Alex @cryptogramfan
Joined May 2019-
Tweets43
-
Followers298
-
Following543
-
Likes98
We’ve just published YARA rules and Python scripts to our GitHub that detects and extracts #IcedID and #BazaLoader malware from Excel add-in (#XLL) files.
New #PurpleFox EK campaign spotted in the wild. An IE Exploit was hosted on this domain: hxxps://feneffecsdoteteat.aixgedbubirtsabkhotsswse[.]shop C2 (registered on 25/07/2021): hxxps://8ze[.]me/u.php?id=1
We’re super excited to share our research into #opendir malware hunting and announce a new framework at #VBLOCALHOST @virusbtn this October! Hope to see many of you there.
#PurpleFox EK now exploits CVE-2021-26411, demonstrating a short PoC-to-ITW time. On 12 April we isolated a sample from a HP Sure Click Enterprise customer in the Middle East. More details in our write-up by @stoerchl on the HP Threat Research blog. threatresearch.ext.hp.com/purple-fox-exp…
We saw high volumes of #Dridex malspam last week, showing up as three groups when clustering samples by filename similarity.
Bromium's Patrick Schläpfer explains how to extract payload URLs from Dridex samples and provides a python script to do that threatresearch.ext.hp.com/dridex-malicio…
We're pleased to share the HP-Bromium Threat Insights Report for July 2020. Highlights include a look at the top document malware file types and office exploits we've seen in 2020 so far, and insights into recent #Aggah, #QakBot and #WannaMine campaigns. threatresearch.ext.hp.com/hp-bromium-thr…
Here's my write-up on changes to the #Aggah malspam campaign which looks at their mail infrastructure, lures, targets, PowerPoint Add-In dropper and Bitcoin stealer.
In May, the attackers behind the #Aggah malicious spam campaign impersonated B2B companies in Europe, the Middle East and Asia to compromise businesses. They also adopted a PowerPoint dropper and cryptocurrency stealer. threatresearch.ext.hp.com/aggah-campaign…
At present we still intend to run the event at the end of July. We are monitoring the situation and will make a final call over the coming month.
A closer visualisation of the #Nemty campaign that targeted APAC organisations in February 2020.
I've been seeing a lot of #Nemty malspam activity lately.
SPONSORS. We need your support. See our Sponsor Information Pack and levels available on our website. bsidesbristol.org.uk/sponsorship/ Let's make this happen!
Extremely informative overview of reverse engineering of “Ransomware as a Service” #Buran by @cryptogramfan @bromium for Joint @BcsForensics @owasp @owaspCambs @ARUCyberRes “Aspects Of Digital Forensics” Workshop @AngliaRuskin @aru_fse #cambridge on Wednesday 19th Feb
The CfP for #bsidesbristol is officially open. This year we're accepting shorter talks (20 mins) as well as regular presentations (45 mins, including Q&A). If it's your first time presenting, we also have friendly mentors on hand to give advice and feedback.
Save the date... 29th and 30th July 2020 BSides Bristol is back! And our Call for Presentations is now open - get submitting! bsidesbristol.org.uk/call-for-prese…
Direct link to script: github.com/cryptogramfan/…
Here's my write-up on how to use perceptual hash algorithms to track malware campaigns that use visually similar maldocs (e.g. #Emotet, #QakBot, #Ursnif). Also released graph_similar_document_images.py that will graph out visually similar maldocs. bromium.com/spot-the-diffe…
#Emotet malspam activity resumed on 13 January 2020. This festive period its actors took a 21 day break, compared with 23 days in 2018/19. cc @Cryptolaemus1 @abuse_ch
If you're interested in malware analysis & RE, I highly recommend the #Zero2Hero course by @VK_Intel and @0verfl0w_. Props to @SentinelOne for releasing ~7 hrs of content for free. It's community contributions like these that close the gap between defensive & offensive capability
@QW5kcmV3 My sources suggest the term has military origins. Earliest reference I could find is R. E. Conley: Military Command and Control (c2) (Signal, Vol 33 No 4, Jan 1979, p 14). The Joint Doctrine for Command and Control Warfare (C2W) from 1996 also uses it: iwar.org.uk/rma/resources/…
Tracking Malware Campaigns Using String Metrics: bromium.com/tracking-malwa… #malware
Josh Stroschein | The... @jstrosch
12K Followers 1K Following Reverse engineer and content creater | 😱 1M+ views on YT | 🎙️ Host of Behind the Binary podcast 👇
Tatyana Shishkova @sh1shk0va
7K Followers 377 Following Lead Security Researcher @Kaspersky GReAT, Member of "Women of #Suricata". Opinions are my own.
