Jack @malwareforme
Security researcher Joined March 2015-
Tweets1K
-
Followers6K
-
Following926
-
Likes2K
We are looking for some interns to join our team here at Microsoft. If you are currently studying cyber security, computer science, mathematics or anything similar and based in Ireland or Cheltenham then we would love to hear from you - aka.ms/ghostjobs
People often share full Kusto queries, which is awesome, but what about those handy one liners and tips you have picked up along the way? Here are some of my favourites, share yours below! Extend an additional column for your local time, example +5 UTC: | extend LocalTime = TimeGenerated +5h Find events only on weekends, cast a variable to make it easy to read: let Saturday = time(6.00:00:00); let Sunday = time(0.00:00:00); AuditLogs | where dayofweek(TimeGenerated) in (Saturday, Sunday) Find events during certain hours of the day: | where hourofday(TimeGenerated) !between (4 .. 23) Calculate the minutes (or hours or days etc) between two events: | extend ['Minutes Between Events']=datetime_diff("minute",Timestamp1,Timestamp2) Parse the details, including browser family and version etc of a user agent: | extend UserAgentDetail = todynamic(parse_user_agent(UserAgent, "browser")) Decode base64 encoded strings, useful for PowerShell: | extend DecodedCommand = base64_decode_tostring(EncodedCommand) Rename columns while using project: | project LogTime=TimeGenerated, SigninLocation=Location, IP=IPAddress, Agent=UserAgent
If you're a guy in your early 20s, learn regex. Go into debt if you have to
excited to announce @sublime_sec has raised a $60M Series B led by @IVP @CNBC wrote about the news this morning: cnbc.com/2024/12/12/ema… @ianthiel and I are so grateful and humbled by the trust our customers and community have placed in us. we won't let you down
Enjoy punching phish? Experience writing detections for phish, using regex, Yara, etc., and looking to grow as a researcher within an experienced team? Join me and the rest of the Splunk Attack Analyzer Misfits of Detection Science. US only, fully remote splunk.com/en_us/careers/…
The great Syrian people overthrew the Assad regime. Syria is Free We are free
🔊 Useful advice for the holiday dinner table sublime.security/blog/talking-y…
Proofpoint has tracked this technique since August 2024, and call it “brooxml”. Our researchers do not consider this a zero-day or vulnerability in general. We’ve released Emerging Threats and YARA signatures at the end of this thread.
🚨ALERT: Potential ZERO-DAY, Attackers Use Corrupted Files to Evade Detection 🧵 (1/3) ⚠️ The ongoing attack evades #antivirus software, prevents uploads to sandboxes, and bypasses Outlook's spam filters, allowing the malicious emails to reach your inbox The #ANYRUN team
The absolute worst take ever. Just don’t end up in PCRE jail and it’s fine. Regex 4ever
Microsoft’s Digital Crimes Unit has seized 240 fraudulent websites, disrupting a major “Phishing-as-a-Service” operation. These campaigns targeted sensitive industries like financial services, jeopardizing data, transactions, and even life savings. aka.ms/DCU-disruption…
I'm told we are hiring in MSTIC: aka.ms/msticjobs Come for the data, stay for the data. Creative problem solvers have the most impact. If we've worked together, I'm happy to refer you. But...
i’m legit amped about aligning with all of the “tip of the spear” teams under the CISO this part of the public “secure futures” update is a pretty nice acknowledgment of threat intel impact let’s go! come join us: aka.ms/msticjobs 🕵️ aka.ms/ghostjobs 👻
I'll just leave this here... github.com/wmetcalf/rdp_h…
you can deploy verifiable coverage for this with @sublime_sec (for free), here’s the detection that’s been out for over a year (h/t @zoomequipd @ajpc500): sublime.security/feeds/core/det…
🚨We’re seeing reports of a large-scale #spearphishing campaign targeting multiple sectors, including government and IT. A foreign threat actor is sending phishing emails with malicious RDP files to gain network access. Take proactive measures. More info: bit.ly/4fp9aQB
There is also this setting in admin.microsoft.com
I'm not 100% sure if this will help thwart the current initial access attacks through Teams, but here are some things I would do: 1. Go admin.teams.microsoft.com/company-wide-s… and ensure the following box is unchecked: learn.microsoft.com/en-us/microsof…
Announcing our latest NLU model update: BERT Large Language Model (LLM), which is better at understanding tone, intent, and context than ever before. We’ve detailed our research in our latest blog and how it’s used to combat AI-generated attacks: sublime.security/blog/combating…
We are now developing @elastic threat hunting queries, alongside our detection rules, and openly sharing these as well! 🎉🎉 Can visually explore these with rulexplorer.io! 🔥🔥 #ThreatHunting #DetectionEngineering
Threat hunting just got easier! This new repo of detection rules is crafted by our veteran detection engineers and powered by different Elastic query languages. Get the details of what’s included and see the future of this repo here: go.es.io/4h2JsTX #ElasticSecurityLabs
We're excited to announce the release of our new Public EML Analyzer: a free, unauthenticated tool for analyzing email messages. Upload any EML and get Sublime's analysis results along with URL sandbox and attachment previews, insights, and more: analyzer.sublime.security
Microsoft has been running massive deception campaigns that flood new phishing sites with bogus credentials for bogus companies on MS tenants. When attackers log in, they deliver a torrent of fresh threat intelligence that can be used to defend: #infosec youtube.com/watch?v=78qnM_…
MalwareHunterTeam @malwrhunterteam
254K Followers 37 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
BleepingComputer @BleepinComputer
254K Followers 205 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
Karsten Hahn @struppigel
26K Followers 783 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
JAMESWT @JAMESWT_WT
37K Followers 543 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
Michael Koczwara @MichalKoczwara
25K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
💻 Sherrod @sherrod_im
37K Followers 7K Following Difficult mystery girl connected to the divine forces of the universe.
mRr3b00t @UK_Daniel_Card
123K Followers 8K Following Department of Cyber WAR. Member of the Counter Spider Collective. Wielder of AI to defend in Cyber Space. Ralph Vibe Specialist. VibeOps Operator!
Stephan Berger @malmoeb
29K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Katie Nickels @likethecoins
55K Followers 3K Following Director of Intel at @redcanary. SANS Certified Instructor for FOR578: CTI. Senior Fellow at @CyberStatecraft. She/her. Mastodon: @[email protected]
Josh Stroschein | The... @jstrosch
12K Followers 1K Following Reverse engineer and content creater | 😱 1M+ views on YT | 🎙️ Host of Behind the Binary podcast 👇
James @James_inthe_box
22K Followers 465 Following
The Hacker News @TheHackersNews
1.5M Followers 2K Following The #1 trusted source for cybersecurity news, insights, and analysis — built for defenders and trusted by decision-makers.
Thomas Roccia 🤘 @fr0gger_
35K Followers 2K Following AI Security x Threat Intel · Threat Researcher · Creator of #Unprotect & #NOVA · Malware Warlock · Python 🧡 · Prev @Microsoft @McAfee_Labs
Jazi @h2jazi
8K Followers 533 Following Threat Intel researcher! Technical tweets only; not reflective of employer's views. No endorsement of political groups/entities.
Andrew Northern 𓅓 @ex_raritas
5K Followers 1K Following 🔮 Principal Researcher at Censys ARC 🔮 | formerly Proofpoint | Knowledge Piñata 🪅 | Attack Chain Connoisseur | Aspiring Stoic
Joe Roosen @JRoosen
9K Followers 2K Following SpyCloud - Director of Security Research, Cryptolaemus, Emotet(Ivan)/QBot(Boris) Destroyer, gold prospector & former sysadmin. retweet != endorsement.
ANY.RUN @anyrun_app
33K Followers 191 Following Empowering businesses with proactive security solutions: Interactive Sandbox, TI Lookup and Feeds. Sign up: https://t.co/8hIX0Qh5ME
Gameel Ali 🤘 @MalGamy12
7K Followers 965 Following Threat Researcher @nextronsystems All opinions are my own
Gandalf The Blockchai... @LucaBlockChain
11 Followers 508 Following
Lite Shok @LiteShok
1 Followers 85 Following Innovation in data and security powering Company growth with analytics and strategy that provide in depth analysis at an affordable cost
1n @gyujjjjnhy
1 Followers 12 Following
Migue Frias @vonpilzen
2 Followers 392 Following
Youssef Madkour @M4lB3nder
57 Followers 939 Following Malware Researcher & Detection, Threat Analyst
Dr. B3av3r @drb3av3r
0 Followers 78 Following
The North Korean Comp... @dprkcert
4K Followers 1K Following Defend Tomorrow, Secure Today! A Computer Emergency Response Team (CERT) for the Democratic People's Republic of Korea #EnjoyPropaganda
🐶 @DonCheeno
98 Followers 311 Following
U2FCardsApp@Passwords... @U2FCardsApp
7 Followers 786 Following #authentication #authorization #Biometric #fingerprint #Passwordless #passkeys #autofill #Conferences #Summits #Seminars #Summits #Meetings #Upcoming #solutio
Henri @TabulaR41988
14 Followers 404 Following
Mehrdad @thisMehrdad
0 Followers 110 Following
MarciaAnna @77t8lZ84nC6t9Wu
11 Followers 535 Following
CloudMalwareStudioOSX @CMSOSXAI
9 Followers 789 Following https://t.co/qgFp0ACgjW [email protected] $cybersecurity $cyberprotections $cybersafeguards $cyberdefenses
Mourning @mourning1188
0 Followers 55 Following
Brian Baskin @bbaskin
7K Followers 882 Following Threat researcher, malware analysis, RE, incident response, with some old school forensics and CTFing. Apologetic ginger. These are my personal opinions
Jarvis Crooks @JarvisCroo40453
1 Followers 167 Following Recruiting webshell engineers to penetrate websites, with a monthly salary of up to $100,000. If interested, please contact https://t.co/T2WaUhpqFi
raster @rasterfinance
62K Followers 2K Following Manage your Portfolio like a Hedge-Fund / Your 360° AI Wealth Manager
Stephen @Stephen1415118
9 Followers 193 Following
Ff @7zCooler
1 Followers 267 Following
Undertow @Undertow9248254
0 Followers 165 Following
Blue @cetera___
0 Followers 107 Following
Franklin Peechooba @peechooba
3 Followers 150 Following
Shadowfax @Sh4d0wfax
93 Followers 571 Following I dont know half of you half as well as I should like; and I like less than half of you half as well as you deserve.
김영욱 @triptokyw
29 Followers 837 Following
Aldo Fathoni @realfathonix
83 Followers 3K Following Software developer, retrocomputing and Unix enthusiast, computer hobbyist in general.
OSAMA ABID A.M HADI @osamaabid_hadi
1 Followers 186 Following
Stephen Brent Sargean... @lifesgt
658 Followers 1K Following AML and Law Enforcement investigations at Bitfinex. Looking to help professionals that are new to AML navigate through the field and gain expertise. #bitcoin
mat @mhangok9228
507 Followers 7K Following
sharma akash @Anan65389Akash
1 Followers 71 Following
Hex01 @Hexsn1per
240 Followers 5K Following I don’t break rules. I study why they exist and I listen to system until they confess. God is Great.
Jack Sparrow @cyb3r_54vvy
0 Followers 57 Following
cyberdef049899909 @cyberdef0481677
0 Followers 305 Following
Sh1mm @sh1mmx
3 Followers 73 Following
vx-underground @vxunderground
438K Followers 358 Following The largest collection of malware source code, samples, and papers on the internet. Password: infected
MalwareHunterTeam @malwrhunterteam
254K Followers 37 Following Official MHT Twitter account. Check out ID Ransomware (created by @demonslay335). More photos & gifs, less malware.
BleepingComputer @BleepinComputer
254K Followers 205 Following Breaking cybersecurity and technology news, guides, and tutorials that help you get the most from your computer. DMs are open, so send us those tips!
Karsten Hahn @struppigel
26K Followers 783 Following MalwareAnalysisForHedgehogs, Principal Malware Researcher at GDATA, he/him 🦔🌈🏳️⚧️
JAMESWT @JAMESWT_WT
37K Followers 543 Following #Independent #Malware #Hunter #CyberSecurity #InfoSec https://t.co/KCFBJcHHcW https://t.co/WODUKncjFy
Michael Koczwara @MichalKoczwara
25K Followers 2K Following Threat Researcher/Founder @Intel_Ops_io Threat Intelligence, Adversary Infrastructure Hunting, Curated TI Feed (Coming Soon) https://t.co/VQWaze6gaF
💻 Sherrod @sherrod_im
37K Followers 7K Following Difficult mystery girl connected to the divine forces of the universe.
