![Enno_Insinuator's tweet photo. Very solid PhD thesis on DNS security:
Everything in Its Right Place. Improving DNS resilience
https://t.co/CPSQbzf0aq [PDF] https://t.co/o0XhWBbFcj](https://pbs.twimg.com/media/F0SlP6yWIAA_OPh.png)
Olivia
Online
Hari Charan
@grep_security
threat research • threat Intelligence • cloud security• supplychain security & random | Director of security research @Loginsoft_Inc
-
Opinions are my own
127.0.0.1
Joined July 2015
143 Following
548 Followers
3.6K Posts
Pinned Tweet
Here I created a quick map of resources if you're interested in hunting/tracking
malware & actors. You learn different techniques employed by researchers in our community.
https://t.co/PPKpgYu22m
If you don't want to signup for Mural, try this link
https://t.co/ZzpQsRW5tb
The latest Vulnerability Intelligence Report by Loginsoft reveals crucial trends in ransomware activities for the Year 2023.
https://t.co/D4UuNPWxHN
#ThreatIntelligence #Ransomware #VulnerabilityManagement #RiskManagement #InfoSec #VulnerabilityIntelligence
@Kostastsale @JayInfoSec @SOC_Prime But for the conversion of one SIEM query to another without using Sigma,I think it need a great effort to put in terms of research and dev.
I spent good no.of hours just translating Azure KQL to Splunk SPL but still, I am not confident that it is well-optimized w.r.t performance
@Kostastsale @JayInfoSec @SOC_Prime If you're looking for a conversion of Sigma to SIEM queries then we can either use sigmac or pysigma from the authors of Sigma itself. If we are fancy on UI then Socprime released opensource tooling
https://t.co/g4P6a6U9s2
Who to follow
Matthew 
@embee_research
Security Researcher, Creating and Sharing Educational Content.
Ankit Anubhav
@ankit_anubhav
Voice of IoT Security & awareness. I make the world of IoT a safer place.
Ex- McAfee / FireEye / NewSky
Team Cymru Research
@teamcymru_S2
Follow us for the latest blogs, detections, and IOCs from the Team Cymru Research Team.
A part of @teamcymru.
Researchers uncover Statc Stealer, a dangerous #malware targeting Windows devices. It steals login data, cookies, #cryptocurency wallets, and sensitive information.
Find out more in this: https://t.co/WyQgInHndu
#cybersecurity #hacking #datasecurity
New findings: QakBot #malware operators set up 15 new command-and-control servers, raising questions about their activities during the 'break' period.
Read more: https://t.co/gYYc9zIW4k
#cybersecurity #technology
🚨 A Russian nation-state actor, Turla, strikes again with the powerful DeliveryCheck backdoor. Learn how it breaches #Microsoft Exchange servers and exfiltrates sensitive messages from Signal app.
Read more 👉 https://t.co/Z4uMfTZOrS
#cybersecurity
Microsoft has identified highly targeted social engineering attacks by the threat actor Midnight Blizzard (previously NOBELIUM) using credential theft phishing lures sent as Microsoft Teams chats. Get detailed analysis, IOCs, and recommendations: https://t.co/1Ywtrlnme6
In May, we observed a threat actor (TA) exploit PaperCut NG (CVE-2023-27350) to download/execute a Havoc C2 binary.
➡️The TA then reviewed tasklist before dumping credentials using Mimikatz.
➡️Next, the TA downloaded numerous RMM tools.
https://t.co/k8UVEOdKTQ #AllIntel
1/X
Under investigation: During a hunt for DLL sideloading abuse of vmnat.exe, Sophos X-Ops uncovered a campaign targeting an organization in Southeast Asia. Aligning with TTPs previously attributed to the Mustang Panda threat group, we unraveled a complex, sustained intrusion. 1/10
Into the tank with Nitrogen https://t.co/1GToTQ6QjI
North Korean state actors linked to the RGB have been identified in the JumpCloud hack! An #OPSEC mistake exposed their IP address.
Find details here: https://t.co/3CMAw7tQZx
The new report also uncovers the use of malicious Ruby scripts and payloads like FULLHOUSE.DOORED, STRATOFEAR, and TIEDYE.
#cyberattacks #cybersecuritytips #technology
AVrecon, a stealthy SOHO router botnet, has silently grown for over 2 years! Over 70,000 routers infected, spanning 20 countries.
Find details here: https://t.co/IvlJSXLTcA
#cybersecurity #informationsecurity #hacking
Citrix Gateway VPN compromised via CVE-2023-3519 (a critical unauthenticated RCE) shows evidence of exploitation on 7th July, 11 days before the official patch.
The attackers exfiltrated the system configuration file to then probably use the Metasploit module called "citrix_netscaler_config_decrypt" and gain access as the user "nsroot" (full system access), other important secrets about the network and internal users are leaked.
Webshell/backdoor logout.php has 0 detections in VirusTotal, I shared it here: https://t.co/IyrrM0yNfn
🚨 If you performed the update process to mitigate this vulnerability, assume that you might be compromised and perform a full assessment of the instances and users involved.
Follow these recommendations:
- https://t.co/js49XLDHX4
- https://t.co/js49XLDHX4
⚠️ Researchers uncover first-ever open-source software supply chain attacks targeting banks!
🏦 #Malware authors posed as employees, tricked users with preinstall scripts, and cleverly used Azure's CDN subdomains.
Read details: https://t.co/qmLBemzLus
#cybersecurity
New blog post based on a recent intrusion I observed with #Ursnif as the initial infection!
Topics include:
✅ Detection opportunities
✅ TAs clipboard data
✅ Post-exploitation
and more!
The artifacts for this case: https://t.co/jTDVVL3pLp
The blog: https://t.co/cgKYZGaNFq
Cybercriminals are leveraging exploits for CVE-2021-40444 and CVE-2022-30190 to execute code through malicious Word files. Once opened, LokiBot #malware is downloaded, logging keystrokes, capturing screenshots, and stealing data.
Read: https://t.co/Sj7WBZHGBO
#cyberattack
🚨 ALERT: Increased #Truebot malware activity targets U.S. & Canada organizations.
🤝 Joint advisory by @CISAgov, @FBI, @CISecurity's MS-ISAC, & @cybercentre_ca reveals new variants exploiting #Netwrix Auditor vulnerability.
🔗 https://t.co/04ZzAWnmMn #Cybersecurity
Microsoft Incident Response's investigation of a BlackByte 2.0 ransomware attack that progressed in less than five days highlights the importance of disrupting common attack patterns, stopping attacker activities that precede ransomware deployment: https://t.co/oEpIpJuu1j
Very solid PhD thesis on DNS security:
Everything in Its Right Place. Improving DNS resilience
https://t.co/CPSQbzf0aq [PDF]
![Enno_Insinuator's tweet photo. Very solid PhD thesis on DNS security:
Everything in Its Right Place. Improving DNS resilience
https://t.co/CPSQbzf0aq [PDF] https://t.co/o0XhWBbFcj](https://pbs.twimg.com/media/F0SlRz6WIAg2SG9.png)
Last Seen Users on Sotwe
Most Popular Users
Elon Musk
@elonmusk
240.6M followers
Barack Obama
@barackobama
119.2M followers
Donald J. Trump
@realdonaldtrump
111.7M followers
Cristiano Ronaldo
@cristiano
110.5M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.6M followers
NASA
@nasa
92.2M followers
Justin Bieber
@justinbieber
90.9M followers
KATY PERRY
@katyperry
87.6M followers
Taylor Swift
@taylorswift13
81.5M followers
Lady Gaga
@ladygaga
73M followers
Virat Kohli
@imvkohli
69.8M followers
Kim Kardashian
@kimkardashian
69.8M followers
YouTube
@youtube
68.7M followers
Bill Gates
@billgates
63.9M followers
Neymar Jr
@neymarjr
62.6M followers
The Ellen Show
@theellenshow
62.4M followers
CNN
@cnn
61.9M followers
X
@x
60.8M followers
Selena Gomez
@selenagomez
60.7M followers