WallisGreen @3c9xIuZqE3PoD1d
160 Followers 2K Following
Keven Belanger @KevenBelanger
428 Followers 5K Following Single Father of 3 – Asperger – 🇺🇸 🇫🇷 🇮🇹 IT / Cybersecurity / Forensics / OSINT
Stone Ozzy @StoneOz
105 Followers 765 Following Choose CARE to Eradicate Fear. https://t.co/xp79dhxsbN https://t.co/6rW4FX0Os0 https://t.co/fI29xlh7Wr broken alienated father of.8 to 5x’s,🤷♂️🚀🌟
L², PhD @L_Lgde
831 Followers 3K Following DFIR, CTI & Malware Researcher | Head of CSIRT — ex-ANSSI Focus: Chinese APTs, Russia-linked actors, cybercrime | PhD (International Law)
Md. Mahim Bin Firoj @AviMahim
2 Followers 174 Following Beauty has a power to attract but personality capture the heart.
Anonme @anonme967
17 Followers 235 Following
Satharus @aelmayyah
523 Followers 860 Following HW&FW security researcher. GCFA, eCRE. Purple Teamer. Tinkerer. Into hardware, security, reverse engineering, videogames, rock, and cycling! Views are my own.
bleepsec @bleepsec
8 Followers 429 Following
tracedoor @tracedoor
38 Followers 2K Following Stay safe from cyber threats with our cybersecurity blog. Get the latest updates on data protection, online privacy, and digital security.
_H@ckila @_Hackila
50 Followers 716 Following Pentester | Red Teamer | Trainer Active Directory and Windows environment lover ♥ Tweets are my own and not the views of my employer.
Pascal @cy_b0x
44 Followers 1K Following
abduallh ahmed @abduallhahmed98
2 Followers 348 Following
Plasma @b1tw1z4rd
0 Followers 5K Following
William Souza @wi_souza
38 Followers 454 Following Especialista em redes de computadores ! 🇧🇷 Por um país melhor. Não tenho bandido de estimação !
gloomsec @gl0omsec
359 Followers 970 Following security engineer // chief automator // breaking prod and calling it research // product of chaos //
AM @AGreenDCBike
1K Followers 3K Following 📚Internet Archive🏛️ Needs of the vulnerable before the wants of the majority
Srujankumar @srujankumar_k
41 Followers 543 Following
Lassec @Lassec4
6 Followers 454 Following
cybeast @cybeast0x0
1 Followers 123 Following
icefire @ice___fire
1 Followers 359 Following
chee$y @chee5e4u
0 Followers 64 Following
changing @changin83101572
1 Followers 427 Following
Laura Cox @LauraCoxSC
502 Followers 2K Following Marketing and Communications Manager the British Society for Immunology - tell me about the cool science you're doing! 🔬💉 @lauracox.bsky.social
byapricot @kappillo
470 Followers 5K Following Birth place: Earth Race : Human Politics view: Freedom Religion: Love
cyberthreat @cyberthreat2
31 Followers 1K Following
The Vertex Project @vtxproject
3K Followers 4K Following On a mission to create an intelligence-driven future with Synapse.
ninjabai @blmqt
622 Followers 3K Following Incident Response, APT enthusiast GCIH, CRTP, eCTHP, eCIR #infosec #cybersecurity #blueteam
Bal Porsuğu @_claude_code
8K Followers 5K Following Mobile apps,game, uygulama fikirleri, claude code, mitolojik karakter.
[email protected]... @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/him
Luke @Lofmir
254 Followers 1K Following
Christoffer Alström @Alstrom_
48 Followers 2K Following
José Alegria @josealegria
231 Followers 2K Following Redshift Board Adviser, Former CISO @ Altice Portugal
cyberresponder @Malwarenailed
264 Followers 4K Following tweets and opinions are my own. dfir/threat hunting/malware research
whitehalfmoon @burandonsan
171 Followers 2K Following Security Researcher | Blockchain Hunter | Spotting honeypots & building secure chains | DMs open for collabs
0x002c @0x002c
2 Followers 554 Following
Marcos Vinicios (MV) @iamveene
103 Followers 3K Following I'm here for Offensive Security, Threat Intelligence, Reverse Engineering, Malware Analysis, DFIR, Defense Evasion, Windows Internals, and cyber black magic.
