Andrew Northern ๐
@ex_raritas
Followers
5K
Following
23K
Media
2K
Statuses
17K
๐ฎ Principal Researcher at Censys ๐ฎ | formerly Proofpoint | Knowledge Piรฑata ๐ช | Attack Chain Connoisseur | Epicurean
Joined April 2009
Earlier this year I discovered and identified a novel sub-technique of defense evasion, which I have named โByte Order Masking.โ This technique was included in the April 2024 release of the @MITREattack framework. This is my third contribution. ๐ฅ๐ฅ๐ฅ Read about it here:
6
9
67
Please include network indicators in your malware write ups. Ty.
0
1
23
Right by my house. So stoked.
KC Streetcar Mainstreet extension opens today!! Extending the line 8 new stations. Hopefully the city keeps expanding!!
0
0
5
I know I posted about this earlier, but if you missed the linked thread, take a moment to read it. Imagine being a SOC analyst responding to an alert. Most IOC or reputation feeds tell you something was flagged, but not why. Or even in some cases if itโs just stale data creating
2
3
18
When is the last time your vendor gave you receipts?
๐ Introducing Threat Evidence in the Threat Hunting module! Censysโs near real time validated threat data contextualizes alerts so you can make quick decisions. Now, with Threat Evidence, you can get additional context into how Censys detects specific threats to enhance your
0
1
12
Gotta take time to say that Iโm having a really good time at the new job. I get to look at some really wild stuff.
2
0
18
๐ฅ โฌ๏ธ โฌ๏ธ โฌ๏ธ
๐ The Censys Research Team investigated the fallout from a recent extortion campaign targeting Oracleโs E-Business Suite (EBS). The campaign leveraged a zero-day vulnerability, exfiltrated data, and leaked said data if extortion fees remained unpaid. ๐บ๏ธ Today, Censys observes
0
0
6
Having one of those ADHD mornings where I canโt remember if I took my medication. Now I have to wonder if I took it twice.
4
0
4
๐ Censys analyzed todayโs AWS outage (Top 1,000) ๐ 11.5% use AWS; 9.9% AWS-only ๐ 24.2% IPs on AWS ๐ Most in AS16509 (N. America & Europe) โก ~25% of infra behind zillow, espn & imdb lives on AWS showing how outages impact the Internet. โก๏ธ See more: https://t.co/vu9dSS2oco
0
6
10
don't talk to me unless you use the Alibaba web browser.
6
1
13
๐ Excited to partner with @vtxproject The Synapse + Censys power-up enriches investigations with real-time & historical internet data. Stay tuned for whatโs next! #CyberSecurity #ThreatIntelligence
https://t.co/MwvA3CzVxb
Analysts, take note: Censys just leveled up in proactive threat hunting. Weโve updated our Synapse @Censysio Power-Up to matchโbringing faster discovery, richer context & repeatable enrichment. Try it: https://t.co/DDMDddAXTn
0
4
5
Want to slice and dice Censys data right in your terminal? ๐๐๐ CC: @greglesnewich ;)
๐ Introducing the Censys CLI โ the power of Censys, now in your terminal. โก Work where youโre fastest: Run Censys searches directly from your terminal. ๐ Instant visibility: Quickly lookup IPs, certificates, and web properties to make investigative decisions. ๐ Smarter
1
2
5
๐จ New from Censys: ICS/OT Internet Intel ๐จ Unmatched visibility into ICS systems: โก 26 protocols ๐ญ 68 vendors ๐ก๏ธ 226 unique fingerprints Spot, validate & secure exposed assets at scale. ๐ Learn more: https://t.co/bs1v88Uzmr
#CyberSecurity #ICS #OT #CriticalInfrastructure
0
2
9
the remaining MLB team closest to each county in the contiguous united states
133
181
7K
I wrote a JQ wrapper that enumerates the keys and lets you pick the fields in a tui and then saves the field selections as a name that can be called later.
I have a confession to make I would rather use grep on json files over JQ
0
0
4
MVP or sum
Correct me if Iโm wrong but usually you donโt want your face planted in the fence when the ball is right there
0
0
3