blackorbird @blackorbird
42K Followers 702 Following Peace and Love. Just Analysis/Hunter/Youtuber/AiCoder/Entrepreneur/. #APT #threatIntelligence #Exploit #CTI #meme #cyber #hacker #OSINT #Ai Need Remote Job
Stephan Berger @malmoeb
29K Followers 1K Following Head of Investigations @InfoGuardAG https://t.co/A5lnFAu7eX
Binni Shah @binitamshah
141K Followers 165 Following Linux Evangelist, Malwares, Security enthusiast ,Investor,World Economy, Finance,Contrarian , Philanthropist , Reformist , Sigma female [email protected]
Germán Fernández @1ZRR4H
38K Followers 463 Following 🏴☠️ OFFENSIVE-INTEL 🏴☠️ Cyber Threat Intelligence by Hackers | Security Researcher at https://t.co/rDrSxZStZD | @CuratedIntel Member | 🥷🧠🇨🇱
chompie @chompie1337
89K Followers 1K Following hacker, exploit developer/weird machine mechanic head of X-Force Offensive Research (XOR) @IBM
hasherezade @hasherezade
91K Followers 954 Following Programmer, #malware analyst. Author of #PEbear, #PEsieve, #TinyTracer. Private account. All opinions expressed here are mine only (not of my employer etc)
briankrebs @briankrebs
331K Followers 2K Following Independent investigative journalist. Author of 'Spam Nation,' a NYT bestseller. Former Washington Post reporter. Mastodon: https://t.co/fTKNavlMwp
Chris Sanders 🔎 �... @chrissanders88
35K Followers 487 Following Ed.D. | Founder @networkdefense @RuralTechFund | Former @Mandiant, DoD | Author: Intrusion Detection Honeypots, Practical Packet Analysis, Applied NSM
Kostas @Kostastsale
20K Followers 383 Following I like building things that solve real problems, working across cybersecurity, product, and research | 🇬🇷🇨🇦
Max_Malyutin @Max_Mal_
13K Followers 306 Following Threat Researcher, Blue Team, DFIR, Malware Analysis, and Reverse Engineering. “⚔️What do we say to God of malware, Not today⚔️”
Virus Bulletin @virusbtn
61K Followers 1K Following Security information portal, testing and certification body. Organisers of the annual Virus Bulletin conference. @[email protected]
Unit 42 @Unit42_Intel
69K Followers 81 Following The latest research and news from Unit 42, the Palo Alto Networks (@paloaltontwks) Threat Intelligence and Security Consulting Team covering incident response.
———————... @da5ch0
8K Followers 5K Following FOLLOWS YOU • “Wir müssen wissen, wir werden wissen” -Hilbert • (he/they/him/them) • infosec and privacy aficionado • mage
The North Korean Comp... @dprkcert
4K Followers 1K Following Defend Tomorrow, Secure Today! A Computer Emergency Response Team (CERT) for the Democratic People's Republic of Korea #EnjoyPropaganda
John O'Brien @boardom_ca
741 Followers 351 Following National Security Officer @microsoftcanada via @CDS_GC & @CSE_CST. Mostly just a Dad though. @[email protected]
SighSec @SighSec
100 Followers 291 Following I do cyber security stuff :) jack of all trades master of none - views are that of my dog
SwiftOnSecurity @SwiftOnSecurity
410K Followers 9K Following computer security person. former helpdesk.
Zack D. Films @zackdfilms1
440K Followers 0 Following A Collection of Things I Find Interesting (Zack D. Films’ Official Account)
Doug D @dugdep
444 Followers 185 Following Former iSec/NCC, Yahoo Paranoid, Datadog. Current Head of Product Security for Gemini. Opinions are my own.
Zscaler ThreatLabz @Threatlabz
9K Followers 46 Following Threat intelligence and security research from @zscaler
Cloudburst @trycloudburst
944 Followers 8 Following The market leader in off-chain intelligence. We help foresee key market trends beyond the horizon--and identify and isolate illicit actors.
Johannes Gilger @heipei
2K Followers 584 Following CEO & Founder @urlscanio. I like building things that spark joy.
urlscan.io @urlscanio
14K Followers 136 Following A sandbox for websites - Find malicious websites and phishing - https://t.co/LfPJPBGXFV - https://t.co/XjI4zJaBBp - #threatintel #cybercrime #infosec #web #phishing
Secure Chicken 🐣 @securechicken
470 Followers 85 Following Rural cybersecurity practitioner and seasoned brewer. Opinions are my own, I work @HarfangLab (former GREAT, CISO and FR Gov).
Renzon @r3nzsec
4K Followers 917 Following IR/Forensics @Unit42_Intel | Contributor/Analyst @TheDFIRReport @XintraOrg | Co-Founder @guidemtraining | CTF member @_hackstreetboys
Alfie Champion @ajpc500
3K Followers 541 Following Founder at @delivr_to | Author of Practical Purple Teaming | Detection & Emulation at @github | Tweets my own
Nextron Research ⚡�... @nextronresearch
3K Followers 13 Following Nextron threat research team. Signatures, rules, and analysis focused on eliminating blind spots.
Trinity Cyber @TrinityCyber
573 Followers 242 Following Advanced network threat prevention. SINET 16 Innovator. Protecting your world better, differently—and with a near zero false detection rate.
Real-Debrid @RealDebrid
47K Followers 42 Following Download or stream whatever you want on Internet from 3€, unlock limits of filehosters and download torrents at full speed. Real-Debrid is edited by XT NETWORK.
sapir federovsky @sapirxfed
5K Followers 196 Following Doing things @wiz_io And then doing more things at home | Failed research blog: https://t.co/j2HT1Tpscs | Trying to be more chill🧘♀️
Paul (DEFENDER) @Threatzman
2K Followers 388 Following Infosec techie, product manager (PM) for Microsoft Defender for Endpoint. Lead author for https://t.co/7KA8PZ12oU - my opinions are my own. [email protected]
Epieos @epieos
7K Followers 0 Following In just 3️⃣ seconds, uncover the identity and activity behind an email address or phone number. Premium OSINT solution, exclusive intelligence.
OSMOSIS Association @osmosiscon
2K Followers 109 Following OSMOSIS Association is the governing body of OSMOSIS — An Association for Open-Source Intelligence (OSINT) Professionals. Join now. #osintforgood
Moonlock Lab @moonlock_lab
2K Followers 78 Following Malware research lab @moonlock_com Assembled by @macpaw to detect and study cybersecurity threats.
Herbie Zimmerman @HerbieZimmerman
3K Followers 941 Following Previous SOC analyst and still wanna-be malware researcher. Manager @HuntressLabs. Stay awesome folks! https://t.co/iZPu82FWX0
CYBERWARCON @CYBERWARCON
6K Followers 569 Following #CYBERWARCON 2025 Registration and CFP are now open | 📧 Subscribe to receive updates at https://t.co/5lb0WvK6MJ
DaveTheResearcher @DaveLikesMalwre
2K Followers 149 Following Threat Hunter | CyberSecurity Researcher | IOC Dealer |
Steven Adair @stevenadair
3K Followers 414 Following President @Volexity | Malware Analyst's Cookbook | https://t.co/K1nPkanWYC
Nico Bautista @30574c
69 Followers 229 Following Advanced Persistent Analyst / Tactics Techniques and Tea
Anton @Antonlovesdnb
6K Followers 4K Following Blue Team stuff | Trying to be a decent human being | @munkschool Grad | Hunt & Response @HuntressLabs
David Schuetz @DarthNull
3K Followers 786 Following Security, Scouting, making, cryptography puzzles, python, secret infrastructure nerd. Also: https://t.co/yNQYKeTQ2q, @[email protected].
Behind The Bastards @bastardspod
99K Followers 114 Following From Hitler’s love of YA fiction to Saddam Hussein's shameful romance novels, this podcast sheds new, weird light on history's monsters. Hosted by @IwriteOK.
1336_0ff_by_0ne @1336_0ff_by_0ne
1K Followers 111 Following Cybersecurity meets metal. Shirts for fictional bands named after malware and threat actors. Literal malwear. Requests are welcome.
Zach @svch0st
4K Followers 1K Following Everything DFIR @TheDFIRReport | @CuratedIntel | @XintraOrg https://t.co/ggakuKBS0S
Volexity @Volexity
8K Followers 7 Following A security firm providing Incident Response, Proactive Threat Assessments, Trusted Advisory, and Threat Intelligence
Lex Gill @lex_is
6K Followers 2K Following lawyer. litigation for the people. @citizenlab senior fellow. teaching @lawmcgill. former @scc_eng clerk (cj). be brave. @lex-is.bsky.social
Sneaky Sherlock @SneakySherlock
108 Followers 1K Following 🔍 Digital Detective | Unearthing truths through open-source intelligence | Analyzing publicly available data to reveal what's hidden | #OSINT enthusiast
_Jibba_ @_jibba_
118 Followers 274 Following Watch Repair Person ➡️ Security Researcher @Microsoft (GHOST) || Threat Intel Content Lead @KC7cyber
Stephanie Hunt (Schoc... @stephanieschoch
2K Followers 355 Following
MetallicHack @MetallicHack
839 Followers 389 Following 🇨🇵 Cybersecurity engineer enjoying Windows & AD security, DFIR and detection engineering @TheDFIRReport analyst
\_(ʘ_ʘ)_/ @pollo290987
4K Followers 280 Following
Justin (he/him) @xxdesmus
5K Followers 128 Following VP of Trust & Safety @Cloudflare I run: https://t.co/CFhTtD4duw and https://t.co/JY9btGIuef. Bluesky: https://t.co/UvzddDtSTATrends for United States
You might like
