Josh Lemon @joshlemon
Chief DIFR at @SoteriaSec_io | @SANSInstitute Principal Instructor & Author | Digital Forensics & Incident Response geek joshlemon.com.au Australia Joined September 2009-
Tweets3K
-
Followers2K
-
Following1K
-
Likes3K
Josh Lemon retweeted
It's time to update your detections if you haven't been looking for WebShells on your #SharePoint server. 🕵 Make sure you're detecting w3wp.exe > cmd.exe > PowerShell.exe Although really, cmd.exe being spawned by your SharePoint server really needs a thorough review.
1
1
1
103
0
Download Image
Josh Lemon retweeted
Microsoft has released security updates that fully protect customers using all supported versions of SharePoint affected by CVE-2025-53770 and CVE-2025-53771. These vulnerabilities apply to on-premises SharePoint Servers only. Customers should apply these updates immediately to…
Josh Lemon retweeted
How DCOM lateral movement works. #ThreatHunting #DFIR
Josh Lemon retweeted
Windows Logon Types #ThreatHunting #DFIR
Here's an update on the data breach of court documents from the NSW JusticeLink website. tl;dr - it was an individual that was able to download +9k documents over two months, it doesn't appear they were leaked anywhere publicly. theguardian.com/australia-news…
If you're running #Erlang systems with SSH it's time to start #ThreatHunting and assume breach. The #PoC for this exploit is simple to use and already in the wild.
If you're running #Erlang systems with SSH it's time to start #ThreatHunting and assume breach. The #PoC for this exploit is simple to use and already in the wild.
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
SANS DFIR @sansforensics
109K Followers 98 Following The world's leading Digital Forensics and Incident Response provider. This feed updates you on latest DFIR news, events, and training.
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Shanna Niggans 🦄 @fancy_4n6
4K Followers 2K Following Digital forensics & incident response #DFIR + #CTI | Horse and Dog mum | Co-host @ComfyConAU | CISO @OpSysAU | RB/SCP for @BlackHatEvents & @BSidesMelbourne
Will @BushidoToken
36K Followers 3K Following Senior Threat Intel Advisor @TeamCymru | Co-founder @CuratedIntel | Co-author @SANSForensics FOR589 | Co-founder @BSidesBournemth | @darknetdiaries #126: REvil
Thomas Roccia 🤘 @fr0gger_
31K Followers 2K Following AI Security x Threat Intel · Sr. Threat Researcher @Microsoft · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @McAfee_Labs · Views mine 😈
Andrew Thompson @ImposeCost
39K Followers 1K Following Head of Research and Discovery (RAD) @Google Threat Intelligence Group via @Mandiant acquisition. Posts are attributable to me—not my employer. Former @USMC.
Chad Tilbury @chadtilbury
22K Followers 600 Following Digital forensics and incident response. Ex-AFOSI, Mandiant, and CrowdStrike. SANS Institute Fellow and co-author of #FOR500 and #FOR508 courses.
Matthew @embee_research
14K Followers 2K Following Security Researcher, Creating and Sharing Educational Content.
Ryan "Chaps" Chapman @rj_chap
8K Followers 3K Following DFIR & malware analyst. @sansforensics FOR528 Author & FOR610 Instructor. @CactusCon crew. Husband & father. Comments = own.
Blue Team News @blueteamsec1
52K Followers 9K Following The cybersecurity home for the latest #BlueTeam, #DFIR, and #ThreatHunting news and tools.
Eric Capuano - Bsky: ... @eric_capuano
11K Followers 3K Following Co-Founder @recon_infosec | SANS DFIR Instructor | IANS Faculty | https://t.co/yUXCSu2Yso | ⬡ ❤ @shortxstack
Christopher Peacock @SecurePeacock
7K Followers 2K Following #PurpleTeam | Ex @RaytheonTech MSSP, @SCYTHE_IO, & @GD_OTS | Taught at BlackHat & DEFCON | #100DaysofSigma | Keep exploring, keep learning, and stay curious
Samir @SBousseaden
25K Followers 1K Following Detection Engineering | Elastic Security Mastodon: @[email protected]
Megantron (@megan@inf... @megan_roddie
6K Followers 4K Following Detection Engineer. Co-Author, SANS FOR509. Author, Practical Detection Engineering. @HackersHealth CFO. Ammy Muay Thai fighter/coach. #ActuallyAutistic.
