Time to leave this platform. If you like to contact me professionally, find me on LinkedIn

Hope to see you virtual there!

Did a 10 minute lightning talk at @SEC_T_org analyzing the an ESXi ransomware from the new group Cicada 3301 and how we see links to the debunked RaaS BlackCat. https://t.co/HI16XAQpT0

I am glad and humble that @BleepinComputer picked up the analysis I did with @WahlenPMattias regarding Cicada 3301 ransomware and possible connections to AlphV/BlackCat.

CrowdStrike pushes the ultimate security update. All computers become unhackable.

So LockBit = Booger Toilet Sniffer BlackBasta = Lumpy Toilet Head Play Ransomware = Doofus Gizzard Tush So @SwiftOnSecurity @GossiTheDog @rj_chap @TheDFIRReport @thegrugq @BushidoToken @cyb3rops as being CTI though leaders. Are you with me on silly mission?

So, Threat Intel community. I think we should change the way we name threat actors, from sound as villains to a more appropriate convention showing their true colors. My suggestion is that we turn to Captain Underpants “Professor Poopypants name change-o-chart 2000”

@rj_chap might be of your interest ;) @TheQueenofELF thanks for giving inspiration and laying the groundwork with your amazing talk on the subject matter.

Anders Olsson’s and my talk from Security Fest. Get insights how VMware/ESXi ransomware works, how to recover, how to do incident response and how to protect for it. Also how Captain Underpants can assist in Threat Intelligence. https://t.co/CRXTMIMQpe #Truesec

It is a first for me to be featured in @BleepinComputer , so I am very to announce that @nordenlund and my work was featured there today. https://t.co/yYTIWOjpeF

Did an investigation regarding DarkGate delivered by Teams together with my fantastic colleague Jakob Nordenlund at @Truesec. A lot of good IoC for all defenders! https://t.co/lyJtDYZFnh

Jag beklagar djupt Nobelstiftelsens beslut från igår att bjuda in Rysslands och Vitrysslands ambassadörer till den kommande Nobelprisutdelningen den 10 december 2023. Jag har flera frågor till den ansedda Nobelstiftelsen – vad har förändrats sedan förra året, när er organisation

New blog post based on a recent intrusion I observed with #Ursnif as the initial infection! Topics include: ✅ Detection opportunities ✅ TAs clipboard data ✅ Post-exploitation and more! The artifacts for this case: https://t.co/jTDVVL3pLp The blog:

All good things most unfortunately come to an end. I have decided to retire from @TheDFIRReport to focus on other things. It has been an awesome time and I love what @TheDFIRReport do for the community. Thank you for everything!

Time for a quick visit on the #DarkWeb? 💻 Join our #ThreatIntelligence specialists @cstromblad and Jolina Pettersson for our webinar to learn about: ✔️ Infostealers: how they work ✔️ Demo: Dark Web marketplace ✔️ Signs to predict #cyberattacks Sign up: https://t.co/N2fGhbUxDH

I had the absolute pleasure to speak at the SANS CTI Summit about cracking ransomware tooling. It is now available at SANS DFIR YouTube channel. https://t.co/G5N55RDKqp @sansforensics

Best read of the day! Amazing report with a lot of great insight for all defenders out there.

Anonymous Sudan: most likely Russia disrupting Swedens🇸🇪 NATO-application. Today, Truesec’s #ThreatIntelligence Unit released a report which explains how the "Anonymous Sudan" has nothing to do with the online activists collectively known as Anonymous. https://t.co/eYZ1ymyaa1

Behold the latest addition to the Marvel cinematic universe: IRQL_NOT_LESS_OR_EQUAL man

Thank you very much @TheDFIRReport ! Looks really awesome.