Devon Kerr @_devonkerr_
@ElasticSecLabs founder and mission-owner, custodian of secret histories, making environments hostile to threats since 2010. These tweets are mine. elastic.co/security-labs New York State Joined October 2014-
Tweets11K
-
Followers8K
-
Following635
-
Likes15K
I'm honored to join the CSRB, and I look forward to working with my fellow members to drive positive change in the cybersecurity community.
I'm honored to join the CSRB, and I look forward to working with my fellow members to drive positive change in the cybersecurity community.
🇰🇵Lazarus (APT38) is active again, this time impersonating @NGC_Ventures and one of its employees. Peonie Elis is a fake profile (the person from this picture is Wei Hao Partner from Sky9Capital). @Intel_Ops_io has noticed this behavior for a while. Lazarus typically starts by…
@ImposeCost This is key; we treat intelligence largely as a risk management function, and should always keep this in mind, while our adversaries try to use it for risk elimination. These are very different efforts.
We've got a new report: the LLM Safety Assessment! This brand new publication discusses LLM implementation risks, expands on @owasp‘s research, and provides mitigations for common threats. Get it for free: go.es.io/4a7FJiY #ElasticSecurityLabs #generativeAI #LLM
We’re releasing a new #detection ruleset for @awscloud’s Bedrock! This new publication from @stryker0x, @susan_shuc, and @JakeKing details the rules and our suggestions for standardizing security fields: go.es.io/3WozN1U #ElasticSecurityLabs #LLM #generativeai
Talent pipelines. It's unreasonable for someone to think they are going to go play for the Chicago Bulls when they've never played basketball before. There are some out here that think that should be the case. My advice is to put in the work, and you might make it. The reality…
Florian Roth @cyb3rops
181K Followers 2K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇Justin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsAndrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]Mehmet Ergene @Cyb3rMonk
11K Followers 421 Following 👉 Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR at https://t.co/uAlYlXIpyV - Founder @BluRavenSec | Microsoft Security MVP | #DataScienceChris Sanders 🔎 �.. @chrissanders88
32K Followers 505 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSMAli Hadi | B!n@ry @binaryz0ne
29K Followers 568 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFSamir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]Stephan Berger @malmoeb
24K Followers 2K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eXDebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP TwitterMike Felch (Stay Read.. @ustayready
15K Followers 2K Following Pentester / Red Team | Hacking since Renegade BBS backdoors | Dev since vb3 | Content since '99-'03 ezines | Prior CrowdStrike / BHIS | In Christ's gripNick Carr @ItsReallyNick
38K Followers 4K Following Lead, Cyber Crime Intelligence @Microsoft ☠🏛️ Former Incident Response + Threat Research @Mandiant 🦅 Former Chief Technical Analyst @CISAgov 🛡️Jamie 🔜 RSAsí �.. @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.The Haag™ @M_haggis
8K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.Girth Brooks @r0wdy_
17K Followers 1K FollowingWill @BushidoToken
29K Followers 3K Following Threat Intel & Hunting @Equinix | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | @darknetdiaries #126: REvilSteve YARA Synapse Mi.. @stvemillertime
15K Followers 1K Following cyber-physical intel @google writing & sharing on adversary tradecraft, dfir, malware, threat detection, ics/ot intel and all things #yaraBlue Team News @blueteamsec1
45K Followers 9K Following The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.I//uS!0nS @c03rci0n
87 Followers 2K FollowingFletch @fletchpictures
74 Followers 210 Following Cybersecurity | Engineering | AI | Pickleball | Photography | Filmstatictear Ⓥ 🇺�.. @statictear
