RT @cyb3rops: Repeat after me: . Patching an already compromised system won’t solve the problem. #PaloAlto.

RT @0xdabbad00: CISA is requiring all Federal agencies to disconnect Ivanti products by Friday at midnight (Ivanti Connect Secure & Ivanti….

RT @DCSO_CyTec: Our newest article provides a closer look at recent reporting on Volt Typhoon's "JDY" botnet management, which suggests tha….

RT @4A4133: I'm looking to contract someone who can convert JA4+ into Zeek scripts. Anyone know of any Zeek experts who could take on the e….

RT @DCSO_CyTec: #ShortAndMalicious.Our researchers recently discovered an installer for the mandatory 🇷🇺Russian tax filling software "Sprav….

RT @sigma_hq: We're pleased to announce the launch of our new website. Access resources, documentation, and community projects to enhance y….

👇.

Elasticsearch keyword searches are fast and fine but misses case-insensitive searches. Event-Query-Language (EQL) sounds like a valuable answer for many security related use cases. Today I'm allowed to release pySigma-backend-elasticsearch (v1.0.8 ) with a EQL Support. @sigma_hq.

RT @alexanderjaeger: 🕶️🧐👀🥷🥁A new project by the Security Response team of @Google: It fills a gap I have seen for….

RT @abuse_ch: SERVICE UPDATE | Today, Twitter has revoked our access to their authentication API. The impact is submissions to the https:/….

RT @cyb3rops: How to piss off X using 6 words maximum?

RT @cyb3rops: For anyone asked to pay $$$ for a compromise assessment with the #3CX IOCs & YARA rules. You can use the free THOR Lite scann….

Hey @MITREattack ,.why are there two different GH Projects for nearly the same content?.and. Why does attack-stix-data contains the "x_mitre_version" and cti doesn't?.

@sigma_hq Also the pySigma-backend-opensearch got some updates - mainly caused by the version bump from ES.

Just released a fresh version of pySigma-backend-elasticsearch. More tests for more stable development, based on the latest pySigma 0.8.12. Far better `|re` functionality. Update before its cold 😃. @sigma_hq.

RT @adulau: A huge thank to @Joseliyo_Jstnk for the work on converting automatically @sigma_hq rules into a @MISPProject galaxy. I finally….

APT41 — The spy who failed to encrypt me by @DCSO_CyTec

RT @cyb3rops: #MalwareSharing

RT @cyb3rops: RT bc it’s almost Christmas 🎄.

RT @r3c0nst: (1/7) How to debug a malicious .net dll using #DNSPY.Recently I got asked if it is possible to debug a malicious .net dll usin….