Liteman @kevinfosec
Spinner of Wheels, Forensicator of Digitals, Responder of Incidents | Opinions are opinions. liteman.github.io/about.html Dallas, TX Joined July 2013-
Tweets1K
-
Followers101
-
Following736
-
Likes2K
Go ask your SIEM or EDR if calc.exe spawned regsvr32.exe somewhere in the environment. It’s likely Qakbot activity.
Go ask your SIEM or EDR if calc.exe spawned regsvr32.exe somewhere in the environment. It’s likely Qakbot activity.
Go ask your SIEM or EDR if calc.exe spawned anything at all ... or just use this Sigma rule github.com/SigmaHQ/sigma/… Never forget ... we have everything prepared for your convenience. The cool queries that uncover tomorrows threats may already been written.
Go ask your SIEM or EDR if calc.exe spawned anything at all ... or just use this Sigma rule github.com/SigmaHQ/sigma/… Never forget ... we have everything prepared for your convenience. The cool queries that uncover tomorrows threats may already been written.
.@Volexity discovers zero-day exploit impacting all current versions of Atlassian Confluence Server and Data Center. Attackers deploy in-memory Java implant to evade detection. Read more in our latest blog post: volexity.com/blog/2022/06/0… #DFIR #ThreatIntel #InfoSec
We just posted about an unauthenticated RCE that works on all current version of Atlassian Confluence. There is no patch or work around available at this time. This is 10/10 on the badness scale. Get your servers off the internet now! We have seen active exploitation. #dfir
We just posted about an unauthenticated RCE that works on all current version of Atlassian Confluence. There is no patch or work around available at this time. This is 10/10 on the badness scale. Get your servers off the internet now! We have seen active exploitation. #dfir
Atlassian products are the IR gift that keep on giving. We’ve worked so many breaches caused by exposed Atlassian systems with 0-days. Good time to remind we added the KAPE target for confluence logs github.com/EricZimmerman/…
Atlassian products are the IR gift that keep on giving. We’ve worked so many breaches caused by exposed Atlassian systems with 0-days. Good time to remind we added the KAPE target for confluence logs github.com/EricZimmerman/…
1/ I often try to point out that red vs blue is just a game - a game with the purpose to train blue for the real threats. Nothing else. But some red teamers seem to regard red teaming as an end in itself, or at least lost the sight of the aim. It’s the synergy that matters.
At long last... IT'S MATCH DAY!!! 🇺🇸 USA vs Morocco 🇲🇦 7:30 PM ET 📍 @TQLStadium 📺 » @espn 2 / @UniMas / @TUDNUSA #USAvMAR
Oh wow. The Lancet — one of the most prestigious medical journals in the world — is out with a forceful statement about Roe v. Wade *on the cover*.
Do @DoorDash drivers who pick up food, then cancel the order just get free lunch?
I'm a broken record but whatever. Every Helpdesk call for years I opened Sysinternals Autoruns and looked at the Event Log. I learned what was normal and became uncannily good at what seemed fucky. I don't know what you're looking for, but eventually you'll know when you find it.
Admit it, we all did this when taking PWK/OSCP
Some unsolicited advice from your friendly neighborhood auth person: When you decommission a domain controller, don't give the new domain controller the old server's name. Just don't. Please.
1\ How to detect what command line spawned a process with no EDR/AV? 👀 #DFIR If you have a memory sample, this is how you can figure out what cmd spawned the processes by using volshell and memory forensics. STEP BY STEP GUIDE BELOW 👇 👇 👇 👇 #MemoryForensics
Got off the strangest call just now. Company called me for advice for dealing with "the cyber war" A few min into the call I realized there were differing opinions of some of the people on the call. I'm sharing an anonymized version. There's LOTS to unpack. 1
Picard management tip: For each command, assign it to one person, or ask for a volunteer. Don't ask a crowd to take an action.
Doshe @DosheqQ93j
59 Followers 4K Following
Swoughs @SwoughsDGJ6zns
47 Followers 4K Following
MartinaMilton @e5518o2N3RM80x9
76 Followers 7K Following
Asalanda @landa_asmara
161 Followers 276 Following Hard work spotlights the character of people: some turn up their sleeves, some turn up their noses, and some don’t turn up at all.
Heythiez @heythiez43453
9 Followers 1K Following
Pauline @pauline80774693
402 Followers 3K Following
CRPTO VADEU @CrptoVadeu
997 Followers 2K Following
Rennwech @Rennwech
2 Followers 94 Following
GAURAV RAJ @rajgaurav726
56 Followers 1K Following Threat Hunting | DFIR | Incident Response | Cyber Crime Investigations
Julian Garthwaite @Julznova
348 Followers 926 Following Cyber security peon. Professional blueteam hypeman. Gym attemptee. Schlock movie, coffee & pizza connoisseur 🇳🇿➡️🇯🇵
Charles Shirer @bsdbandit
25K Followers 26K Following A Hacker who is A Lover of People, and Life @RetroTwinz @Secbsd, @GrumpyHackers, @NovaHackers, @deadpixelsec @hacknotcrime Advocate @PositivelyBlue_ OSCP, OSWP
Thinkst Canary @ThinkstCanary
13K Followers 10K Following Most companies only realise they are breached when informed by a 3rd party. This is a stupid problem! Thinkst Canary. Know. When it Matters.
Jana Odineca🇨🇦�... @AnomalyOd
817 Followers 976 Following Co-founder of @ORNA_inc and @wembleypartners | mother, and Harley enthusiast | Member at @CTIleague |@[email protected]
@[email protected]... @1njection
8K Followers 4K Following Focused on hacking! Check out my new book on real-time computer conflict and deception below
Harrison Van Riper @pseudohvr
570 Followers 437 Following ▶️ Director of AI (@TidalCyber) ⏮ Founder, Zero-Shot Security (@zeroshotsec) ⏮ @RedCanary ⏮ @MITREattack ⏮ @DigitalShadows ~ Robo wants an Oreo
Robert Knapp @power_napz
1K Followers 3K Following SOC Director @ Huntress. A billionaire once asked me if I was illiterate.
Joseph @Josephelmadany
0 Followers 38 Following Anything related to the computer world I adore it like crazy
Cobra Cyber Security @CobraCyberSec
824 Followers 4K Following Cyber Security and Threat Intelligence Share.
Todd Mesick @tmesick1
865 Followers 4K Following Another #DFIR addict. @champforensics grad. SUNY Adjunct. GCFE, GCFA, GNFA, GREM, GCTI, GRID, SANS Coin Holder. All statements are my own.
Tom Esch @FutureEsch
76 Followers 369 Following AWS CCP | Cyber Ops Engineer | Words from this account are mine!
00_Hackers ✌️ @HackersAgents
2K Followers 1K Following Security professional. Passion for building and research. A love for learning technologies, longevity, and keeping healthy.
Daddy @trk2707
13 Followers 728 Following
Taz Wake @tazwake
9K Followers 6K Following #DFIR #ThreatHunting | @SANSInstitute instructor | SANS Course Author | CISSP (etc) holder | https://t.co/00tACAnVLd | Rarely used account.
Lizard Labs Software @lizardlabs
4K Followers 4K Following Software developer, founder. Follow me for tweets about programming, bootstrapping, tips, tools, SQL Server, log analysis, #infosec, #data, #dotnet, #SQL, #DFIR
Sølst1c3 @s0lst1c3
5K Followers 2K Following Wi-Fi Hacker, Red Team Guy | Prev @amazon / @specterops / @gdssecurity | @defcon CFP board | #hacking, #cloud, random.lulz() | Daemon est Ubique, Ubique Deus!
EricP @school_of_r00t
50 Followers 127 Following Threat Researcher @awakesecurity | All views are my own
Ramin Nafisi @MalwareRE
5K Followers 2K Following Director of MSTIC Malware Intelligence, Research, and Analysis (MSTIC-MIRAGE) team.
0D0A @0D0AResearch
66 Followers 812 Following Machine Learning🧠 Digital Forensics 🔎Incident Response 🖥 Deep Neural Nets🕸 Reverse Engineering🚗 Honey Pots🐝 Malware Analysis👾 Security Research🛡️ AI🤖
TheSeanPaul @TheSeanPaul1
440 Followers 1K Following Sr. Cyber Threat Hunter | BlueTeam | Fitness Fanatic | InfoSec | NotTheReggaeRapper
mov eax, @k1LL_sw17ch
6K Followers 4K Following A man of many hats! #OpenDND Forever GM #ThreatIntel #MalwareAnalyst #DFIR #Musician #Guitar #Bass #TTRPG
Wandering Star @SW_Samii
5K Followers 4K Following Curator of Chaos Security Weekly Director of Operations (Studio Mom).
Chris Gates @carnal0wnage
36K Followers 6K Following Circumstances do not determine state of being. State of being determines your circumstances. Tweets are my own not my employer. red/purple teaming, some DFIR
Bruno Guerreiro @brunogdiniz
1K Followers 5K Following Yet another brazilian security pro. Opinions are my own.