778 Followers 2K Following @infosec.exchange @bsky.social @DC940 meme-ber. Doing my best to be an ally 🏳️⚧️🏳️🌈 Privacy is a human right. You lost the game.🎙Cyber Distortion .. @DistortionCyber
2K Followers 2K Following The Cyber Distortion Podcast covers all of today's relevant topics related to anything and everything in the world of Cybersecurity. Our opinions are our own!Joe B. - BlindHacker .. @TheBlindHacker
13K Followers 3K Following | #Hacker | #Speaker | #Mentor | #Streamer | #BlindGuy | #LHON | #a11y | #988 | @DeadPixelSec @NovaHackers @hacknotcrime Advocate | Legendary Ambassador 💀diarrhea_goat @diarrhea_goat
2 Followers 288 Following Systems eng by day, pentester by night. Sharing what I learn along the way and randomly bitching about IBD.Andrew Paolucci @splitnicer
145 Followers 384 FollowingAnjum @jack8daniels2
116 Followers 97 Following Security @Cloudflare. Previously @endgameinc, @TalosSecurityJust A Spider @Taraacula
0 Followers 152 Following A beautiful bunch of ripe banana (Daylight come and me wan' go home) Hide the deadly black tarantula (Daylight come and me wan' goSviatoslav Makhynko @SviatMak
112 Followers 2K Following Husband & father of four (soon five) | Software Engineer | *BSD/Linux/MacOS | OSS | Psychology | @[email protected]Ben @liuliuyu7
20 Followers 62 FollowingUSER04725852 @user04725841960
0 Followers 2K FollowingCédric @Cdou_35
20 Followers 28 FollowingFry @KahneSky
1 Followers 122 FollowingMatthew VanDyke @Matt_VanDyke
538K Followers 443K Following Founder, Sons of Liberty International, #veterans training Ukrainian forces to fight Russia. A 501c3 nonprofit org: https://t.co/iJVW8PgiN9Daniel Jary @JanielDary
67 Followers 228 Following Cyber security researcher - Reading other folks cool researchkwstas kwstas @igetsh3llz
82 Followers 541 FollowingSm1l3z @_Sm1l3z
69 Followers 164 FollowingM4rdc0re @M4rdc0re
30 Followers 203 Following Ethical Hacker | Offensive Security Lost in a sea of 1's and 0's.Alex Martirosyan @almartiros
206 Followers 621 Following CRTO, OSCP | Infosec, Mathematics, and Fitness ⓋNL @NLx64
57 Followers 684 FollowingDot & Key Consulting .. @dotandkeysl
5 Followers 262 Following ✨ Transforma tu estrategia digital con Dot & Key: el aliado definitivo en observabilidad y monitorización. 🚀 #Observability #Monitoring #ITTed Foxx @TedFoxx238985
190 Followers 4K Following #cancersucks Constantly searching for help for cancer patients.shif @shif78317903
79 Followers 248 FollowingHesesee @hesesee41165
174 Followers 3K FollowingChuck @cspurling999
2 Followers 1K Followingjohnygalleno @johnygalleno
14 Followers 13 FollowingDonnah Mikal Adhiambo @Adhiambo_AM
2K Followers 429 Following She/her Numero Uno Cybersecurity River Lake Girlie. To be indispensable.sysesc sysesc @sysesc63551
51 Followers 189 Followingcat name | less @catpipeless
72 Followers 398 FollowingLlama @Llama1021048
53 Followers 271 FollowingNsk @nsk_offl_
319 Followers 3K Following Director🎬& Lyricist of Kattravai Katrapin & Onedaykadhalan CyberSecurity Analyst,Travel freak, Ardent Suriya ❤ Jo,Maddy🤩,VJS😍 Fan,CR7MSD Fan🤟,Maduraikaran😎Berke @Berke752252
20 Followers 28 FollowingMario de Sousa Lima @MarioSousaLima
117 Followers 5K FollowingJustin Elze @HackingLZ
52K Followers 5K Following Hacker/CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race carsAndrew Thompson @ImposeCost
34K Followers 1K Following Head of Research and Discovery @Mandiant/@GoogleCloud. Understanding and countering adversaries. Posts attributable to me—not my employer.Katie Nickels @likethecoins
54K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]Mehmet Ergene @Cyb3rMonk
11K Followers 421 Following 👉 Learn #KQL for #ThreatHunting, #DetectionEngineering, and #DFIR at https://t.co/uAlYlXIpyV - Founder @BluRavenSec | Microsoft Security MVP | #DataScienceAli Hadi | B!n@ry @binaryz0ne
29K Followers 568 Following DFIR and Adversary Simulation | DFIR @ ProtonMail | Perfect Stranger | Stronger Together |Sherrod 🆗🆒 #RSA.. @sherrod_im
31K Followers 7K Following Strawberry Tempest. Weird security voyeur. Vibe merchant. CISO of your heart. Official USPS fan account. 🎉 Host of THE Microsoft Threat Intelligence Podcast.Michael Koczwara @MichalKoczwara
