automation, usually in Python. Music is cool too.
Josh Madeley @MadeleyJosh
1K Followers 388 Following a begrudgingly polite Canadian ex-pat living in Boston, finding evil at @Mandiant
ThreatRecon @nshcthreatrecon
4K Followers 4 Following We are the Cyber Threat Intelligence division of NSHC Threat Research Lab. We track Threat Actor Groups activities worldwide and aim to release our findings.
alex lanstein @alex_lanstein
3K Followers 3K Following threaty threats @ StrikeReady -- helping build research workflows into the product. pretty good at bash scripts and strings. disclosures on my linkedin below
Dray Agha @Purp1eW0lf
6K Followers 3K Following Security Operations Center Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - Kropotkin
Jake Knowlton @j2k3k
2K Followers 2K Following @Mandiant | Board member at @VeteranSec | https://t.co/6nviinvBUQ | tweets are my own | Ask me why I hate Andrew Northern
Max Rogers @MaxRogers5
3K Followers 1K Following Sr. Director, Security Operations Center @HuntressLabs | Ex-Mandiant/FireEye | Amateur Runner | Solving Cyber Security for Small & Mid-Sized Businesses
Austin Baker @BakedSec
2K Followers 260 Following IR at LinkedIn | focused on the intersection of data science, engineering, and cybersecurity | Scooping up APT and bopping them on the head | opinions my own
Jonathan Gonzalez �.. @godslittlemacro
1K Followers 2K Following Incoherent rants are my own intellectual property. ex-DFIR, now CTI. please post office selfies so I can grow my bookshelf.
spencer @techspence
6K Followers 2K Following hacker | pentester | ethical threat | wiz bang exploit slinger hiding in the shadows | co-host @cyberthreatpov | offsec @securit360
thesilence / @thesile.. @whoisjonhlu
589 Followers 304 Following Principal analyst @vtxproject / #Synapse, #APT1 report / former @mandiant Tweets are my own
The Banshee Queen👑 @cyberoverdrive
2K Followers 796 Following #threatintel @PwC_uk but views are mine only. Malware & infrastructure analysis with a side of cyberpunk. 🌃🌌 She/her, support 🏳️🌈🏳️⚧️✨
Brian in Pittsburgh @arekfurt
6K Followers 773 Following Former attorney, current IT & infosec consultant in the 'Burgh. Happy to talk about password spraying one minute and constitutional law the next. Son of #wvu.
Kuba Gretzky @mrgretzky
13K Followers 644 Following Offensive security tools developer. Reverse engineer, vulnerability researcher and ex-MMO game hacker. Creator of Evilginx. @[email protected]
Morgan Adamski @adamski_morgan
2K Followers 286 Following NSA’s CCC biggest fan. Mom. Lax Rat. Cyber Queen. This is a personal handle and my tweets are my own. She/Her
Megan @mega_spl0it
408 Followers 250 Following Purple Teamer | Probably a SIEM log | Send Memes | Putting the Tater in Administater | Security Spud @TrustedSec
Andrew @4ndr3w6S
2K Followers 2K Following Senior Manager of Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!
Chris Donaher @c_donaher
10 Followers 32 Following
Ivan Kwiatkowski @JusticeRage
9K Followers 73 Following Lead cyber threat researcher @HarfangLab. Maintainer of Manalyze, Gepetto, and writer. Trolling on a purely personal capacity.
Antonio Cocomazzi @splinter_code
8K Followers 319 Following offensive security - windows internals - reverse engineering | https://t.co/29suYwH66H🌶️ Thing is, a non-U.S. law enforcement entity could have/should have/may have exploited this opportunity. I know I would want to turn the ecosystem inside out and against itself STAKEKNIFE style.
U.S. Charges Russian National with Developing and Operating LockBit Ransomware justice.gov/opa/pr/us-char…
The Ethernet capture architecture is evolving and the DNS summary page is starting to light up. First use case: Identify devices that are trying to use unexpected DNS servers. It's already doing some things to detect DNS tunnels which are not exposed in UI yet.
Our first lightning talk for @RSAConference starts in an hour! Our lineup includes @JakeKing, @quixentric, @_xDeJesus, and more! Swing by booth #5879 to chat with us and take a look at the new report!
Also while I'm here, no one has a standard for what is and isn't technical. I think it's a generic term that doesn't have much use in broad applications. I know some people that are great at reading specific opcodes from specific architectures that don't have network traffic…
I saw another news story about this RSA panel quote a law prof participant saying it would take ten years to come up with an implementable liability + safe harbor regime. But we don't need to wait ten years to start pushing software devs to stop using shared default credentials.
@ImposeCost This is key; we treat intelligence largely as a risk management function, and should always keep this in mind, while our adversaries try to use it for risk elimination. These are very different efforts.
Autocorrect is covert action and an act of war against me.
@DakotaInDC There is a very important conversation to be had here; LLMs can be good analytical partners, but they can't do the hard work for you. You still have to have your own baseline of competence and access to unique data.
This is still my favorite Linux rootkit write-up. Nearly all living off the land with detection evasion and a slick SSH backdoor activated with auth logs. jakoblell.com/blog/2014/05/0…
Please know your worth today and now. Cherish your health, your families, your free time. It's taken me a long time to decouple my self-worth from my career, but I am so much more than IR, Intel, the whole shebang. So are you. 7/n
Rumors had that fish reserves in Malaga restaurants are at risk of peril this week … about time to go check in person ✈️@pivot_con #PIVOTcon24 #LeaveSomeFoodForTheRestOfUs
@brysonbort Hey apologies if this is an over-reach from a twitter stranger, but plz dont be surprised if you think you're over this and then finding it lingering down the road. Sometimes the body tables the event until it feels safe breaking it down.
Come say hi!
Ready to learn your #EDR platform inside and out? At #RSAC? Stop by booth 15 at the Early Stage Expo to grab a signed copy of Evading EDR from author and Director of Security Research @matterpreter 📖
Excited to share that as of May 1st, I’ve been promoted to Senior Security Research Engineer! 🙂 I'm truly honored by this recognition and deeply grateful for the support from my colleagues! #LifeAtElastic
I've just released a cross-platform async DNS Client called DnsClientX. It's a #dotnet library written in C# published as NUGET and a #PowerShell module. It supports DNS over UDP, TCP, and DNS over DOH and DOT. It's my way to learn DNS. github.com/EvotecIT/DnsCl…
We've got a new report: the LLM Safety Assessment! This brand new publication discusses LLM implementation risks, expands on @owasp‘s research, and provides mitigations for common threats. Get it for free: go.es.io/4a7FJiY #ElasticSecurityLabs #generativeAI #LLM
We’re releasing a new #detection ruleset for @awscloud’s Bedrock! This new publication from @stryker0x, @susan_shuc, and @JakeKing details the rules and our suggestions for standardizing security fields: go.es.io/3WozN1U #ElasticSecurityLabs #LLM #generativeai
The following thread is entirely my own thoughts, and while I reference CrowdStrike, this not reflective of my employer or their policies. Sorry for the length. (1/21)
Trends for United States
You might like
