Alyssa (she/her)
@ramen0x3f
Followers
3K
Following
2K
Media
95
Statuses
359
@ramen0x3f.bsky.social Senior Threat Researcher and Pun Aficionado @Microsoft Former research+red team+hand drawn memes @Mandiant
Joined February 2017
Officially my first day as a Senior Security Researcher @Microsoft and I couldn’t be more excited! 🤓
31
8
448
A threat group tracked by Microsoft as DEV-0196 is linked to an Israel-based private sector offensive actor (PSOA) known as QuaDream, which reportedly sells a suite of exploits, malware, and infra. Read our analysis in collaboration with @citizenlab:
2
189
326
If anyone is considering taking the CySA+, CompTIA is doing an open beta for the new version and it’s only $50
24
104
428
Not sure how I missed this one but PSA for red team friends 🚨update Cobalt Strike if you haven’t
Cobalt Strike CVE-2022-39197. Quite easy to repro from the release notes. Red Teamers, patch your Team Servers 🙂 https://t.co/bpAycCOgQ1
0
1
6
Congrats to my Mandi....uh Google friends! Excited to see what y'all accomplish with that Google ☁️ scale! 🥳
Google completed its acquisition of Mandiant today. We’re excited to get started on our shared mission to create a comprehensive and best-in-class cyber security solution for customers and partners. Read more here: https://t.co/JpkOHify14
0
0
12
Floods in Pakistan have displaced over **33 million** people already - more than the population of Texas. If you’re looking to help, Give2Asia (tax deductible) sends grants to local nonprofits in Pakistan who are supporting some of the worst hit regions https://t.co/BUbKzMV0kh
1
2
5
Microsoft has discovered a post-compromise capability we’re calling MagicWeb, which the threat actor tracked as NOBELIUM is using to maintain persistent access to environments they have compromised. In-depth technical analysis and hunting guidance here:
2
309
518
This looks handy! Started using Jupyter notebooks for research/analysis in the past year and it’s *the best*
forked @_RyanBenson's awesome unfurl tool and patched the library so it can easily be used in a Jupyter Notebook :) #python
https://t.co/KgG5RAnsfI
2
0
10
#MSTIC 🛡️ & #DART 👻 are now hiring Hunt Analysts who live at the intersection of incident response and threat intelligence. Have experience in both areas? Come join us! Hunt Analyst 🕵️: https://t.co/72IKr9GbDY
https://t.co/jvmCzYYtUG
2
70
150
This is an awesome blog on attacker VPN usage! 🤩 Come for the walkthrough of @JWilsonSecurity’s fun research and stay for the fantastic list of hunting examples/rules that will get your creative juices flowing 👏🏽
Sometimes you just want to hunt 🔫 Three excellent technologies to investigate are... - VPN Clients - Proxy Services - Localhost Tunneling Read along to further expand the defender’s hunting and detection repertoire against these three troublemakers. https://t.co/1G5w6FUZTS
0
1
7
🎉 SUPER EXCITED to announce I'll be presenting at DEFCON this year! https://t.co/zysRSBiaKc
4
15
114
One of my favorite malware analysis utilities just got a big update!
Deobfuscate more strings than ever with the brand new FLOSS version 2.0
0
0
7
Just received my flag* as well for my time at @Mandiant! It was a big deal for me to hit the 5 year mark in my career while doing cool research with AP ❤️🦅 Stoked I have a memento *majestic cat not included
2
0
48
I am preparing for an internal talk on career advice learned from working security crises. My notes 🧵
15
104
444
🔥I'm looking for a manager for the @Mandiant #AdvancedPractices Research team! 🦅 If you want to: 1⃣manage high-performing experts 2⃣find evil and codify attacker methodologies 3⃣work on a team at the front lines of security ...this may be for you. https://t.co/UMrgbFdQwW
3
42
65
During the Mandiant FLARE team's webinar series "The Sample," you will hear stories of notable #malware samples they have reverse engineered. Tune in this Thursday for the first installment of the series. Register 👉 https://t.co/kTR6rgKJ9y
0
9
23