18K Followers 2K Following Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/vixTz8xKuF https://t.co/VQWaze6gaFSamir @SBousseaden
24K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]Grzegorz Tworek @0gtweet
30K Followers 1K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-DebugPrivilege @DebugPrivilege
37K Followers 2K Following Security “Researcher” | Former Microsoft MVP | All Tweets are my opinions and thoughts. Interested in Security, Debugging, and Troubleshooting.Adam @Hexacorn
24K Followers 1K Following Red Brain, Blue Fingers [email protected] https://t.co/Bm0C9KQDDY RIP TwitterNick Carr @ItsReallyNick
38K Followers 4K Following Lead, Cyber Crime Intelligence @Microsoft ☠🏛️ Former Incident Response + Threat Research @Mandiant 🦅 Former Chief Technical Analyst @CISAgov 🛡️Jamie 🔜 RSAsí �.. @jamieantisocial
6K Followers 5K Following 🤘@mitreattack for Enterprise Lead, former ATT&CK Evals water distribution engineer (the artists known as #UNC1799), @DistrictHeather ♥️🍷, he/him.blackorbird @blackorbird
28K Followers 600 Following Peace and Love. Just Analysis/Hunter. #APT #threatIntelligence #Exploit Need JobUnit 42 @Unit42_Intel
51K Followers 88 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.The Haag™ @M_haggis
8K Followers 2K Following Threat Researcher | Co-Host of Atomics on a Friday | LOLDrivers & Atomic Red Team Maintainer | I'm Everywhere and Nowhere - BSG.Yarden Shafir @yarden_shafir
19K Followers 273 Following A circus artist with a visual studio licenseSeth Abramson @SethAbramson
892K Followers 17 Following “An unreadable nonsense machine.” —Elon Musk New York Times-bestselling journalist and lawyer. 🗣️: https://t.co/bGlpbdTQ7y; https://t.co/IArPG4otQCFlorian @floesen_
2K Followers 88 Following Passionate about reverse engineering and low level development. @the_secret_clubnzyme - Network Defen.. @nzyme_defense
750 Followers 477 Following nzyme - Network Defense System, free and openJonathan Bar Or (JBO).. @yo_yo_yo_jbo
3K Followers 1K Following Security research architect for @Microsoft Defender for cross-platform. Member of @thegooniesctf. Linux, Windows, Android, MacOS, iOS, ChromeOS, baremetal.RussianPanda 🐼 �.. @RussianPanda9xx
8K Followers 359 Following Senior Threat Intelligence Researcher at @esthreat | Threat Hunter | Malware AddictPIVOTcon @pivot_con
493 Followers 257 Following Threat Research Conference in Europe - Malaga, Spain - May 2024. #StayTuned #ComingSoon #PIVOTcon #PIVOTcon24ringwiss @ringwiss
18K Followers 175 Following 🏳️🌈 🇪🇺 🇵🇱 🇬🇧 He/him. Armchair parliamentarian. I type at 140 wpm. RTs are endorsements.Miixxedup @Miixxedup
328 Followers 529 Following CTI at @Mandiant | Analyst at @TheDFIRReport | Security Intelligence, Automation and Innovation | Sourdough baker noob but a connoisseur anyway.Max_Malyutin @Max_Mal_
11K Followers 303 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”Jeff Dimmock @bluscreenofjeff
8K Followers 305 Following @SpecterOps | https://t.co/84xca2tQdx | Tweets are my ownCraig @bumbucha
389 Followers 1K FollowingMatt Anderson @nosecurething
1K Followers 962 Following Senior Detection Engineer @HuntressLabs Threat Research | Threat Hunting | Malware AnalysisSentinelLabs @LabsSentinel
5K Followers 365 Following We are the Threat Intelligence and Malware Analysis team of @SentinelOneRyan "Chaps" Chapman @rj_chap
7K Followers 3K Following DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.Caitlin @TheGamblingBird
3K Followers 2K Following Incident response and systems thinking. Birder. Equal parts minx and battle axe. Forever a wild card.Whose Slide Is It Any.. @WSIIAOfficial
1K Followers 565 Following Because we lost the login creds to @WhoseSlideDrJackBrown 🌊 @DrGJackBrown
183K Followers 24K Following Body Language & Emotional Intelligence Expert • Physician • Anti-Fascist • RT≠endorsement • #LGBTQ Ally • #BLM • https://t.co/qFVwJ2nW4A 🇺🇦Vlado Vajdic @vvlado
