Why I’m Leaving Twitter – A Thread. 1/ If you know me on a personal level, you’ll know I don’t do backflips. This decision hasn’t been taken lightly. It’s hard to leave behind the community we’ve built, but if you care to understand why, keep reading.

10/ If you want to stay in touch, you can find me on LinkedIn, Bluesky, or Mastodon.

9/ The community we’ve built doesn’t have to stay tied to one platform. Times change, platforms change, but the relationships we’ve formed can endure. Let’s find new ways to keep connecting and supporting one another.

8/ To everyone who has been part of this journey, thank you. Your support, conversations, and connection have meant the world to me. This isn’t a goodbye forever, but a transition to other spaces where we can continue building and collaborating.

7/ I might even set my account as protected and disengage completely. While I haven’t finalized that decision, one thing is clear: my time actively participating on Twitter has come to an end.

6/ Going forward, I will no longer post on Twitter. My account will remain open only for those who need to reach me via DMs. My first response to any message will be: “Let's chat over XXX platform".

5/ But I can’t, in good conscience, continue to support this platform and its current owner. The direction it has taken doesn’t align with the values I believe in, and staying active here feels like a tacit endorsement of that direction.

4/ I know I’m not alone in feeling this way. Many of us in the InfoSec community have spent years creating virtual friendships, sharing knowledge, and supporting each other here. That history makes stepping away even harder.

3/ Feeds feel manipulated, forcing certain narratives into view. Instead of authentic discussions, we’re pushed to engage with what benefits the oligarch who owns the platform. It feels like we’ve become pawns in someone else’s agenda.

2/ Elon Musk’s acquisition of Twitter fundamentally changed the platform. What used to feel like a space for genuine, thoughtful engagement in the InfoSec community has turned into something I can no longer support.

RT @404mediaco: Decentralized social media Is the only alternative to the Tech Oligarchy. 🔗

Turns out the real secret to better CPMs is uploading to the "forbidden" platform. 😏. - @_JohnHammond @mattjay @cybercdh @NetworkChuck @MyDFIR when are you. branching out?! 😂😂. Rumours have it that you can negotiate better deals for "penetration testing" topics 😆

🎙️ New podcast is live - Mastering Malware Analysis: Tools, Techniques, and Insights. I enjoyed making this one. Covers a lot of things that I always get asked about. Hope you find it helpful & educational 🙂. 🎧 Check it out: Let me know what you think!.

We had fun discussing our latest report on a podcast episode. We breakdown the more_eggs malware and getting into the mindset of the threat actor. You’ll listen to what we’re thinking of when analyzing the intrusion. Check it out from the provided links 👇.

4/4.I'm just giving credit where it’s due, and I always say something positive rather than anything negative about a product.

3/4.PS* To clarify, no vendor is paying me or anyone reviewing PR requests in the EDR telemetry project to say or do anything. I want to make this clear because I've had more than one person say sh*t like that.

2/4 .I've tested and experimented with many EDRs, and I can count the number of EDRs that provided that level of information on one hand. Makes me happy to see that level of information making their way to the end user! Kudos 👏.

1/4.I've been testing the Cylance EDR so I can add it to the EDR Telemetry project, and I'm pleasantly surprised by some of the detailed logs it has. Take the screenshot below; you can see API calls and COM operations.

I just finished editing the next episode of the "InfoSec Deep Dive" podcast. It's one of the best ones I've made!. It'll be on malware analysis. It covers everything you need to know to get started, as well as some advanced topics!. 🔗Follow the pod here:

Ever👏Single👏Time👏 😂😂😂