Jairo Pinillos @JairoPinillos
84 Followers 815 Following
vx-underground @vxunderground
438K Followers 358 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
Florian Roth ⚡️ @cyb3rops
221K Followers 3K Following Head of Research @nextronsystems #DFIR #YARA #Sigma | detection engineer | creator of @thor_scanner, Aurora, Sigma, LOKI, YARA-Forge | always busy ⌚️🐇 | vi/vim
MalwareHunterTeam @malwrhunterteam
254K Followers 37 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
JAMESWT @JAMESWT_WT
37K Followers 543 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
Karsten Hahn @struppigel
26K Followers 783 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
Josh Stroschein | The... @jstrosch
12K Followers 1K Following Reverse engineer and content creater | 😱 1M+ views on YT | 🎙️ Host of Behind the Binary podcast 👇
James @James_inthe_box
22K Followers 465 Following
Jake Williams @MalwareJake
149K Followers 2K Following Breaker of software | VP R&D @hunterstrategy | CTI/DFIR | @ians_security faculty | Bookings: jake at malwarejake dot com | GSE #150 | He/him
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
John Hammond @_JohnHammond
320K Followers 3K Following Cybersecurity Researcher @HuntressLabs Just Hacking Training @JustHackingHQ w/ @ethicalhacker https://t.co/UtsNJiyiEk && https://t.co/narO3syzIy
hasherezade @hasherezade
91K Followers 954 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
Joe Roosen @JRoosen
9K Followers 2K Following SpyCloud - Director of Security Research, Cryptolaemus, Emotet(Ivan)/QBot(Boris) Destroyer, gold prospector & former sysadmin. retweet != endorsement.
ExecuteMalware @executemalware
27K Followers 171 Following #malware hunter & analyst. Opinions are my own.
marc ochsenmeier @ochsenmeier
14K Followers 72 Following Malware Analyst @BoschGlobal CERT | Author of #pestudio
Ali Hadi | B!n@ry @binaryz0ne
35K Followers 569 Following DFIR and Adversary Simulation | All posts reflect the views and interests of the person behind this account only |
Tatyana Shishkova @sh1shk0va
7K Followers 377 Following Lead Security Researcher @Kaspersky GReAT, Member of "Women of #Suricata". Opinions are my own.
ANY.RUN @anyrun_app
33K Followers 191 Following Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
blackorbird @blackorbird
42K Followers 702 Following Peace and Love. Just Analysis/Hunter/Youtuber/AiCoder/Entrepreneur/. #APT #threatIntelligence #Exploit #CTI #meme #cyber #hacker #OSINT #Ai Need Remote Job
Christopher Moyer @iamchrismoyer
2K Followers 2K Following Writer & designer in various capacities. Bylines @ The Atlantic, Vice, Rolling Stone, and elsewhere. Marketing VP @westerncpe. OSINT, boxer dogs, fly fishing.
Tara 👽 @tarag0uld
90 Followers 294 Following
AM @AGreenDCBike
1K Followers 3K Following 📚Internet Archive🏛️ Needs of the vulnerable before the wants of the majority
Mek @mekarpeles
1K Followers 103 Following Hi, I'm https://t.co/ruejit0wLo, a country squire no longer young. Neutral Good. 📚 @OpenLibrary at @InternetArchive 👨💻 @BKCHarvard '22 '23 🗺️ Let's map knowledge
Dr. Neal Krawetz @hackerfactor
4K Followers 52 Following Computer security specialist, forensic researcher, and founder of FotoForensics. Sleep is not necessary. Mastodon: @[email protected]
byapricot @kappillo
470 Followers 5K Following Birth place: Earth Race : Human Politics view: Freedom Religion: Love
[email protected]... @rpargman
4K Followers 5K Following Слава Україні! Most important job: being Dad; I also love to help people deny attackers the opportunity to break and steal all the things. Pronouns: He/him
Christiaan Beek @ChristiaanBeek
9K Followers 2K Following Saved by His Grace • VP Cyber Intelligence @Rapid7 - opinions are my own• Speaker•Former @Foundstone @Intel @Kon_Marine
Fusion Intelligence C... @stealthmole_int
125K Followers 11K Following StealthMole : #Criminal #Intelligence #Profiling #Investigation Platform, #OSINT #DarkWeb #DeepWeb #Leaked #DataBreach #Terror #Drugs #Cryptoassets #Ransomware
The DFIR Report @TheDFIRReport
67K Followers 0 Following Real Intrusions by Real Attackers, the Truth Behind the Intrusion
Jazi @h2jazi
8K Followers 533 Following Threat Intel researcher! Technical tweets only; not reflective of employer's views. No endorsement of political groups/entities.
Adli Wahid @adliwahid
2K Followers 3K Following Tweets are personal. Bee photos on Instagram https://t.co/X9rcu4SmNT
Satya Dau @SamyCod3r
261 Followers 1K Following Threat Detection Engineer @ Trellix (formerly FireEye) Incident Responder | Focussing on Malware Analysis and Reverse Engineering | And a fan of Sakamoto Days |
Sophos X-Ops @SophosXOps
71K Followers 321 Following A task force composed of our CTU, SophosLabs, SecOps, and SophosAI teams working together towards one goal: protecting our customers.
Threat Intelligence @threatintel
115K Followers 366 Following Symantec and Carbon Black's threat hunters bring you the latest threat intelligence from the IT security world.
Zachary Gorby @TheGing3rm4n
79 Followers 536 Following Sr DFIR Engineer | Cybersec Consultant | SANS alumni | Gamer | Guitarist | 3D Printing Nerd
Naveen Selvan @infantnaveen
462 Followers 3K Following Security Researcher II - APT @Zscaler | Asm, Python, ML♥️ | Wannacry Patcher | CTFer-Reverser for Life! | for(;;)exploit() | Tweets are my own | Ex @Trellix
Bill Fehr @billfehr
225 Followers 553 Following PolySwarm’s NCT token, traded on coinbase, democratizes the cybersecurity industry
Martin Nguyen @_strongcourage
1K Followers 5K Following Offensive Security Researcher | OSCP, PACES | 🇻🇳🇸🇬🇫🇷🇦🇺🇩🇪🏴🇧🇪🇪🇸🇷🇸🇬🇷🇳🇱🇮🇹🇮🇪🇪🇪🇵🇹🇦🇹🇸🇰
avallach (@xorhex@inf... @xorhex
2K Followers 1K Following 🇺🇦Malware Researcher 🇺🇦 Tweets are my own and do not reflect my employer. On Mastodon as @[email protected] Creator of https://t.co/woQLhjSmV0
Stephen Rice @writing_steve
335 Followers 220 Following Fantasy author. Software developer. Silly gamer.
Tom Gallagher @secbughunter
3K Followers 200 Following Vice President of Engineering, Microsoft Security Response Center (MSRC)
Ariel Jungheit @ArielJT
1K Followers 192 Following Life under the sea was so much easier | Threat Research @harfanglab | Maker | Tweets are my own
Polito Inc @politoinc
11K Followers 5K Following Polito, Inc. is a cyber security firm specializing in computer forensics, web app testing, penetration testing, incident response, and threat hunting.
ThaiCERT by ETDA @ThaiCERT
3K Followers 26 Following ThaiCERT is national CSIRT for Thailand and provides an official point of contact for dealing with computer security incidents in Thai Internet community.
Nils Kuhnert @0x3c7
1K Followers 461 Following Threat Intelligence. Infrastructure Analysis. APT Tracking. Stoked to learn and grow. MMA, Grappling and Brazilian Jiu-Jitsu. I'm also @[email protected].
💻 Sherrod @sherrod_im
37K Followers 7K Following Difficult mystery girl connected to the divine forces of the universe.
Daniel Gordon @ValidHorizon
691 Followers 272 Following Thought Trailer, Cyber Threat Intel, DFIR, and influence operations. Blocked by a lot of terrible people. He/him ValidHorizon on the other site
Reverse Engineering a... @re_and_more
17K Followers 515 Following RE and More by Alexey Kleymenov (https://t.co/s1pWjL46AW). Private classes and group workshops in malware analysis and reverse engineering. #infosec #malware
Y @mxm0z
881 Followers 5K Following
Brian in Pittsburgh @arekfurt
7K Followers 789 Following Former attorney, current IT & infosec consultant in the 'Burgh. Happy to talk about password spraying one minute and constitutional law the next. Son of #wvu.
DC441905 - Worcester ... @dc441905
1K Followers 918 Following DC441905 - Worcester DEFCON. We meet every month both online and in person.
Johnny Belinda @JohnnyBelinda4
85 Followers 156 Following
Siva @Smvasii
106 Followers 1K Following
milkream @milkr3am
768 Followers 237 Following
pandazhengzheng @panda_zheng
860 Followers 879 Following Malware Analysis Expert & Threat Intelligence Expert & APT Hunter
Luke Acha @luke92881
488 Followers 348 Following Incident Response and Malware Detection enthusiast.
SU1PHR @SU1PHR
345 Followers 712 Following Fan of the Cosmic Horror. Cyber Security Professional. Blue Teamer.
stoerchl @stoerchl
2K Followers 103 Following Malware Analyst @HPSecurity | cycling enthusiast and blue jays fan!
Cado @CadoSecurity
946 Followers 150 Following Cado Security is the provider of the first investigation and response automation platform focused on revolutionizing incident response for the hybrid world
Cecilie Gamst Berg @happyjellyfish1
278 Followers 268 Following Cantonese Fundamentalist. Life goal: Full world domination - but will let the other languages live too!You might like