450 Followers 503 Following threat detection and response, cloud security, identity protectionAllan “Ransomware S.. @uuallan
16K Followers 6K Following @RecordedFuture CSIRT || Ransomware Researcher || Certified Sommelier || Author || Comic Book CreatorBartek Jerzman ✈️.. @secman_pl
2K Followers 3K Following Hunting ghosts in wires and boxes, former NCSC-PL, PL Navy #fightingthreats | @PIVOT_con co-founderAaron Stephens @x04steve
3K Followers 524 Following @Mandiant Intelligence 🦅 Enabling analysts with tools and automation, usually in Python. Music is cool too.Josh Madeley @MadeleyJosh
1K Followers 388 Following a begrudgingly polite Canadian ex-pat living in Boston, finding evil at @MandiantThreatRecon @nshcthreatrecon
4K Followers 4 Following We are the Cyber Threat Intelligence division of NSHC Threat Research Lab. We track Threat Actor Groups activities worldwide and aim to release our findings.alex lanstein @alex_lanstein
3K Followers 3K Following threaty threats @ StrikeReady -- helping build research workflows into the product. pretty good at bash scripts and strings. disclosures on my linkedin belowDray Agha @Purp1eW0lf
6K Followers 3K Following Security Operations Center Manager @HuntressLabs || "Competition is the law of the jungle, but cooperation is the law of civilisation” - KropotkinJake Knowlton @j2k3k
2K Followers 2K Following @Mandiant | Board member at @VeteranSec | https://t.co/6nviinvBUQ | tweets are my own | Ask me why I hate Andrew NorthernMax Rogers @MaxRogers5
3K Followers 1K Following Sr. Director, Security Operations Center @HuntressLabs | Ex-Mandiant/FireEye | Amateur Runner | Solving Cyber Security for Small & Mid-Sized BusinessesAustin Baker @BakedSec
2K Followers 260 Following IR at LinkedIn | focused on the intersection of data science, engineering, and cybersecurity | Scooping up APT and bopping them on the head | opinions my ownJonathan Gonzalez �.. @godslittlemacro
1K Followers 2K Following Incoherent rants are my own intellectual property. ex-DFIR, now CTI. please post office selfies so I can grow my bookshelf.spencer @techspence
6K Followers 2K Following hacker | pentester | ethical threat | wiz bang exploit slinger hiding in the shadows | co-host @cyberthreatpov | offsec @securit360thesilence / @thesile.. @whoisjonhlu
589 Followers 304 Following Principal analyst @vtxproject / #Synapse, #APT1 report / former @mandiant Tweets are my ownThe Banshee Queen👑 @cyberoverdrive
2K Followers 796 Following #threatintel @PwC_uk but views are mine only. Malware & infrastructure analysis with a side of cyberpunk. 🌃🌌 She/her, support 🏳️🌈🏳️⚧️✨Brian in Pittsburgh @arekfurt
6K Followers 773 Following Former attorney, current IT & infosec consultant in the 'Burgh. Happy to talk about password spraying one minute and constitutional law the next. Son of #wvu.Kuba Gretzky @mrgretzky
13K Followers 644 Following Offensive security tools developer. Reverse engineer, vulnerability researcher and ex-MMO game hacker. Creator of Evilginx. @[email protected]Morgan Adamski @adamski_morgan
2K Followers 286 Following NSA’s CCC biggest fan. Mom. Lax Rat. Cyber Queen. This is a personal handle and my tweets are my own. She/HerMegan @mega_spl0it
408 Followers 250 Following Purple Teamer | Probably a SIEM log | Send Memes | Putting the Tater in Administater | Security Spud @TrustedSecAndrew @4ndr3w6S
2K Followers 2K Following Senior Manager of Detection Engineering @HuntressLabs | Prev. Practice Lead, TAC (Purple Team) @TrustedSec | @SpursOfficial Super Fan - COYS!Chris Donaher @c_donaher
10 Followers 32 FollowingIvan Kwiatkowski @JusticeRage
9K Followers 73 Following Lead cyber threat researcher @HarfangLab. Maintainer of Manalyze, Gepetto, and writer. Trolling on a purely personal capacity.Antonio Cocomazzi @splinter_code
8K Followers 319 Following offensive security - windows internals - reverse engineering | https://t.co/29suYwH66H🌶️ Thing is, a non-U.S. law enforcement entity could have/should have/may have exploited this opportunity. I know I would want to turn the ecosystem inside out and against itself STAKEKNIFE style.