Phill Moore @phillmoore
9K Followers 3K Following This Week in 4n6 // ThinkDFIR // SANS // CyberCX (DFIR) https://t.co/vLyL2sxTuy I might not know much, but I do know how to Google Tweets are mine
Lisa Forte @LisaForteUK
55K Followers 4K Following Cyber Security - Partner @redgoatcyber - Climber / Caver. she/her
Kevin 🤖🕵️🍺 @KevinPagano3
3K Followers 570 Following 🕵🏼♂️ @stark4n6 🎴 Shiny cardboard collector 🍺 Resident beer drinker
jackalek @jackalek
128 Followers 4K Following
LizO’Neil @5boHaf3r66kz11
28 Followers 2K Following
JessieArabella @5bTm73Vsi474el
14 Followers 1K Following
ersint @ersint0007
6 Followers 298 Following
sad @sec0x25
80 Followers 3K Following
Rheewui @Rheewui2469
53 Followers 3K Following
Anant M @anantmudgal
25 Followers 218 Following
Nsk @nsk_offl_
348 Followers 4K Following Director🎬& Lyricist of Kattravai Katrapin & Onedaykadhalan CyberSecurity Analyst,Travel freak, Ardent Suriya ❤ Jo,Maddy🤩,VJS😍 Fan,CR7MSD Fan🤟,Maduraikaran😎
Me & My_Soul @Me_myself_iam
123 Followers 198 Following
Rosiedabezt241 @rosiedabezt241
0 Followers 26 Following
gnu5knu4 @gnu5knu4
2 Followers 45 Following
Dario Candia @DarioLp8
345 Followers 5K Following Ciberseguridad/SOC/Blue Team/Investigador/ Threat Intelligence/
Oscar @illmatic801
40 Followers 542 Following
3HUE @3HUE6
1 Followers 154 Following
threatYeti by alphaMo... @threatyeti
85 Followers 92 Following threatYeti is a domain/IP research platform from https://t.co/33uEZWna3F that helps researchers investigate potentially malicious sites faster and more confidently.
Ahi @hyrfvh6543
0 Followers 487 Following
Bubjoo @Bubjoo4336332
0 Followers 348 Following
Mirror Mirror @Mirror11Mirror1
0 Followers 352 Following
unverifred @differenziagite
185 Followers 4K Following
skrappy0x4a @skrappy0x4a
449 Followers 2K Following Lead on Cyber Defense | GWOT | Dad | НОРД | 🏍🦑 | ◧◧◧ | 🌲
Hussein Sherafat @Hussein_Sherafa
234 Followers 6K Following
The oversight. . The ... @LeahFranch86647
518 Followers 1K Following The creator the richest plan, the creator of an oversight that BROUGHT a plan to light 🚨🕯️ this plan is a master key to all the humans in the land.. free use
Mito Kehayov @mito_kehayov
21 Followers 465 Following 🇪🇺 / 🇧🇬 / 🇦🇹 / 🇨🇦 - IT Security Engineer. - Statistically estimates cybersecurity risk. - Cuts his nails without anesthetic.
Vinod More @vinodm41
97 Followers 2K Following Incident Response | Threat Hunting | Threat Intelligence | Threat Research | Red Teaming
syn0synack @syn0synack
2 Followers 80 Following
jT0Y0 @jT0Y0
62 Followers 1K Following
James Ibrahim @JamesIb54140322
55 Followers 3K Following
たーぼー @ta_bo_1009
200 Followers 892 Following
وليد الحسين @waledalhusain97
20 Followers 491 Following
Theyrey @Theyrey_62NIBI
47 Followers 5K Following
Swairt @SwairtRj8Vv49
61 Followers 4K Following
legobatman @joelorteg
61 Followers 2K Following
mewhawk @chayansa4
81 Followers 2K Following
وليد @waleedh33
22 Followers 312 Following
Lev Salinas @levsalinas
334 Followers 8K Following
cybermatz @cyber_matz
3 Followers 106 Following
Brandon Leatha @brandonleatha
48 Followers 265 Following eDiscovery, digital forensics, investigations, and some other stuff having to do with data......
Shondey @ShondeyL8s_
43 Followers 5K Following
中村 @ture3939
5 Followers 67 Following
Theeteys @TheeteysHrYUh8
46 Followers 4K Following
nheinen @nheinen
46 Followers 77 Following
TinaTyler @4NfRFS3s02qxQ
68 Followers 7K Following
adhernem @adhernem12
284 Followers 4K Following
vx-underground @vxunderground
368K Followers 290 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
206K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
SwiftOnSecurity @SwiftOnSecurity
405K Followers 9K Following computer security person. former helpdesk.
SANS DFIR @sansforensics
109K Followers 98 Following The world's leading Digital Forensics and Incident Response provider. This feed updates you on latest DFIR news, events, and training.
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
John Hammond @_JohnHammond
298K Followers 3K Following Cybersecurity Researcher @HuntressLabs || Just Hacking Training @JustHackingHQ w/ @ethicalhacker || https://t.co/UtsNJiyQtS || https://t.co/narO3sz7y6
Justin Elze @HackingLZ
65K Followers 5K Following CTO @TrustedSec | Former Optiv/SecureWorks/Accuvant Labs/Redspin | Race cars
Hacking Articles @hackinarticles
276K Followers 453 Following House of Pentesters Join us: https://t.co/Y6XOlSOA92
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 565 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Jake Williams @MalwareJake
142K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
DebugPrivilege @DebugPrivilege
40K Followers 2K Following Windows Nerd | Ex-MSFT | Microsoft MVP in Windows | Interested in Security, Debugging, and Windows Internals.
4n6lady @4n6lady
62K Followers 669 Following #DFIR & #BlueTeam | IR & Threat Detection | #OSINT enthusiast | waiting for HL3 | AWS CIRT - my views are my own
The DFIR Report @TheDFIRReport
62K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion. Services: https://t.co/XW613EKt2w
Mick Douglas 🇺🇦... @bettersafetynet
30K Followers 568 Following Consultant for InfoSec Innovations | @SANSInstitute Principal Instructor | @IANS_Security Faculty | I like information security. How about you?
Troy Hunt @troyhunt
240K Followers 1K Following Creator of @haveibeenpwned. Microsoft Regional Director. Pluralsight author. Online security, technology and “The Cloud”. Australian.
Shanna Niggans 🦄 @fancy_4n6
4K Followers 2K Following Digital forensics & incident response #DFIR + #CTI | Horse and Dog mum | Co-host @ComfyConAU | CISO @OpSysAU | RB/SCP for @BlackHatEvents & @BSidesMelbourne
Chris Sanders 🔎 �... @chrissanders88
34K Followers 489 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
ZachXBT @zachxbt
905K Followers 2K Following Scam survivor turned 2D investigator | Advisor @paradigm
ӉѦСҠіИԌ ҬЄѦ... @HackingTeam777
21K Followers 348 Following #hacking #tecnología #cybersecurity #CyberSecurityNews #infosec #pentesting #cybersecurityawareness #informationsecurity #cyber #github #redteam #blueteam
Clandestine @akaclandestine
49K Followers 5K Following | Security | Osint | Threat Research | Opsec | Threat Intelligence | Infosec | Threat Hunting | Humint |
Aura @SecurityAura
6K Followers 651 Following GCIH, GCFE, GDAT | DFIR, TH, DE | @CuratedIntel DFIR https://t.co/BMWUwziTLh https://t.co/MmX2YNVqdk https://t.co/R20zseQfLk
nick @3dRailForensics
2K Followers 606 Following By Stimson's postulate, I'm no gentleman. ⩜ 🐇 https://t.co/J8RfUt2yuq
Fox_threatintel @banthisguy9349
14K Followers 261 Following Just a person who is against cyber crime and dictators like Putin
National Crime Agency... @NCA_UK
167K Followers 2K Following National Crime Agency. Protecting the public from serious and organised crime. Don't report crime on X. Please call 101. In emergencies always call 999
Who said what? @g0njxa
5K Followers 95 Following ChatGPT says I'm a cyber researcher :) | donate 💸 to g0njxa.eth 💖 | Bad student, enthusiast, defo not an expert DMs are open, feel free to reach! 😼☂️🟣
stacksmashing @ghidraninja
48K Followers 452 Following Security researcher with a focus on hardware & firmware. I occasionally publish stuff on YouTube. Co-founder of @hextreeio. Contact: [email protected]
Zach Edwards @thezedwards
7K Followers 8K Following privacy & data supply chain research / Senior Threat Analyst @SilentPush / politico / #build🔥🕸 ρᔕ𝐞ỮĎ𝔬Ňʸ๓Øᵘ丂 / [email protected]
Spiros Fraganastasis @m3g9tr0n
14K Followers 1K Following Team @hashcat! Eternal n00b and knowledge seeker! Age is just a number and motivation is the fuel! Whatever you do in your life, do not forget to be humble.
