lostpacket @_lostpacket_
Threat Researcher at @_CPResearch_ Joined April 2019-
Tweets39
-
Followers144
-
Following418
-
Likes2K
Unmasking the China-nexus #Storm2603 toolset that pre-dated the ToolShell wave. 📅Active since at least Apr 2025. 🔑Multiple ransomware deployed together: LockBit + Warlock. 💥Custom backdoors: ak47dns & ak47http. Read more --> research.checkpoint.com/2025/before-to…
🇮🇷🇮🇱 In their latest phishing campaigns, Iranian APT Educated Manticore poses as cybersecurity researchers and executives to target top tech academics in Israel: 🔗 Fake Google Meet meetings 🌐 Phishing kits as Single Page App with React 👉 Details: research.checkpoint.com/2025/iranian-e…
Zero-Day used by Stealth Falcon APT group in a spear-phishing campaign: 💥 .URL file exploitation (assigned CVE-2025-33053) 🧰 Custom Mythic implants, LOLBins, and custom payloads 🌍 High-profile targets across the Middle East and Africa research.checkpoint.com/2025/stealth-f…
Following the advisory, CPR shares an in-depth analysis of the malware attributed to Emennet Pasargad: 🐁 WezRat: a custom infostealer 🧀 Uses DLL modules for screenshots, keylogging, file theft, etc. 🐈 Over a year of activity and evolution Read more: 👉 research.checkpoint.com/2024/wezrat-ma…
Following the advisory, CPR shares an in-depth analysis of the malware attributed to Emennet Pasargad: 🐁 WezRat: a custom infostealer 🧀 Uses DLL modules for screenshots, keylogging, file theft, etc. 🐈 Over a year of activity and evolution Read more: 👉 research.checkpoint.com/2024/wezrat-ma…
🇪🇺Amid the upcoming EU membership referendum, Moldova is being hit with #disinformation emails aimed at discrediting the pro-EU course and its supporters. 🕵️Read more about hybrid disinformation-malware operations across Europe by the #LyingPigeon group: research.checkpoint.com/2024/disinform…
20 years of VirusTotal: 2004-2024
While most associate this report with the Israel-Hamas conflict, the actor managed to infiltrate numerous high-profile targets throughout the Middle East in recent years. Given their track record of sharing access with disruptive malware operators, this is a region-wide concern.
While most associate this report with the Israel-Hamas conflict, the actor managed to infiltrate numerous high-profile targets throughout the Middle East in recent years. Given their track record of sharing access with disruptive malware operators, this is a region-wide concern.
[1/5] CPR in collaboration with @sygnia_labs has been tracking #ScarredManticore, one of the most sophisticated Iranian threat actors uncovered to date. Attributed to the MOIS, it is linked to some of the most impactful Iranian intrusions in recent years. research.checkpoint.com/2023/from-alba…
This coup could have been an email
Amid the crisis in Azerbaijan’s breakaway region of Nagorno-Karabakh, our new report reveals Azerbaijani political surveillance using #OxtaRAT malware: 🕵️AutoIT/JPEG polyglot file 🎯Targets activists in Azerbaijan🇦🇿 and entities in Armenia🇦🇲 Read more >> research.checkpoint.com/2023/operation…
Since the end of March, all the files submitted to VirusTotal from Donetsk and Luhansk regions are shown in their telemetry as ZZ country. @virustotal Any chance you can assist with geography to your geolocation services provider?
Since the end of March, all the files submitted to VirusTotal from Donetsk and Luhansk regions are shown in their telemetry as ZZ country. @virustotal Any chance you can assist with geography to your geolocation services provider?
We Reveal 7 Years of #ScarletMimic Mobile Surveillance Campaign Targeting Uyghurs: 📱 More than 20 different Android samples 📄 Uyghur-related lures 👁️ Full surveillance capabilities 🤙 Conduct calls and SMS from victim's device Read More: research.checkpoint.com/2022/never-tru…
Thank you everyone who made #HagueTIX2022 happen. It was insightful, it was fun, and it had trains!
Based on @ContiLeaks, we made an interactive graph of Conti members' relations and share some insights: 🥳Impressive level of self-organization 🥳Bonuses, prizes and bring-your-friend programs 🥳New friends and career growth! 👀Looming threat of prison research.checkpoint.com/2022/leaks-of-…
This is as good a time as any to remind that the actions of a government don't necessarily reflect the opinions of its constituents. This is true in places where we get to choose our elected officials to some extent, and even more so everywhere else.
We investigated the recent attack against Iranian Broadcasting and discovered tools utilized in this operation, including the evidence of usage of destructive wiper malware. This suggests that the damage might be more serious than officially reported. research.checkpoint.com/2022/evilplayo…
Technical details on APT35 attempts to exploit Log4j vulnerability: 💣Both targeted attacks and mass-scanning 💎CharmPower: still-in-development Powershell-based modular toolkit 🧩Shared infrastructure with previous mobile and ransomware campaigns. research.checkpoint.com/2022/apt35-exp…
Today, the Mandiant Threat Intelligence team shared that it assesses with high confidence that #UNC1151 is linked to the Belarusian govt & that Belarus is likely at least partially responsible for the Ghostwriter IO campaign. Read more on our blog: mndt.info/30v7e7X
Ideology as a motive? - check out our latest analysis of the #MosesStaff group, which joins the #Pay2Key and #BlackShadow threat actors targeting Israeli organizations>> research.checkpoint.com/2021/mosesstaf…
Meet Indra, the group of hackers behind the attack against Iran Railways and several Syrian companies with ties to the Iranian regime. We analyzed their operations, the evolution of their tools, and their presence on social media. research.checkpoint.com/2021/indra-hac…
Mwalme @Mwalme603
65 Followers 3K Following
0x2e3635 @XLPMSFT65
132 Followers 4K Following Dad | Husband | Gen X | Msft Windows AD Support | Azure Administrator | Programmer | Cybersecurity | 🇪🇸
Yugesh @youbecks
0 Followers 230 Following
feixiang he @hfx_sg
129 Followers 419 Following A @GroupIB_TI guy with a blend of food loving, Jazz dancing soul. Good naming convention matters. Tweets are mine, not Group-IB's official stand.
yigitturak @yigitturak
65 Followers 167 Following eWlnaXR0dXJhaw== Cyber Security Consultant, Incident Response and Threat Hunting SANS GIAC GNFA
Varys @_ChezDaniela
3K Followers 6K Following Somewhere in between foodie, wine lover and security geek Python 💙|Personal tweets|GSNA/GPEN/GCFR | cancer survivor
threathunterxx @threathuntxx
45 Followers 1K Following This account is for threat research purposes 😬 (not affiliated with any account) | For personal use
Seth Jenkins @__sethJenkins
2K Followers 116 Following Project Zero Security Researcher - Hang glider pilot - Jesus Follower @[email protected]
CyberLeveling @CyberLeveling
165 Followers 2K Following Solo dev, maybe making a game called cyberleveling.
spider @LulleLullu63135
132 Followers 3K Following
Smadj @elismadja
65 Followers 188 Following
Meruem @Meruem49839142
170 Followers 8K Following
hieroph4nt @_hieroph4nt
0 Followers 97 Following When I was little, my father was famous He was the greatest samurai in the empire And he was the Shogun's decapitator
Lebowski @cr4ckerwhite
10 Followers 149 Following #cybersecurity #threathunting #phishfisher @infosec catch #phish, eat #malware, chup #scammers
helloworld/ @hellodebug8
255 Followers 6K Following
perfect4sec @perfect4sec
667 Followers 5K Following DFIR | Threat Intelligence | Malware Analyst | Researcher | Cybersecurity Proactive Defense Team
ice @ice98079542
94 Followers 3K Following
Sayedul Haque @SayedulHaque13
91 Followers 2K Following Cyber Security Professional- Security researcher
Socratest @TheReaITester
6 Followers 153 Following
NavRuby @NavRuby1
12 Followers 183 Following
Stanley Arthur @BORNFREEGH
63 Followers 878 Following
CyberHunter @B1narysn0w
54 Followers 800 Following Antarctic-based Cyber Threat Hunter on a mission for a safer digital world. 🌐 #CyberSecurity #DigitalDefender #TechGuardian #ForensicAnalyst
S0L @S0L1313
6 Followers 128 Following
Berk Albayrak @brkalbyrk7
1K Followers 2K Following Cyber Threat Intelligence Analyst @PRODAFT | TI | OSINT | Cybercrime | TA2AQX 📡
Aleksandar Milenkoski @milenkowski
2K Followers 586 Following Threat Research | Threat Intelligence | PhD | European Commission Marie Curie Research Fellow 2011-2014 | Personal Profile | 🇩🇪
Lois @lois_barlow84
298 Followers 3K Following
Charity @c_yeager76
268 Followers 3K Following
alexismm2 @alexismm2
50 Followers 266 Following
Michael Koczwara @MichalKoczwara
23K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
Is Now on VT! @Now_on_VT
4K Followers 788 Following Stay ahead of cyber threats. Get real-time alerts on notable APT/FIN/ORB indicators from VirusTotal. A threat intel project by @craiu.
