TheSeanPaul
@TheSeanPaul1Sr. Cyber Threat Hunter | BlueTeam | Fitness Fanatic | InfoSec | NotTheReggaeRapper
Similar User
@Larci007
@Ryen_Mac
@Banker69
@WattSec_
@A1m33_m
@m8_brh
![John [L0wD0wN] photo](https://pbs.twimg.com/profile_images/1164246181251375104/nDbmTRvl_x96.jpg)
@CyberLowdown
@t_gidwani
@sayan4n6
@FoxtrotBugcrowd
@VeryVillanous
@obfusc8d
@BillieGoatin
@s2jeff_gh
@SecureSteveG
Denver already letting Russ cook more than he ever did in Seattle
#DenverFireDepartment crews are extinguishing a fire at Mile high stadium, 1701 Bryant. Unknown cause at this time, but fire affected has affected the suite are and the third level seating area.
.@FBI and @CISAgov have information indicating APT actors are using multiple CVEs to exploit Fortinet FortiOS vulnerabilities. Recommend immediate action.
APT actors are scanning for vulnerabilities with Fortinet FortiOS to gain access to multiple government, commercial, and technology services networks – read our joint cybersecurity advisory with the @FBI: go.usa.gov/xHx4D
Yo, I heard there was some issue going on with Exchange servers out there. In the spirit of making things suck less, I rewrote my iisGeolocate tool to work MUCH better. if you need to find geoip info from iis logs, check it out! it logs bad data, pulls unique IPs to a file
winword (drops & load an injector dll) -> inject into tracert.exe -> drop openvpn-gui.exe (legit/signed set to persist via Startup & Task) & side-loads libcrypto-1_1.dll (injector) -> spawn notepad.exe -> cmd.exe (remcos RAT as payload) sample example app.any.run/tasks/43b6c05a…
Check out the Elastic security response to HAFNIUM Activity! discuss.elastic.co/t/detection-an…
Microsoft Exchange Server Attack Timeline dlvr.it/RvRrLL #Unit42 #CVE202126855 #CVE202126857
Out of the 140 known C2 servers we are tracking at OVH that are used by APT and sophisticated crime groups, approximately 64% are still online. The affected 36% include several APTs: Charming Kitten, APT39, Bahamut and OceanLotus.
At no time have companies scrutinized themselves the way they’re scrutinizing researchers. Through published POC’s we can better understand the methods being abused. Killing off POC’s and offsec tools will cost defenders a lot of visibility.
Wow, I am completely speechless here. Microsoft really did remove the PoC code from Github. This is huge, removing a security researchers code from GitHub against their own product and which has already been patched. This is not good. vice.com/en/article/n7v…
an example of a hunting EQL for suspicious traffic from IE (via COM): github.com/elastic/detect…
Please note: the #Gozi execution isn't triggered by interaction with applications that don't send requests. On the screenshot, Winword, Explorer, and Winrar didn't do work but after Chrome was opened, trojan executed Internet Explorer via COM
should be rare (potential hunt) rundll32.exe (and alike) with process command_line containing module paths using forward slash.
Recently, @CRN named BlueVoyant as a finalist in the 2020 Tech Innovator Awards in the Security – #MDR category. This award recognizes the top MDR providers worldwide, creating opportunities for partners during this unprecedented period. crn.com/rankings-and-l…
Have you been impacted?? Great read!! #SolarWindsOrion #bluevoyant #CyberSecurity
Get the latest details about the attack and learn how you can protect your organization #cybersecurity #breach #databreach ow.ly/FM4H50CM4rN.
Love it - tis the season
Who's excited for Advent of Cyber? 😎 🟢 Completely free 🟢 Over $13k worth of prizes 🟢 Beginner friendly 🟢 Certificate of Completion 🟢 Featured tasks by @thecybermentor @_johnhammond @darkstar7471 @TibSec tryhackme.com/christmas 8,000+ users have already joined, have you?
My home setup now feels like shit... time to upgrade @mcichocki
Who's excited for Advent of Cyber? 😎 🟢 Completely free 🟢 Over $13k worth of prizes 🟢 Beginner friendly 🟢 Certificate of Completion 🟢 Featured tasks by @thecybermentor @_johnhammond @darkstar7471 @TibSec tryhackme.com/christmas 8,000+ users have already joined, have you?
Great read here - no one is safe
#Ransomware has adapted to compromise #Linux servers as well as #Windows. forbes.com/sites/daveywin…
Great set of guys to tune into! sign up! #bluevoyant #CyberSecurity #Microsoft #Microsoft365
Join BlueVoyant's @HeatonMicah, @ManagedSentinel's @AdiGri & @Microsoft's @RDiver for a joint discussion around the #Microsoft365 security journey tomorrow at 2pm EST. Sign up now! redmondmag.com/webcasts/2020/…
when a user choose to run a program as another user (right-click + shit), the process lineage will be a child of rundll32 with cmdline value like "SHELL32.dll,RunAsNewUser_RunDLL Local\{4ddb9f3f-700c-4bd6-9fc0-eaf85c01d25b}."
United States Trends
- 1. Bama 26,5 B posts
- 2. Miami 95,9 B posts
- 3. Clemson 13,7 B posts
- 4. South Carolina 22,3 B posts
- 5. XDefiant 7.852 posts
- 6. Cam Payne N/A
- 7. Warde Manuel 1.508 posts
- 8. Africa 259 B posts
- 9. Ubisoft 7.121 posts
- 10. #CFBPlayoff 4.057 posts
- 11. $DCARS 6.120 posts
- 12. Gundam 91,2 B posts
- 13. Lindsey 25,5 B posts
- 14. #tomatoJay 2.422 posts
- 15. Cade Phillips N/A
- 16. Committee 176 B posts
- 17. Hegseth 123 B posts
- 18. The CFP 11,6 B posts
- 19. #GivingTuesday 61,5 B posts
- 20. Luke Goode N/A
Who to follow
-
Larci
@Larci007 -
Ryen M
@Ryen_Mac -
DaBanker
@Banker69 -
_
@WattSec_ -
@𝕚𝕞𝕖𝕖 👩🏼💻
@A1m33_m -
MrM8BRH 🇵🇸
@m8_brh -
![John [L0wD0wN] photo](https://pbs.twimg.com/profile_images/1164246181251375104/nDbmTRvl.jpg)
John [L0wD0wN]
@CyberLowdown -
Toni Gidwani
@t_gidwani -
Sayan Kr Dey 🇮🇳
@sayan4n6 -
foxtrot.sol
@FoxtrotBugcrowd -
Cyber Villain 🛡️
@VeryVillanous -
obfusc8d
@obfusc8d -
Billie
@BillieGoatin -
s2jeff
@s2jeff_gh -
SecureSteve
@SecureSteveG
Something went wrong.
Something went wrong.