You can find me here:

RT @Antonlovesdnb: Coming up on my 1 year anniversary with @HuntressLabs ! . Taking this opportunity to go over some things myself and the….

RT @objective_see: Not only is @HuntressLabs a generous supporter of our Foundation, they also consistently publish top-notch research on e….

RT @birchb0y: excited bc today @HuntressLabs is releasing our analysis of a gnarly intrusion into a web3 company by the DPRK's BlueNoroff!!….

Mac's don't get viruses, right? 🍏. Deepfake Zoom calls. AppleScript lures. Rosetta 2 abuse. Plenty of custom malware: Nim backdoor, Go infostealer, Obj-C keylogger, and more!. Amazing write-up by @birchb0y, @stuartjash, and Jonathan Semon 🔥. 🔗

As more companies deploy the @HuntressLabs SIEM, we've enjoyed finding the "Door Rattlers"🚪. We see an attacker failing to log in across a number of environments and then eventually succeeding in 1 organization. PhotoCred: @Purp1eW0lf. Stopping attacks at initial access ❤️

RT @Wietze: @MITREattack 📢 Shout-out to #HijackLibs's many contributors, including recent additions from @cyberraiju, @xorjosh, @0xffaraday….

RT @SecurityYamato: Just updated our documentation on using Timesketch to analyze Hayabusa results:.It includes an….

RT @jhencinski: Big news! I've joined @rapid7 as VP of Threat Detection and Response. Energized to lead our #MDR into its next phase of gro….

RT @CyberRaiju: Yeah 😓, this is done through a tracking template. They set the final URL to be a legitimate website, but then with the tr….

RT @CyberRaiju: This is really big at the moment and you should absolutely be looking at your M365 logs to identify this activity. https:/….

RT @magicswordio: 🚨 The RMM threat landscape is evolving! 🚨. Recent attacks, like those highlighted by @HuntressLabs 🛡️ & CERT-UA 🇺🇦, show….

RT @CyberRaiju: 👀 A threat actor has cloned the California Freights website, modified it, is gathering information, and trying to make it f….

RT @nosecurething: New @huntress blog where @birchb0y @Laughing_Mantis and I tell the story of 🕵️and 🤜 ➡️🗑️ some cyber espionage activity i….

RT @jsecurity101: WOOOOOO!!!! Come hang on Jan 24th! Super excited to hang at @AtomicsonaFri to talk about JonMon2.0.

RT @blackshadow676: Hi Everyone.I have created a website for anyone who is interested in cyber security. This has information on courses I….

RT @wbmmfq: Today we observed a threat actor use an executable that was built with Graal to run enumeration and deploy NetSupport to a host….

RT @wbmmfq: I've seen a program called "Let's Compress" being used on some hosts lately. It looks like a wrapper for 7zip with ads, nbd, bu….

This is my new BlueSky account:.