Nola @nolaramirez89
314 Followers 3K Following
1t 1s N0b0dyh 🏴... @1t1sNobody
490 Followers 3K Following Sometimes I tweet something! Fighting and studying #malware in the other time
Defender Ciprian Davi... @CiprianDefender
41 Followers 3K Following
Chris Duggan @TLP_R3D
7K Followers 3K Following Head of Threat Informed Defence for a FSTE 100 | Malware Geek | Curated Intel Member | Threat Intelligence Expert Extraordinaire
SocureAccountsGroups@... @SocureAILabs
27 Followers 387 Following [email protected] https://t.co/3foN2WpChg
operations6 @_operations6_
1K Followers 1K Following
Gabe @Gabeincognito
681 Followers 1K Following AI capabilities, information security, and threat intel. Bad at Twitter.
DARKNAVY @DarkNavyOrg
2K Followers 50 Following Cybersecurity enthusiasts from DARKNAVY. Achieve, Analyze, Attack *Oops.
INTENT - The security... @IntentSummit
647 Followers 9 Following INTENT - The security summit for researchers / by researchers. November 19, 2024 • Tel Aviv
Qurium Media @Qur1um
2K Followers 81 Following Prevention, Mitigation, Attribution. Open DM https://t.co/gWuIYXDbdl
CyberKnow @Cyberknow20
36K Followers 3K Following Situational Awareness | Threat Intelligence | cybertracker | Hacktivism | Meme Farmer Digital Owl of the Cyber Realm Posts and Opinions are my own
Silas Cutler (p1nk) @silascutler
13K Followers 2K Following You may know me from your logs Research @Censys Advisor @IST_org & #DEVSEC Built @Only_Scans, @mal_share, #KeyDrop
RooCon @RooCon_AU
350 Followers 0 Following RooCon, a free conference on cyber threat intelligence & attribution, is happening in Sydney on 5-6 November 2025.
Seth Jenkins @__sethJenkins
2K Followers 116 Following Project Zero Security Researcher - Hang glider pilot - Jesus Follower @[email protected]
Bartek Jerzman @secman_pl
2K Followers 3K Following Hunting ghosts in wires and boxes, Head of CTI, former NCSC-PL, PL Navy #fightingthreats | @PIVOT_con co-founder
CERT Polska @CERT_Polska
33K Followers 8 Following Oficjalny profil zespołu CERT Polska | Zgłoszenie incydentu: https://t.co/NNUSNq61UT | O nas: https://t.co/mv9SshTgzy
Michael Koczwara @MichalKoczwara
23K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
The DFIR Report @TheDFIRReport
62K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
Nathan McNulty @NathanMcNulty
17K Followers 1K Following Loves Jesus, loves others | Husband, father of 4, security solutions architect, love to learn and teach | Microsoft MVP | @TribeOfHackers | 🦋@nathanmcnulty.com
SECurityTr8Ker @SECurityTr8Ker
4K Followers 5 Following I used to monitor the SEC's RSS feed for 8-K filings disclosing cybersecurity incidents. Last review: 2025-08-04 10:15 ET
Hunt & Hackett @huntandhackett
1K Followers 1 Following We are experts in cybersecurity, our specialists operate on the frontlines to help customers prevent, detect and respond to today’s most advanced adversaries.
SwitHak (👁) @SwitHak
5K Followers 808 Following French Security Analyst (Fmr TelcoSec) Cyber / Security / Geopolitics & and others. Personal Account, My opinion! Lang: ENglish & FRench
Jurre van Bergen @DrWhax
3K Followers 2K Following Technologist at @AmnestyTech (Security Lab) - Secure contact: https://t.co/dR3wVwG083 fedi: @infosec.exchange/@drwhax https://t.co/H50oBp5f05
TI Research @tiresearch1
709 Followers 103 Following Threat Intelligence Feeds, Automatically generated list of IOCs
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Aleksandar Milenkoski @milenkowski
2K Followers 586 Following Threat Research | Threat Intelligence | PhD | European Commission Marie Curie Research Fellow 2011-2014 | Personal Profile | 🇩🇪
B3ndik @vmptrst
109 Followers 489 Following
ANY.RUN @anyrun_app
30K Followers 192 Following Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up for free: https://t.co/8hIX0Qh5ME
C2 Matrix | #C2Matrix @c2_matrix
6K Followers 97 Following Matrix of Command and Control (C2) Frameworks #C2Matrix #RedTeam #BlueTeam #PurpleTeam
The Banshee Queen👑 @cyberoverdrive
2K Followers 830 Following #threatintel @PwC_uk but views are mine only. Malware & infrastructure analysis with a side of cyberpunk. 🌃🌌 She/her, support 🏳️🌈🏳️⚧️✨
Joe Słowik 🌻 @jfslowik
28K Followers 1K Following CTI, OT/ICS, DE&TH, and related infosec content. Oh, and memes. And shitposting. Lots of shitposting.
2ero @BaoshengbinCumt
3K Followers 945 Following #APT Hunter #CTI Twitter only represents my personal opinion
IODA @IODA_live
4K Followers 7 Following Internet Outage Detection & Analysis @ GeorgiaTech https://t.co/vKObnd1AcN | https://t.co/9ClFttuKID [email protected]
Kris McConkey @smoothimpact
5K Followers 837 Following #threatintel and #dfir lead @ PwC. Blue team forever. Christian, husband, dad, coffee addict, bad photographer, awful cyclist. Tweets my own, not PwC's.
SITE Intelligence Gro... @siteintelgroup
55K Followers 6 Following Official Twitter for SITE Intelligence Group. Tracking Jihadist/Far Right/Far Left/Cyber Security.
Is Now on VT! @Now_on_VT
4K Followers 788 Following Stay ahead of cyber threats. Get real-time alerts on notable APT/FIN/ORB indicators from VirusTotal. A threat intel project by @craiu.
Heavyrain @heavyrain_89
353 Followers 201 Following KRCert(KISC) Deputy General Researcher, Threat Intelligence,
BI.ZONE @bizone_en
734 Followers 22 Following https://t.co/xrpakzkPTA: expert in digital risks management
Belarusian Cyber-Part... @cpartisans
14K Followers 4 Following #hacktivists Tg https://t.co/sR1ZIKZXC7 🌐 https://t.co/1xxZIBj7GK Spokes.: @yuliana_shem ✉️ [email protected] Donations - https://t.co/rcr6B1ucuZ
Dark Web Intelligence @DailyDarkWeb
138K Followers 0 Following Daily Dark Web dose from the dark side.
Fabian Bader @fabian_bader
9K Followers 813 Following #Security #Azure #AAD #MDE #M365 #AD #PKI Microsoft MVP Tweets and opinions are my own @[email protected]
Matt Zorich @reprise_99
14K Followers 2K Following @Microsoft Security | https://t.co/HWozKuixTi | Tweets are my own
Matt Johansen @mattjay
44K Followers 2K Following Helping Secure the Internet | Long Island elder emo surviving in ATX | Expect: infosec current events, DFIR, appsec & cloudsec - and me!
Kse Proso @KseProso
1K Followers 92 Following #APT groups analyst #ThreatIntel researcher @GroupIB @GroupIB_TI Opinions are my own.
Daniel Lunghi @thehellu
2K Followers 590 Following Threat researcher @TrendMicroRSRCH mostly focused on #APTTrends for United States
You might like
