Olivia
Online
Paul Burbage
@hexlax
Co-Founder @MalBeacon | Board Member @BSidesCHS. Tweets are mine & should be dismissed as bourbon-fueled ramblings.
Charleston, SC
Joined July 2014
957 Following
3.3K Followers
2.2K Posts
check out the full https://t.co/GJqTh0gNGE operation report:
https://t.co/DoROeDOgNj
New blog: EDR telemetry links a ClickFix-style lure to Velvet Tempest → hands-on-keyboard activity consistent w/ Termite ransomware tradecraft.
Timeline + IOCs + defender takeaways (hunts/detections/hardening).
(link in thread)
Remote Monitoring and Management (RMM) tooling is taking over the cybercrime landscape. And it keeps growing. 🤖
In partnership with DeceptionPro, we observed follow-on activity from a Bluetrait campaign in an environment built to resemble a travel company.
The result? Even more RMMs. https://t.co/E9od2hjbU3
Indtroducing: What is this stealer?
A new repository that allows for you to identify Stealer malware by the system information text file format commonly included in stealer malware exfiltration.
We encourage everyone to check it out and contribute!
https://t.co/PWvlGIXJpi
@ChasWaterSystem Then why are we getting official mailings from HomeServe with CWS endorsement?
Some major feature additions coming to #MalBeacon portal this weekend thanks to @fr3dhk!
For now, here's a little teaser:
If you use 3CX software, I highly recommend looking for these indicators and also looking for suspicious activity from any 3CX processes. If you aren't sure if you use this software, check! https://t.co/B03ftjmVgo
Free tickets for the Malware & Reverse Engineering Conference 2023. This is great, and special thanks to @oceania_cyber for their generosity. DM OCSC for your free ticket. https://t.co/QuysYf5grE @fancy_4n6 @GyledC @awsn_au @hexlax @DefenceScience @DSI_VIC @MattTett @push_pnx
@USCGSoutheast RIP @VK_Intel - may all the folks in the industry that you inspired continue to carry the torch in your honor.
Miss you bro
Over 1 MILLION beacons from threat actors received!
#MalBeacon
brace yo self!
#Emotet
We have been following this situation since the module first showed up on Monday at 0745UTC on E4. As of today at 1330UTC, the module is now being deployed to bots on the E5 botnet as well. This looks to be a new development for Emotet and maybe soon a reawakening. Stay tuned.
100% this!
2/2
If you are an org that is using AteraAgent for remote administration, you should consider alerting on all emails that don't match your org's domain.
Here is the Emotet report:
https://t.co/DkvV8pdABI
Pretty apparent that indicator feeds are having a hard time spotting the actual #formbook / #xLoader C2s amongst the decoys..
🤔🤔🤔🤔
#MalBeacon
Congrats to @skier_t and @hatching_io team!
@RecordedFuture picked up some amazing talent here!
https://t.co/0DAWpsY9vS
Trends for you
Most Popular Users
Elon Musk 
@elonmusk
240.2M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.1M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.9M followers
Taylor Swift
@taylorswift13
80.7M followers
Lady Gaga
@ladygaga
72.3M followers
Kim Kardashian
@kimkardashian
69.4M followers
Virat Kohli
@imvkohli
68.7M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.5M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.2M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60M followers