Intelligence X News @Info_IntelX
2K Followers 0 Following Intelligence X is a search engine and data archive. This account tweets announcements & status updates of the service. 📢
Timo Steffens @Timo_Steffens
4K Followers 57 Following Works at a German agency on cyber-espionage. Author of 'Attribution of Advanced Persistent Threats' (Springer, 2020). Tweets are personal opinions.
SoteriaSec @SoteriaSec_io
6 Followers 19 Following
Matt Edmondson @matt0177
5K Followers 338 Following Hacker, Forensicator & OSINT practitioner. SANS Author and Senior Instructor, Blackhat speaker & OSCP holder. Featured in Wired and Founder at @ArgeliusLabs
Oversight Project @ItsYourGov
125K Followers 0 Following We fight for you and everyday Americans for an accountable government that serves your interests. We do it because It's Your Government.
theAtropos4n6 @theAtropos4n6
530 Followers 335 Following #DFIR Researcher/Examiner/Blogger | https://t.co/cUOKOIb0lE | Opinions expressed are my own | One thing I know for sure, that I do not know anything (Socrates)
Cyber Daily @cyberdailyau
296 Followers 2 Following The new name for Cyber Security Connect. Market intelligence, information and insights for Australia’s cyber sector.
Julian-Ferdinand @JulianVoeg
826 Followers 410 Following Threat Research @RecordedFuture. Formerly @SecReLabs. He/Him. 🏳️🌈 [email protected]
Dark Web Informer @DarkWebInformer
129K Followers 60 Following Providing Cyber Threat Intelligence from the Dark Web & Clearnet: Breaches, Ransomware, Darknet Markets, Threat Alerts & more. https://t.co/Fi7VW9lg94
RooCon @RooCon_AU
349 Followers 0 Following RooCon, a free conference on cyber threat intelligence & attribution, is happening in Sydney on 5-6 November 2025.
Matt Hand @matterpreter
10K Followers 293 Following Director, Security Research @preluderesearch💜 | Author of Evading EDR https://t.co/E5fs0sSTOv 📖 | Adversary tradecraft & windows internals 🦠
Silas Cutler (p1nk) @silascutler
13K Followers 2K Following You may know me from your logs Research @Censys Advisor @IST_org & #DEVSEC Built @Only_Scans, @mal_share, #KeyDrop
Mathew @mittypk
1K Followers 750 Following Frontline Intel Ops 🦅 Advanced Practices @Mandiant | AU Military DCO | My views are my own
Tyler Hudak @SecShoggoth
7K Followers 958 Following Reverse Engineering, IR, InfoSec. Also huge RPG guy. Elder of the Internet. Tweets and opinions are my own and not the views of my employer.
nyxgeek @nyxgeek
7K Followers 3K Following rebel scum, nerfherder, dogged and relentless. H/P/V/A/C Directory - https://t.co/qn0D9H7IIi
National Cyber Securi... @AUCyberSecCoord
10K Followers 27 Following Coordinating 🇦🇺 cyber security policy, incident response capability & incident preparedness.
Scam Hackers @ScamHackers
117 Followers 205 Following
Tech Transparency Pro... @TTP_updates
7K Followers 1K Following The Tech Transparency Project (TTP) is a research initiative of @Accountable_Org that seeks to hold large technology companies accountable.
GrrCON @GrrCON
9K Followers 126 Following The Largest Midwest Cyber Security & Hacker Conference. -- Sept 26 & 27, 2024
Anton @Antonlovesdnb
5K Followers 3K Following Blue Team stuff | Trying to be a decent human being | @munkschool Grad | Hunt & Response @HuntressLabs
安坂星海 Azaka ||... @AzakaSekai_
11K Followers 6K Following ‧₊˚ ⋅ Indie Comfy VTuber ⊹˚. Employed Threat Intel Researcher ♡‧₊˚ SynthV Cover Artist / Vocal Manip. 🎨: @jamama_666 / @MomoiroKohi / @justNovaj 🖌️: #artsyaz
Threat Insight @threatinsight
11K Followers 218 Following @Proofpoint's insights on targeted attacks & the security landscape. Follow us on Bluesky: https://t.co/8OVfhotdeP
Downdetector Australi... @downdetectorau
2K Followers 0 Following
Joakim Schicht @JoakimSchicht
159 Followers 22 Following
Brian Carrier @carrier4n6
9K Followers 107 Following CEO at Sleuth Kit Labs. Builds incident response (Cyber Triage) and Digital Forensics software (Autopsy and @sleuthkit)
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
James Leyte-Vidal @JamesLeyteVidal
729 Followers 2K Following SANS Principal Instructor. IT Security practitioner. GSE 209. Gamer and runner in my abundant spare time. Likely being sarcastic. FMaaS. He/Him
DFIR Diva @DfirDiva
21K Followers 5K Following DFIR Analyst trying to learn all the things | DFIR Blog for Beginners | Founder @GetYourStart | https://t.co/7cHco4FjUS
Evilginx @evilginx
791 Followers 1 Following I am the evil bot capturing your MFA tokens. Offensive security reverse-proxy phishing framework capable of bypassing MFA protections, created by @mrgretzky
Thomas Millar @thmsmlr
10K Followers 2K Following Follow me for Elixir stuff ⬩ Director of AI @galileomedical prev @stitchfix_algo @uwaterloo instructor_ex ⬩ https://t.co/lQneGN7LAy ⬩ https://t.co/qziuESZ7hd
OSINTtechnical @Osinttechnical
1.1M Followers 865 Following PAI enjoyer, OSINT guy @hntrbrkmedia, my views/freezing cold takes are my own. For full disclosures, visit https://t.co/JOtQx4pI3e.
billy leonard @billyleonard
5K Followers 656 Following pogue life. @Google TAG, Global Head of Analysis of State Sponsored Hacking And Threats.
Cyber Detective💙�... @cyb_detective
54K Followers 3K Following Every day I write about #osint (Open Source Intelligence) tools and techniques. Also little bit about forensics and cybersecurity in general. Work in @netlas_io
Hudson Rock @RockHudsonRock
4K Followers 3 Following Hudson Rock is an Infostealer data intelligence company that helps protect against ransomware attacks, corporate espionage and network over-takes.
Matt Johansen @mattjay
44K Followers 2K Following Helping Secure the Internet | Long Island elder emo surviving in ATX | Expect: infosec current events, DFIR, appsec & cloudsec - and me!Trends for United States
132 B posts
70,2 B posts
28,6 B posts
47,9 B posts
27,8 B posts
3.460 posts
16,2 B posts
25 B posts
128 B posts
1.110 posts
32,4 B posts
3.367 posts
1.047 posts
7.715 posts
2.687 posts
10,8 B posts
8.166 posts
1.671 posts
6.288 posts
18,9 B posts
You might like
Eric Zimmerman
@EricRZimmerman
19K Followers
Ryan "Chaps" Chapman
@rj_chap
8K Followers
13Cubed
@13CubedDFIR
7K Followers
DFRWS
@DFRWS
5K Followers
Olaf Hartong
@olafhartong
17K Followers
Jai Minton
@CyberRaiju
8K Followers
Phill Moore
@phillmoore
9K Followers
Mari Degrazia
@maridegrazia
8K Followers
Eric Capuano - Bsky: ...
@eric_capuano
11K Followers
Kathryn Hedley
@4enzikat0r
3K Followers
Mathias Fuchs
@mathias_fuchs
3K Followers
Andrew Rathbun
@bunsofwrath12
3K Followers
Willi Ballenthin
@williballenthin
7K Followers
Mark Baggett
@MarkBaggett
10K Followers
The Haag™
@M_haggis
9K Followers