Consultiful @consultiful
1K Followers 3K Following
Noah Beddome @DomoDoGood
266 Followers 198 Following Your friendly neighborhood stuff-breaker. Ramblings are my own. Stay tuned for rants about MTG, Security and cat /dev/random
Bill Murrin @MurrinBill
82 Followers 210 Following Music, Health, Web. Coding, Computers. Some of this and some of that. Views my own.
tarun vashishth @Tarun_816
32 Followers 315 Following Learning Computer forensics | Cyber security | Malware
Parichay Rai @Parichay_Rai
350 Followers 456 Following Web Security Researcher # Appcelerator | CloudApp | Baracudda | bitcasa | Shaukk | Yesware | ActiveCampaign | bitwall | BaseCRM | Sellfy
L @fionn_mc_153
117 Followers 3K Following
. @420MakeAWish
150 Followers 1K Following
Fix Pin @fixpinit
153K Followers 30K Following Fix Pin helps homeowners find professionals to help them with DIY projects, repairs and just about anything else.
Anna Simpson @diita_ditut
23 Followers 709 Following
Bhadresh @bhdresh
147 Followers 568 Following This is a personal stream, opinions expressed are mine.
PradeepBheeman @BheemanPradeep
13 Followers 78 Following
Jeriah @jeriah_logan
32 Followers 801 Following
Microsoft BlueHat @MSFTBlueHat
5K Followers 203 Following BlueHat is where the security research community and @Microsoft security pros come together as peers, to connect, share and learn. Run by @MSFTSecResponse
Portland Timbers @TimbersFC
344K Followers 419 Following 50 Years of the Portland Timbers in Soccer City, USA presented by @drivetoyota 🪓 Follow: @somostimbers, @timbersfc2, and @timbersacademy ⬅︎
PTFC Street Team @PTFCStreetTeam
1K Followers 30 Following Follow us for up-to-date information on Timbers and Thorns promotional events, watch parties, and exciting giveaways! Presented by Toyota.
Dope @dopegamsms
351 Followers 9 Following
NWS Portland @NWSPortland
113K Followers 385 Following Official account for the National Weather Service Portland. Details: https://t.co/trwMRZJmXv
GAURAV RAJ @rajgaurav726
56 Followers 1K Following Threat Hunting | DFIR | Incident Response | Cyber Crime Investigations
Microsoft DART @MicrosoftDART
2K Followers 3 Following We are the Microsoft Detection and Response Team. All things #DFIR #IncidentResponse
Julian Garthwaite @Julznova
348 Followers 926 Following Cyber security peon. Professional blueteam hypeman. Gym attemptee. Schlock movie, coffee & pizza connoisseur 🇳🇿➡️🇯🇵
Ruud @LazyAdmin
858 Followers 77 Following Blogger at https://t.co/SMNJcZSAsd, Microsoft MVP, Freelance IT Consultant Follow me at https://t.co/byp4kPOXEh
ARCHIVED: Jen Easterl... @CISAJen
63K Followers 49 Following Archived: Director, CISA—America’s Cyber Defense Agency. Combat Veteran. Proud Mom. Rubik’s Cuber. Aspiring Electric 🎸. ❤️/RT ≠ endorsement
SectorH (SOLD OUT) @SectorHSecurity
646 Followers 204 Following A series of NFT collections! A collaboration of security professionals building security tools for #solana Discord: https://t.co/ADuilBMsjF
The Gov't of Japan @JapanGov
486K Followers 318 Following The Official Twitter account of the Government of #Japan. @JPN_PMO. Facebook: https://t.co/aZIvVJOQxn
U.S. Fleet Cyber Comm... @USFLEETCYBERCOM
18K Followers 428 Following Official page for U.S. Fleet Cyber Command / Navy Space Command / U.S. TENTH Fleet. Follows, retweets and links ≠ endorsement. #NavyCyber #NavySpace #TENTHFleet
DoD Cyber Crime Cente... @DC3Forensics
10K Followers 369 Following Official Twitter Page of the DoD Cyber Crime Center. Digital/multimedia forensics, cyber training, analysis, vulnerability sharing, and technical solutions.
Army Cyber Command @ARCYBER
41K Followers 572 Following Official X page of U.S. Army Cyber Command (Following, retweets and links do not equal endorsement)
USCYBERCOM Cybersecur... @CNMF_CyberAlert
70K Followers 80 Following This is Cyber National Mission Force’s alert mechanism to contribute to our shared global cybersecurity (Following, retweets and links do not equal endorsement)
NSA Cyber @NSACyber
149K Followers 12 Following We protect our nation’s most sensitive systems against cyber threats. Likes, retweets, and follows ≠ endorsement.
Cybersecurity and Inf... @CISAgov
309K Followers 99 Following Official communications from CISA on X will always originate from this account. No other accounts are authorized to convey info from CISA or senior CISA staff.
Woven by Toyota @Woven_Toyota
18K Followers 85 Following Woven by Toyota will help to deliver the safest, most intelligent mobility experiences and lifestyle for Toyota customers everywhere.
The Sandbox @TheSandboxGame
1.1M Followers 1K Following The Sandbox is a social gaming metaverse where you can play games, build worlds, and earn rewards.
Pew Research Center @pewresearch
418K Followers 76 Following Nonpartisan, nonadvocacy data and analysis. Follow us on Instagram, Facebook and LinkedIn or subscribe to our newsletters: https://t.co/tawtYBr8Ef ✉️
Yoel Roth isn't on th... @yoyoel
166K Followers 622 Following Used to lead Trust & Safety here. Find me elsewhere.
DFIRDetective @DFIRDetective
1K Followers 759 Following Cassie | Summit/Conference Link Collector | Tech Enthusiast | #GCFE #GCTI #DFIR #OSINT | #LEO to #Cyber
Hacker Valley Media @TheHackerValley
2K Followers 308 Following Who says tech can't be human? | Cybersecurity Podcasts 🎙 & Videos 🎬 | Founded by @chrishvm and @ronaldeddings
Jake | JCyberSec_ @JCyberSec_
10K Followers 67 Following Expert in Credential Phishing and Phishing Kit Research. Working in Cyber Security - Threat Intelligence #Phishing
chompie @chompie1337
83K Followers 1K Following hacker, weird machine mechanic, X-Force Offensive Research (XOR)
Nicolas Krassas @Dinosn
146K Followers 735 Following Head of Threat & Vulnerability Mgmt @ Henkel AG & Co. KGaA https://t.co/NC1orlKrW3
Kostas @Kostastsale
18K Followers 367 Following @TheDFIRReport | No longer active here – find me on Bluesky: https://t.co/qHzDSxCRfG. 🇬🇷🇨🇦
Ali Hadi | B!n@ry @binaryz0ne
33K Followers 566 Following DFIR and Adversary Simulation | DFIR @ ProtonMail
Grzegorz Tworek @0gtweet
36K Followers 2K Following My own research, unless stated otherwise. Not necessarily "safe when taken as directed". GIT d- s+: a+ C++++ !U !L !M w++++$ b++++ G-
Robert M. Lee @RobertMLee
76K Followers 400 Following Co-Founder & CEO @DragosInc | SANS #FOR578 & #ICS515 course author & Faculty Fellow |@_LittleBobby_ writer | NSA & USAF Veteran
Stephan Berger @malmoeb
28K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
LetsDefend @LetsDefendIO
131K Followers 0 Following Learn cybersecurity with hands-on blue team training
Chetan Nayak (Brute R... @NinjaParanoid
31K Followers 0 Following Founder Dark Vortex/Brute Ratel | Former RedTeam @CrowdStrike @Mandiant @niiconsulting
Sandfly Security @SandflySecurity
3K Followers 1 Following Agentless Linux security. Protect Linux with no agents and no drama. Works almost everywhere with safety and speed.
Craig Rowland - Agent... @CraigHRowland
11K Followers 317 Following Agentless Linux security. No endpoint agents and no drama. Linux malware, forensics, intrusion detection, and hacking. Founder @SandflySecurity.
Tornado @0xtornado
3K Followers 541 Following Incident Responder & @TheDFIRReport Member • Hunting and dissecting smart creatures called malware, doing forensics between whiles…
Alessandro Di Carlo @samaritan_o
2K Followers 1K Following Sr. Product Manager, XDR @Malwarebytes ThreatDown - @TheDFIRReport Analyst - 3x @SANSInstitute Lethal Forensicator - GCFA - GASF / Opinions Are My Own
Zach @svch0st
4K Followers 1K Following Everything DFIR @TheDFIRReport | @CuratedIntel | @XintraOrg https://t.co/ggakuKBS0S
Richard Johnson @richinseattle
18K Followers 3K Following Computer Security, Reverse Engineering, and Fuzzing; Training & Publications @ https://t.co/mloVP6rPB7; hacking the planet since 1995; Undercurrents BOFH
David Weston (DWIZZZL... @dwizzzleMSFT
25K Followers 2K Following Corporate Vice President, OS Security and Enterprise @Microsoft
Charles Shirer @bsdbandit
25K Followers 26K Following A Hacker who is A Lover of People, and Life @RetroTwinz @Secbsd, @GrumpyHackers, @NovaHackers, @deadpixelsec @hacknotcrime Advocate @PositivelyBlue_ OSCP, OSWP
Lina @d0rkph0enix
37K Followers 10K Following Infosec dork, boxer, poker player, dog owner/operator, spiller of things. Cars, vidya games, and cooking are my jam. #ChiefsKingdom and Royals fanatic. #SecKC
Kelly Shortridge @swagitda_
29K Followers 279 Following Senior Director @Fastly | software resilience + modern infosec | [email protected] | https://t.co/68itNjq8tL | aka &void;
Alisa Esage Шевч�... @alisaesage
38K Followers 101 Following Independent Hacker & Researcher, Owner of Zero Day Engineering @zerodaytraining • Pronounced ‘is edge’Trends for United States
You might like
