Requiem
@Requiem_fr
Followers
3K
Following
4K
Media
368
Statuses
1K
Sr #DFIR guy at @Mandiant/@Google. Hardware lover. @CertSG alumn. Views are my own. 🦋 https://t.co/5Cja9ju0jd
póg mo thóin
Joined November 2010
We are releasing details on BRICKSTORM malware activity, a China-based threat hitting US tech to potentially target downstream customers and hunt for data on vulnerabilities in products. This actor is stealthy, and we've provided a tool to hunt for them.
cloud.google.com
BRICKSTORM is a stealthy backdoor used by suspected China-nexus actors for long-term espionage.
6
123
361
This article by Nicolas Stefanski at Synacktiv provides a high quality technical overview of our hardened_malloc project used in GrapheneOS: https://t.co/VmpQGTZSDE It has great coverage of the memory layout, memory tagging integration, slab quarantines and allocation approach.
synacktiv.com
Exploring GrapheneOS secure allocator: Hardened Malloc
7
71
452
The latest version of YARA-X allows you to parse #chrome extension files and review their metadata like homepage URL, Permissions, Signature and more ! 🤩 #Yara #DFIR #CTI
YARA-X 1.5.0 has been released! It comes with new features and multiple bug fixes. https://t.co/rfcORDH8mt
0
0
1
Will be there 🫡
0
0
0
New episode alert! Ep 161: MG In this episode we talk with @_MG_, the brilliant (and notorious) hacker and hardware engineer behind the OMG Cable. A seemingly ordinary USB cable with extraordinary offensive capabilities. https://t.co/NvBWV8Ww5b
29
85
496
“Mandiant was here the first five minutes of the conflict and we will be here in the last minute of the conflict,” said @JumpforJoyce 💪🫡 https://t.co/AOc96jiZqP
therecord.media
The 2025 Kyiv International Cyber Resilience Forum looked and sounded different as European governments and cyber companies filled a void left by the Trump administration.
0
0
1
Malware Trends: Yearly 2024 📊 We have crunched the data for 2024 public UnpacMe submissions and we have some interesting stats to share… https://t.co/XfcnBdH4cL
blog.unpac.me
Looking back on the past year’s public UnpacMe submissions, we have identified some interesting trends that offer a broader perspective on the 2024 malware landscape. This year's review is supported...
2
10
37
🎥 RECORDED TALK #BlackAlps24 🎥 ⚡⚡⚡ GCP CL-WHY: The Hacker's and the Hero's Guide to the CLI ⚡⚡⚡ by Shannon McHale (@_shannon_mchale), Senior Red Team Consultant at @Google
https://t.co/w13vxrxsnk
#conference #cybersecurity #switzerland
0
5
3
The Windows Registry Adventure #5: The regf file format
0
8
12
Once inside, it’s almost impossible to remove intruders without some downtime. They probably know the networks better than legit sysadmins and no one wants to break anything. They’re inside and here to stay.
Senior CISA and FBI officials just held a background call to brief reporters on the status of their investigation into Chinese hacking of U.S. and foreign telecom companies. It sounds like telecoms are a long way from being able to evict the Chinese hackers from their networks.
6
59
282
Today is the 40th anniversary of the #Bhopal Gas Tragedy, the worst industrial accident, which occurred on December 2nd and 3rd, 1984. A reminder of the devastating consequences of negligence and safety failures in industrial settings. https://t.co/hFuHM1QMXc
#BhopalGasTragedy
amnesty.org
As the world marks the 40th anniversary of the Bhopal Gas Tragedy, lessons to take from what happened on the awful night of 2 December 1984.
0
0
0
ESET researchers analyse Bootkitty, a UEFI bootkit designed for Linux systems. Bootkitty contains many artifacts suggesting it is more likely a proof of concept than the work of an active threat actor.
1
11
27
NSO Group Spies on People on Behalf of Governments
schneier.com
The Israeli company NSO Group sells Pegasus spyware to countries around the world (including countries like Saudi Arabia, UAE, India, Mexico, Morocco and Rwanda). We assumed that those countries use...
1
13
23
.@Volexity has developed a new #opensource tool, “HWP Extract”, a lightweight Python library & CLI for interacting with Hangul Word Processor files. It also supports object extraction from password-protected HWP files. Download here: https://t.co/WbOVktrmpA #dfir #threatintel
github.com
A library and cli tool to extract HWP files. Contribute to volexity/hwp-extract development by creating an account on GitHub.
1
39
84
Some personal news: I will be joining @Meta's security team (focusing on WhatsApp) starting next week. This is a big life change, I'm also moving to London permanently. I took this opportunity to reflect on the state of threat intel: https://t.co/HzVefVCLPj LMK if it resonates!
blog.kwiatkowski.fr
Have you noticed it? There’s a strange melancholy floating about. Maybe it’s because major brands are being traded like Pokémon cards. Because some friends who are being laid off. Or even because the...
23
44
357
🔍 Struggling to track RMMs? Meet LOLRMM — your one-stop solution for detecting & managing RMMs! 🚨💻 ⚔️ https://t.co/JPfUOzbisF 🔥 ✨ Benefits of LOLRMM: • 🗂️ Single source for ALL RMMs • ⚡ Optimized for speed across SIEMs (KQL, Splunk, etc.) • 🚫 No more duplicates —
0
17
32
MemProcFS now supports console text recovery! Recover text from Cmd and Powershell to Find Evil with MemProcFS super fast memory forensics! https://t.co/inOM3l1GIF
2
24
56
[FR] Merci pour vos retours concernant ma conférence sur les supply chains ☺️ Si vous voulez aborder un sujet en particulier n'hésitez pas à venir me parler ! 🖖 @_barbhack_
1
1
5
Investigations sur 𝑘𝑖𝑙𝑙𝑠𝑤𝑖𝑡𝑐ℎ𝑠 cachés @_barbhack_ par @Requiem_fr sur divers matériels, où même boîtier éteint interface réseau reste active... changements avant la livraison de câbles USB indétectables... cas 𝑆𝑜𝑙𝑎𝑟𝑤𝑖𝑛𝑑𝑠 compromis par🇷🇺 remédiation: 19M$, 3CX
0
4
14