U.S. Charges Russian National with Developing and Operating LockBit Ransomware justice.gov/opa/pr/us-char…
The Ethernet capture architecture is evolving and the DNS summary page is starting to light up. First use case: Identify devices that are trying to use unexpected DNS servers. It's already doing some things to detect DNS tunnels which are not exposed in UI yet.
Our first lightning talk for @RSAConference starts in an hour! Our lineup includes @JakeKing, @quixentric, @_xDeJesus, and more! Swing by booth #5879 to chat with us and take a look at the new report!
Also while I'm here, no one has a standard for what is and isn't technical. I think it's a generic term that doesn't have much use in broad applications. I know some people that are great at reading specific opcodes from specific architectures that don't have network traffic…
I saw another news story about this RSA panel quote a law prof participant saying it would take ten years to come up with an implementable liability + safe harbor regime. But we don't need to wait ten years to start pushing software devs to stop using shared default credentials.
@ImposeCost This is key; we treat intelligence largely as a risk management function, and should always keep this in mind, while our adversaries try to use it for risk elimination. These are very different efforts.
Autocorrect is covert action and an act of war against me.
@DakotaInDC There is a very important conversation to be had here; LLMs can be good analytical partners, but they can't do the hard work for you. You still have to have your own baseline of competence and access to unique data.
This is still my favorite Linux rootkit write-up. Nearly all living off the land with detection evasion and a slick SSH backdoor activated with auth logs. jakoblell.com/blog/2014/05/0…
Please know your worth today and now. Cherish your health, your families, your free time. It's taken me a long time to decouple my self-worth from my career, but I am so much more than IR, Intel, the whole shebang. So are you. 7/n
Rumors had that fish reserves in Malaga restaurants are at risk of peril this week … about time to go check in person ✈️@pivot_con #PIVOTcon24 #LeaveSomeFoodForTheRestOfUs
@brysonbort Hey apologies if this is an over-reach from a twitter stranger, but plz dont be surprised if you think you're over this and then finding it lingering down the road. Sometimes the body tables the event until it feels safe breaking it down.
Come say hi!
Ready to learn your #EDR platform inside and out? At #RSAC? Stop by booth 15 at the Early Stage Expo to grab a signed copy of Evading EDR from author and Director of Security Research @matterpreter 📖
Excited to share that as of May 1st, I’ve been promoted to Senior Security Research Engineer! 🙂 I'm truly honored by this recognition and deeply grateful for the support from my colleagues! #LifeAtElastic
I've just released a cross-platform async DNS Client called DnsClientX. It's a #dotnet library written in C# published as NUGET and a #PowerShell module. It supports DNS over UDP, TCP, and DNS over DOH and DOT. It's my way to learn DNS. github.com/EvotecIT/DnsCl…
We've got a new report: the LLM Safety Assessment! This brand new publication discusses LLM implementation risks, expands on @owasp‘s research, and provides mitigations for common threats. Get it for free: go.es.io/4a7FJiY #ElasticSecurityLabs #generativeAI #LLM
We’re releasing a new #detection ruleset for @awscloud’s Bedrock! This new publication from @stryker0x, @susan_shuc, and @JakeKing details the rules and our suggestions for standardizing security fields: go.es.io/3WozN1U #ElasticSecurityLabs #LLM #generativeai
The following thread is entirely my own thoughts, and while I reference CrowdStrike, this not reflective of my employer or their policies. Sorry for the length. (1/21)