![SI_FalconTeam's tweet photo. Great catch @StopMalvertisin #APT29🎣! We created a #Yara hunting rule to look for similar SVGs and found this sample:
test.svg
MD5: 5d327af805d36036c79cca2a027c1168
First seen: 2023-06-10
Uses a b64 encoded payload called test[.]zip, contains a legit procexp64.exe.
1/2🧵 https://t.co/cfXi80F2cZ](https://pbs.twimg.com/media/F0cpemdXoAA1TwK.png)
![SI_FalconTeam's tweet photo. Great catch @StopMalvertisin #APT29🎣! We created a #Yara hunting rule to look for similar SVGs and found this sample:
test.svg
MD5: 5d327af805d36036c79cca2a027c1168
First seen: 2023-06-10
Uses a b64 encoded payload called test[.]zip, contains a legit procexp64.exe.
1/2🧵 https://t.co/cfXi80F2cZ](https://pbs.twimg.com/media/F0cpemaXoAoEMIJ.png)
Olivia
Online
Chaplin
@ChaplinSec
Deutschland
Joined May 2021
138 Following
20 Followers
72 Posts
New blog post is live: a deep dive into the BravoX ransomware group — covering their TTPs across the attack chain, from initial access to exfiltration and impact, with a closer look at their tooling and notably their negotiation approach.
https://t.co/6z2sMWIsQV
In this blog post, we share our research on the #VIPERTUNNEL Python backdoor found during a DragonForce Ransomware Incident. We'll examine infrastructure hunting, its code, and how its obfuscation has evolved (spoiler: it changed a lot).
https://t.co/Adu0aeKnTG
Cracking Compromised Edge Devices
Join Evgen Blohm and Marius Genheimer from SECUINFRA Falcon Team for a deep dive into forensic investigations of compromised edge devices from Cisco, Fortinet, Citrix, and Ivanti. Discover the exploits used, the motives of nation-state and cybercriminal attackers, and creative techniques for analyzing these complex appliances. Gain practical tips to investigate and secure your network equipment in this eye-opening session!
https://t.co/eqD9xFIioD
Who to follow
Robert Giczewski
@lazy_daemon
Interested in CTI/Malware Analysis/RE, DFIR and windows exploitation. I like video games & tech as well 🙂. CTI Lead @ Deutsche Telekom. Tweets are my own.
BSidesFrankfurt
@BSidesFRA
2026-09-10 BSidesFrankfurt Conference
2026-09-11 BSidesFrankfurt Workshops
Ken
@icsk3n
Threat Forager and ICS Malware Nerd 🐺🛡 @Mandiant Intelligence | Sifting signals from the noise | Opinions are my own and not attributable to my employer
BREAKING! Save the date!
Workshops at BSidesFrankfurt on Thu, August 28, 2025.
First come, first serve. Details soon - block your calendar Thu+Fri!
Exciting News! The date and location for the next BSidesFrankfurt are officially set! Mark your calendars:
Friday, August 29, 2025, at Campus Westend, Goethe University.
Stay tuned for ticket sales and further updates. In the meantime, revisit past recordings and help spread the word!
We’re also looking for sponsors - a great opportunity to support the cybersecurity community and gain valuable exposure. If you're interested, reach out to us!
Recordings (updated monthly): https://t.co/EZYr5XjFtX
🚨Malware distributed via Steam
Fancy a bit of after work gaming? Beware of infostealer malware distributed via the Steam store!
Using @steamdb we managed to visually identify a very suspicious file in the game files. Luckily, we managed to retrieve a sample for analysis, which will follow in this thread.
This year's #BSidesFrankfurt is bigger and better, now at University Campus Frankfurt. Join us for insightful tracks, international keynotes, and a special kids' track with hands-on hacking courses. Interested in inspiring young minds? We're seeking volunteer teachers!
Great catch @StopMalvertisin #APT29🎣! We created a #Yara hunting rule to look for similar SVGs and found this sample:
test.svg
MD5: 5d327af805d36036c79cca2a027c1168
First seen: 2023-06-10
Uses a b64 encoded payload called test[.]zip, contains a legit procexp64.exe.
1/2🧵
![SI_FalconTeam's tweet photo. Great catch @StopMalvertisin #APT29🎣! We created a #Yara hunting rule to look for similar SVGs and found this sample:
test.svg
MD5: 5d327af805d36036c79cca2a027c1168
First seen: 2023-06-10
Uses a b64 encoded payload called test[.]zip, contains a legit procexp64.exe.
1/2🧵 https://t.co/cfXi80F2cZ](https://pbs.twimg.com/media/F0cpemnXoAMRupK.jpg)
📰 #ESXiArgs #Ransomware is currently affecting more than 2000 #ESXi #Hypervisors around the world. In our lastest blog post we detail the analysis of the #malware artifacts, new #Yara rules to detect it and recommendations to keep your systems safe.
➡️ https://t.co/APl3Kmdqfi
Picking up where we left off yesterday: We created two #Yara rules for the #Magniber #Ransomware delivery method. You can find them in our GitHub Repository and on @abuse_ch Yaraify ⬇️ Have a nice weekend and happy hunting ��
https://t.co/O3cxL7Gp2K
https://t.co/lzFEUZfR76
Great research! Keep this path in mind if you're having trouble finding evidence of execution:
"C:\Windows\appcompat\pca”
New Windows 11 Pro (22H2) Evidence of Execution Artifact! https://t.co/x9kcmxbelG
We analyzed a recent #Bitter #APT attack from their active campaign against Bangladesh featuring Microsoft Office exploitation, their #ZxxZ 2nd stage #backdoor and a previously undocumented #espionage tool we call #AlmondRAT.
You can read our report here: https://t.co/fhL1qa6EE6
This is super cool!
Idea 💡
Sign up for Defender for Endpoint trial:
https://t.co/JLCzPYvjd1
Azure credits:
https://t.co/Q8vXBvY9Em
Set up Streaming API to a Storage account:
https://t.co/zTkRwrVnhv
Generate data with Atomic Red Team and similar. For 30d, expect ~1GB/device.
If you're using @elastic agent with the @osquery manager integration, remember that you can run @yararules on demand, or schedule them, or both!
🚨N-W0rm Analysis Part 2 is now online 🚨
#nw0rm YARA: https://t.co/Dd7XtkWgPg
Article Part 1: https://t.co/5e9gilkqDt
Article Part 2: https://t.co/JWmZVpNxLj
#DFIR #Malware #infosec #CyberSecurity #YARA #100DaysofYARA
Last Seen Users on Sotwe
ชอบสาวใหญ่
Seen from Thailand
Grup manyağı
Seen from Turkey
fbyana 
Seen from Indonesia
ZONA NGINTIP 18+
Seen from Singapore
Wilson
Seen from Guatemala
Pasha
Seen from Pakistan
lokal indo x malay
Seen from Turkey
Ctrl+R
Seen from Vietnam
hijab perawan
Seen from Indonesia
جاوید او شازیه کپل کوهات نه
Seen from United States
Most Popular Users
Elon Musk
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers