Olivia
Online
SentinelLabs
@LabsSentinel
We are the Threat Intelligence and Malware Analysis team of @SentinelOne
Everywhere
Joined November 2019
387 Following
5.5K Followers
1.1K Posts
New Signals & Stories episode with @TomHegel from @SentinelOne and @invisig0th from The Vertex Project.
We discuss:
🔹DPRK IT workers posing as job applicants
🔹Cross-functional intelligence sharing
🔹AI in CTI
🔹And more!
Really fun conversation on where CTI is headed.
#CyberSecurity #CTI #ThreatIntelligence
https://t.co/VznXxSYEJX
A new macOS stealer called Reaper — a SHub variant tracked by @LabsSentinel — runs an infection chain where each stage hides behind a different trusted brand:
- The lure: a fake WeChat or Miro installer
- The delivery: a typo-squatted domain, mlcrosoft[.]co[.]com
- The execution: dressed up as an Apple XProtectRemediator security update
- The persistence: a fake Google Software Update directory, beaconing every 60 seconds
Microsoft, Apple, Google — in that order, in one chain. The victim never sees a single unfamiliar name.
![SentinelOne's tweet photo. A new macOS stealer called Reaper — a SHub variant tracked by @LabsSentinel — runs an infection chain where each stage hides behind a different trusted brand:
- The lure: a fake WeChat or Miro installer
- The delivery: a typo-squatted domain, mlcrosoft[.]co[.]com
- The execution: dressed up as an Apple XProtectRemediator security update
- The persistence: a fake Google Software Update directory, beaconing every 60 seconds
Microsoft, Apple, Google — in that order, in one chain. The victim never sees a single unfamiliar name.](https://pbs.twimg.com/media/HImtkwfbEAE5EHA.jpg)
🚨 LABScon25 Replay 🚨
Breach Alpha: Trading on Cyber Fallout
https://t.co/R4c11zBBqq
Who to follow
The DFIR Report
@TheDFIRReport
Real Intrusions by Real Attackers, the Truth Behind the Intrusion
SentinelOne
@SentinelOne
ONE autonomous platform to prevent, detect, respond, and hunt. Do more, save time, secure your enterprise: https://t.co/N75g1HAnCs 🐱💻
proxylife
@pr0xylife
DFIR | Malware Hunter | @Cryptolaemus1
LABScon25 Replay 📺
Joe Fitzpatrick: Please Connect to the Foreign Entity to Enhance Your User Experience (@securelyfitz)
https://t.co/MnTltSEO01
In this @WIRED video about fast16, @a_greenberg walks through the whole arc: A 2005 sabotage malware that sat in plain sight for 20 years, the NSA leak that named it, and what @LabsSentinel's @vkamluk and @juanandres_gs (JAGS) finally figured out it was doing. The closing question alone is worth your time.
📄 Full SentinelLABS’s report: https://t.co/oTdzGWjqMy
🗞️ WIRED's full story: https://t.co/rCQjbLT5Nj
Threat actors are in a turf war for ownership of your infrastructure. @LabsSentinel has uncovered PCPJack, a predatory cloud credential worm that hunts its own kind. Its first move? A scorched-earth eviction of rival group TeamPCP. https://t.co/6rGGFcCwl5
This isn’t a theory—it’s in the code. PCPJack specifically kills TeamPCP processes and even reports a "PCP replaced" metric back to its C2.
Fantastic conversation on our Fast16 research 👇
carry on.
On the disturbing nature of the Fast16 sabotage malware @a_greenberg
We are press-release official! ✍️
https://t.co/rocHOj4Ppz
“Nothing to see here – carry on” 🫣
Fresh research from the team (@vkamluk / @juanandres_gs) - this one goes back quite awhile!
fast16 | Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet
https://t.co/cR83vHEzWo
The history of cyberwar just got rewritten with a new
@LabsSentinel discovery by @vkamluk and @juanandres_gs. Stuxnet wasn't the beginning of nation-state sabotage through software. It was just the first one we caught.
Meet fast16 — compiled in 2005, five years before Stuxnet. It isn't espionage. It's not ransomware. It's a precision instrument designed to make scientists trust math that's been quietly broken. Silently. Precisely. Across an entire network.
The implications reach into advanced physics, cryptographic research, and nuclear programs.
Read the full @WIRED story below by @a_greenberg👇
CFP now open! You will regret not submitting to this one.. Stay tuned!
🚨 The LABScon 2026 Call for Papers is officially OPEN!
🗓️ Deadline to submit: June 19, 2026
🔗 https://t.co/WuzxCLC8Lt <- find the button here
While it's hard to get numbers on frequency and costs of ransomware and criminal cyberattacks in China, we do know they happen. This makes the politics of losers in China cybersecurity particularly interesting. 1/x
https://t.co/kzFMM1sd8o
This stirred a lot of thinking and emotion. I'd read it closely 👇🏽
The Cognitive Rust Belt - If you wait for the technology to settle before you address this, you will find there is nothing left to save.
https://t.co/1Yx6xhB1Yy
Last week, a new initiative was launched under @NATO DEEP to develop a Reference Curriculum on Artificial Intelligence as a Tool for Military Power. Honored to work alongside a distinguished group of experts and help define how AI is addressed within military education!
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers