Kris McConkey

@smoothimpact

and lead @ PwC. Data mining, hunting & malware. Christian, husband, dad, coffee addict & bad photographer. Tweets my own, not PwC's.

UK
Vrijeme pridruživanja: rujan 2009.

Tweetovi

Blokirali ste korisnika/cu @smoothimpact

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @smoothimpact

  1. proslijedio/la je Tweet
    28. sij
    Prikaži ovu nit
    Poništi
  2. proslijedio/la je Tweet
    27. sij

    Amazing: a termite track (top) and an ant track (bottom) • each travelling insect is protected by its own column of soldiers, no fights necessary | 📹 via Mehdi Moussaid

    Poništi
  3. proslijedio/la je Tweet

    *Darktrace sales person sits up in their chair and opens LinkedIn search*

    Poništi
  4. proslijedio/la je Tweet
    20. sij

    A write up of PowerShell obfuscation using SecureString: an obfuscation technique that has so far not received the attention it deserves. Your EDR might decode Base64 encoded strings, but will it automatically decode SecureString objects? Probably not. 🟠

    Prikaži ovu nit
    Poništi
  5. proslijedio/la je Tweet
    13. sij

    Recently I had to analyse some PowerShell scripts with `ConvertFrom-SecureString` obfuscation in it. I couldn't find a simple online tool to decode, so I built one myself. 👉 Live: 👉 Code : Feedback welcome!

    Prikaži ovu nit
    Poništi
  6. proslijedio/la je Tweet

    So glad to hear that attendees found my writing presentation useful! For those who couldn’t be there, here’s the rating sheet for the Right Information: Threat Reports that I shared:

    Poništi
  7. proslijedio/la je Tweet
    20. sij

    How many orgs have looked to complement their traditional intel reporting with other formats? For example, a 2-3 minute video that summarizes the assessment? Some of your stake holders might respond better to video.

    Poništi
  8. proslijedio/la je Tweet
    20. sij

    Threat Report . Mapping (TRAM) is a tool to aid analyst in mapping finished reports to ATT&CK.

    Poništi
  9. proslijedio/la je Tweet
    19. sij

    We're kicking off SANS with our version of everyone's favorite answer-and-question game! Hosted by our very own Alex TRebekah Brown () and featuring our contestants , David J. "Pyramid of Pain" Bianco and Scott Roberts.

    Poništi
  10. proslijedio/la je Tweet
    14. sij

    Check it out - registration is open! The talks we've accepted are awesome, and it was tough to choose because there were so many excellent submissions. The agenda is in progress, but my advice is to register now. 😉 Hope to see you there!

    Poništi
  11. proslijedio/la je Tweet
    8. sij

    With rising geopolitical tensions and the alert on the potential for a cyber response to recent global events, we've written a blog on how organisations can respond by rapidly mobilising activities to reduce cyber risk

    Poništi
  12. proslijedio/la je Tweet
    6. sij

    1/ If you are walking into work today worried about how to defend against the cyber threat posed by Iran, ‘s tweet still holds as true as ever: focus on defending against Emotet and the ransomware attacks being launched from it

    Prikaži ovu nit
    Poništi
  13. proslijedio/la je Tweet
    7. sij

    The CTI Summit is almost here! was nice enough to give us a discount code for the CTI Summit this month. Use the code "CTIPOD20" to get 20% off. Check out the agenda here: was featured in our latest episode!

    Prikaži ovu nit
    Poništi
  14. proslijedio/la je Tweet
    2. sij

    Threat intel summed up in GIFs

    Prikaži ovu nit
    Poništi
  15. proslijedio/la je Tweet
    30. pro 2019.

    New: WSJ investigation into China’s Cloud Hopper cyber espionage campaign finds a scope of victims broader than known, as service providers struggled to kick out hackers. U.S. officials over time grew panicked about federal agency exposure. W/

    Poništi
  16. proslijedio/la je Tweet

    Lots of outstanding content here, go grab those PDFs! 😄 You can find ’s and my slides on and the overlaps between and here: So grateful I got to present this research, feedback welcome 🤓

    Poništi
  17. 27. pro 2019.

    Most fascinating thing observed over Christmas: The bond which can develop over 5 days between an 18 month old toddler and a 4 month old kitten.

    Poništi
  18. proslijedio/la je Tweet
    22. pro 2019.

    Nobody has said anything about my base64 modifier work in YARA. I finally fixed the last remaining bug I knew about and have now put it up for review: . Last chance to speak up - I really don't want to have to break backwards compat in the future!

    Poništi
  19. proslijedio/la je Tweet
    20. pro 2019.

    A little christmassy APT poem: 'Twas the night before Christmas, when all through the net Not a creature was stirring, not even a RAT; The signatures were hung in VirusTotal with care, In hopes that threat actors soon would be there;

    Prikaži ovu nit
    Poništi
  20. proslijedio/la je Tweet
    11. pro 2019.

    2019-12-11: 🔥[Discovery/] "The Deadly Planeswalker: How Group United High-Tech & " ⚓️Enters APT Game 1⃣ 🇰🇵, Nexus | 2⃣ 🇷🇺 Point-of-Sale (POS) , FIN Nexus ht , Joshua Platt

    Prikaži ovu nit
    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·