Olivia
Online
Malwrologist
@DissectMalware
Senior Security Engineer @Amazon. Ex Assistant Professor. Opinions are mine; not my employer's. DM is open.
Author of xlmdeobfuscator and
Joined February 2018
158 Following
15.1K Followers
2.7K Posts
Pinned Tweet
"#ShadowMove: a Stealthy Lateral Movement Strategy" is now available to read
Read if interested to see a new practical lateral movement
https://t.co/09dLYiupMX
Demo (TDS (MS SQL) & FTP):
https://t.co/VWNcwt9Xjv
Prototype will be released soon
@MITREattack @USENIXSecurity
@kavehrazavi It's fascinating to witness how far a dedicated team of researchers can go!
@kavehrazavi It's always fun to follow your research even though it is completely out of my field expertise.
@jstrosch @m_r_tz @bsdbandit @curi0usJack @ViriBack @fr0gger_ @Cryptolaemus1 @_ringzer0 @hasherezade @struppigel @hahnakane @stevemk14ebr @Malcoreio @malwareforme @UK_Daniel_Card @d4rksystem Thanks Josh, couldn't be active as I used to be. Wish I have more time... It is always nice to see FF specially from people like you
Years ago I did something creative with fonts... never released it just demoed it to a few..
Fonts are multi-dimensional rabbit holes for me: format-wise, security-wise, design-wise and retro-wise.
Send help?
Who to follow
Steve YARA Synapse Miller
@stvemillertime
AI threat intelligence @google
writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara
Will Schroeder
@harmj0y
Researcher @SpecterOps. Coding towards chaotic good while living on the decision boundary.
Arkbird
@Arkbird_SOLG
Malware slayer
Member of @CuratedIntel
@n3mes1s indeed : )
I need to update the description and include the features as it hasn't updated since v0.0.1
Lesser known feature of #YaraDbg: you can drag/drop a pass-protected zip file to analyze the file inside. The pass must be "infected"
The decompressed file will be in the memory not on the local filesystem
https://t.co/xkU8yzrQYK
live: https://t.co/EnDF4lq13z
#100DaysOfYara
@AnFam17 @fr0gger_ Quick tip, rearrange the conditions first the check for whether it is PE and then the string match operation; will greatly improve perf
@greglesnewich Alternatively you can also use https://t.co/EnDF4lq13z
Drop your yara file or copy/paste a link to a yara rule to start
Loved the idea!
So, I've donated the entire amount collected since activating the feature to St. Jude Children's Research Hospital, although it wasn't that much.
Thank you all who donated : )
https://t.co/3YRv6hDpDR
Thanks to all who decide to donate for my open source projects in the past year! The total collected sum will be dedicated to charity.
If you are interested to contribute to this project, please reach out!
Short-term goal: Consolidate the frontend and backend projects.
Long-term goal: Transition to a frontend-only application by eliminating the backend.
Remember maldocs with XOR encryption back in 2020?
I crafted a decryptor and integrated it with my msoffcrypto-tool fork 3 years back!
Guess what? it is now merged with https://t.co/RRGEPNBCu6 main branch! Tnx @nolze : )
Context: https://t.co/eOzTV4Yr9G by @JohnLaTwC
ICYMI, looks like a campaign with XOR encrypted XLS with the VelvetSweatshop password. 0 AV detects.
cc/ @BouncyHat
📎https://t.co/REcCd1eiTw
📎https://t.co/jXgcoF1B8e
📎https://t.co/zVjImK7YR0
📎https://t.co/jTEhv948lp
👉https://t.co/tFHBelXUX4
📄https://t.co/ue7ft6eIHa
@decalage2 Great to hear that! if you need a hand, let me know; I would love to contribute...
Thrilled to announce my move to @Amazon as a senior security engineer! Leaving the amazing team at @Microsoft was a tough call—they're truly incredible people. However, I'm buzzing with excitement for this new chapter and the opportunities it holds.
@nolze Awesome! I created a pull request (https://t.co/LBRfCGb6GW)
Encountered a few merge conflicts with master. If you have time, plz go ahead and resolve them. Otherwise, I will try to do it. It may take some time for me to get back to it though.
Context: https://t.co/eOzTV4Yr9G
ICYMI, looks like a campaign with XOR encrypted XLS with the VelvetSweatshop password. 0 AV detects.
cc/ @BouncyHat
📎https://t.co/REcCd1eiTw
📎https://t.co/jXgcoF1B8e
📎https://t.co/zVjImK7YR0
📎https://t.co/jTEhv948lp
👉https://t.co/tFHBelXUX4
📄https://t.co/ue7ft6eIHa
@Mao_Ware I thought # of interviews is equal to number of companies; still impressive though
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.8M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.2M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.5M followers
KATY PERRY
@katyperry
86.7M followers
Taylor Swift
@taylorswift13
80.5M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.3M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.4M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
60.9M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers