Ronnie Salomonsen bsky @r0ns3n.dk
@r0ns3nAdversary Methods - Research & Discovery (RAD) Team @Mandiant - Now Part of @GoogleCloud. Former DFIR, Malware & Network Analyst. All tweets are my own.
Similar User
@williballenthin
@mittypk
@MrDanPerez
@M_haggis
@asfakian
@greglesnewich
@3dRailForensics
@bryceabdo
@rufusmbrown
@stevemk14ebr
@malwaresoup
@dez_
@TekDefense
@tylabs
@siedlmar
Another #CVE-2022-23296 of mine just got published. #Microsoft #Windows Installer contains a local privilege escalation #vulnerability. #Mandiant #MYOW #UpdateNow #MandiantVulnerabilityDisclosure github.com/mandiant/Vulne…
#SaveTheDate 🚨🚨🚨#PIVOTcon25 is coming: 7-9 May 2025 👀👀👀 Book your calendars to sit with us on the #yellowsofa and listen to the top threat intelligence research and analytical pivots 💪 #CTI #ThreatIntel New venue ⬇️ 🇪🇸 🏖️ 1/3
Empowering Gemini for Malware Analysis with Code Interpreter and Google Threat Intelligence @googlecloud cloud.google.com/blog/topics/th…
🚨 Check out the new #BehindTheBinary Podcast hosted by @jstrosch !🎙️ Dive into the stories of those unraveling technology's complexities. Listen to the first episode with @nickharbour, a #ReverseEngineer on the Mandiant FLARE team. 🎧 open.spotify.com/show/3yWgmIuhW…
A Happy Halloween from the MITRE ATT&CK team with a special treat: ATT&CK v16.0, including new spooky behaviors and ghoulish groups, as well as revisions and contributions, to satisfy your every #infosec need! Check out @supremrobertson’s release blog at medium.com/mitre-attack/a…
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives @googlecloud cloud.google.com/blog/topics/th…
I'll be talking about the EDR project in this week's "Atomics on a Friday" and possibly show how to collect the telemetry for evaluation using Atomics. I'll also be answering any questions live and sharing future roadmaps. Hope to see you there! 🙂🎃
🎃 Get ready for a spooky special! This Friday on Atomics on a Friday, we're diving into chilling cyber attacks, eerie atomic red team simulations, and more! 👻 Special guests will be joining us for some Halloween thrills. Don’t miss it! 🎃 youtube.com/live/VGFT83MLR…
Static reports and delayed updates leave security teams struggling against fast-paced #cyberattacks. 👉 Tomorrow, join our experts to discover how dynamic #threatintelligence can help you stay ahead. Don’t miss your last chance to register! → bit.ly/48gOIPM
🚨 Breaking: A zero-day vulnerability (CVE-2024-47575) has been observed impacting Fortinet FortiManager devices, posing serious risks. Learn how the exploit works, and how to defend against the threat. Read more -> bit.ly/4hbqmuR #ThreatIntelligence
🌶️ Active Fortinet Zero-Day Exploitation ITW 🌶️ cloud.google.com/blog/topics/th… #zeroday #fortinet #inthewild
YARA-X 0.10.0 has been released. github.com/VirusTotal/yar…
YARA-X 0.9.0 has been released. github.com/VirusTotal/yar…
Great technical post on LummaC2 obfuscation and how to deobfuscate samples through symbolic backward slicing: cloud.google.com/blog/topics/th… 🫸🫷 @cPeterr and Nino!
#flareon11 game board is now open for early registration. Go claim your username. See you in two days! flare-on11.ctfd.io
Unicorn Engine (CPU emulator) v2.1.0 released with lots of goodies. I’m particularly interested in the memory snapshots/CoW support, to enable approximate emulation of all code paths, like we do in FLOSS. github.com/unicorn-engine… #reverseengineering #emulation
We've just released #flare capa v7.3.0 github.com/mandiant/capa/… Three major enhancements: 1. Support for VMRay sandbox analysis archives 2. Support for BinExport files generated by Ghidra 3. Introducing the capa rules website Plus several smaller fixes/updates and six new rules.
capa v7.3 out! Recently we’ve added: - Drakvuf and @vmray sandbox support - web interfaces for results, rules, and homepage - BinExport2 backend that enables aarch64 and Android analysis via Ghidra - …and of course lots of new rules github.com/mandiant/capa/…
Check out the capa Explorer web application for browsing capa results: mandiant.github.io/capa/explorer/
🚨 Mandiant has identified a North Korea nexus cyber espionage group, #UNC2970, targeting energy & aerospace with job recruiter lures. Access the full details → bit.ly/3MQzuXU
Announcing the 11th Annual Flare-On Challenge @googlecloud cloud.google.com/blog/topics/th…
United States Trends
- 1. Rams 33,3 B posts
- 2. Rams 33,3 B posts
- 3. Saquon 27,8 B posts
- 4. $CUTO 8.275 posts
- 5. #BaddiesMidwest 8.721 posts
- 6. Brandon Graham 2.920 posts
- 7. #PHIvsLAR 5.865 posts
- 8. #married2med 4.565 posts
- 9. #PrizePicksMilly 5.416 posts
- 10. Slay 44,6 B posts
- 11. AJ Brown 3.766 posts
- 12. Dickerson 1.325 posts
- 13. #RHOP 5.482 posts
- 14. Puka 7.753 posts
- 15. Stafford 5.996 posts
- 16. Sirianni 3.286 posts
- 17. Kenny G 1.399 posts
- 18. Jalen Carter 1.623 posts
- 19. Isaiah Rodgers N/A
- 20. Gainwell 1.649 posts
Who to follow
-
Willi Ballenthin
@williballenthin -
Mathew
@mittypk -
Dan Perez
@MrDanPerez -
The Haag™
@M_haggis -
Andreas Sfakianakis / @[email protected]
@asfakian -
Greg Lesnewich
@greglesnewich -
nick
@3dRailForensics -
Bryce
@bryceabdo -
Rufus
@rufusmbrown -
Steve Eckels
@stevemk14ebr -
Andy Moore
@malwaresoup -
Joe Desimone
@dez_ -
1aN0rmus
@TekDefense -
Tyler McLellan
@tylabs -
⚛️ Marcin Siedlarz
@siedlmar
Something went wrong.
Something went wrong.