Shreyas Parikh @_rigv - Twitter Profile

OpenAI's agentic security researcher Aardvark is now Codex Security, with a new malware analysis pipeline that lets users upload samples, run automated analysis, and pull structured reports. https://t.co/ntQee7s9aS

2

57

10

45

5K

_rigv retweeted

DirectoryRanger @DirectoryRanger

4 months ago

Entra ID Incident Response: Advanced #PowerShell Techniques #DFIR https://t.co/2ynit4fyLz

0

184

39

208

11K

_rigv retweeted

Terrance DeJesus

@_xDeJesus

4 months ago

While the Notepad++ chaos has been the headline this week, @sysdig dropped some genuinely solid threat research that deserves attention. They walk through an AWS compromise that starts with exposed credentials in S3, pivots into Lambda, and ultimately escalates into Bedrock access. Public, end-to-end cloud intrusion research like this is still rare, so if you care about #cloudsecurity, don’t sleep on it. If you’re looking to hunt for similar behavior, this Elastic rule is a good starting point: https://t.co/haGU6QG7fB Filter out CloudFormation activity and known hyperscaler ASNs (unless you have reason to believe the attacker is operating from deployed cloud infrastructure). Focus on unexpected Lambda function updates, especially those originating from odd IPs or unfamiliar assumed roles. #threatdetection Reference: https://t.co/tFxSsiswx5

5

183

47

138

14K

_rigv retweeted

Phill Moore @phillmoore

5 months ago

Week 03 - 2026 #DFIR https://t.co/InB36IOX58

0

18

11

2

1K

Shreyas Parikh @_rigv

6 months ago

@InsiderPhD @skocherhan Are you changing password from windows/mac system? Because It could be possible that system could be infected with infostealer malware and that malware could be the one sending back the information to attacker.

0

54

Shreyas Parikh @_rigv

7 months ago

@fr0gger_ What are your thoughts on using Claude skills in parallel to the Claude code plugins? I think it would be beneficial here.

1

0

184

Shreyas Parikh @_rigv

7 months ago

@PyroTek3 You can also try @NotebookLM. It will create flow chart, a summary or video based on your likings and can be useful for concise output.

0

3

0

175

_rigv retweeted

Phill Moore @phillmoore

8 months ago

Week 41 - 2025 #DFIR https://t.co/VeV2VdkbTV

0

20

13

6

2K

_rigv retweeted

John Hammond

@_JohnHammond

9 months ago

A threat actor installed Huntress. ... a hysterical mistake on their part, giving us first-hand insight to their tooling, workflow & routine. Phishing infra, stealer logs, Telegram+dark web sites, AI... Hilarious goldmine of cybercrime deets with a front row seat: https://t.co/2gLT2VNDkO

_JohnHammond's tweet photo. A threat actor installed Huntress.

... a hysterical mistake on their part, giving us first-hand insight to their tooling, workflow & routine. Phishing infra, stealer logs, Telegram+dark web sites, AI...

Hilarious goldmine of cybercrime deets with a front row seat: https://t.co/2gLT2VNDkO

70

2K

246

911

288K

_rigv retweeted

Dr. Anton Chuvakin

@anton_chuvakin

10 months ago

"Security and The 7 Deadly Sins" https://t.co/HqdPCCwU6W <- an absolutely epic piece from @philvenables

1

15

3

5

2K

Shreyas Parikh @_rigv

9 months ago

@Gi7w0rm Hey! Congratulations for everything! You deserved it.

0

1

0

67

_rigv retweeted

Yamato Security Tools @SecurityYamato

9 months ago

Sneak preview of the Hayabusa MCP server.

2

94

18

43

13K

_rigv retweeted

Germán Fernández

@1ZRR4H

9 months ago

🔴 Website netextender-sonicwall[.]org downloads "NetExtender-VPN-10.3.3.msi" signed by "MOHAN ENTERPRISES (RAJASTHAN) PVT LTD" 🤔 ▪ The fraudulent domain is powered by Bing and Copilot results, giving it visibility and "credibility" ❌ Previously, this campaign was delivering Bumblebee (https://t.co/ZhSvHZ3qtV) and was spotted by @TheDFIRReport leading to #AdaptixC2 and #Akira ransomware: https://t.co/fgVgSAaWln. [+] Sample: https://t.co/z7J5trx4Jq. / @malwrhunterteam @k3yp0d