Twitter | Search | |
InstaCyber
Reveals APTs with one easy application! | Artificial amateurs, aren't at all amazing // Analytically, I assault, animate things
2,292
Tweets
235
Following
1,153
Followers
Tweets
InstaCyber 8h
Replying to @instacyber
Rare appearance of image macro on my update feed
Reply Retweet Like
InstaCyber 8h
There's being a thorough analyst, and then there is obsessively calculating time deltas between actors malfile creation times and their testing of the files for detection rates.
Reply Retweet Like
InstaCyber Jun 14
Verifying myself: I am instacyber on . i4vXTTFzpBqzXISjRkM2jDPOGTT-gPj6UKZn /
Reply Retweet Like
InstaCyber Jun 14
That moment when you get distracted from ’s beard by caption typos
Reply Retweet Like
InstaCyber Jun 14
Replying to @instacyber
To expand, I believe this underscores that understanding *who* is behind the keyboard on these attacks and their strategic objectives is an important factor in delivering intel so that target adoption can be predicted and accounted for.
Reply Retweet Like
InstaCyber Jun 14
Blog post discussing TRITON observation on "another sector". What is most interesting is this interpretation of business sectors depending on how you slice your pie; would considering attacker objectives have made this less notable?
Reply Retweet Like
InstaCyber retweeted
highwiz Jun 13
Alas, my talk entitled: "SCADA and ICS : All your bases are belong to the cyber-kill-chain aka The Hyper Convergence of Blockchain and Machine Learning/AI with tips from Sun Tzu for Fun and Profit " was rejected for DEF CON 27.
Reply Retweet Like
InstaCyber Jun 5
End Of The World confirmed
Reply Retweet Like
InstaCyber May 30
Needs updating to "years" now
Reply Retweet Like
InstaCyber May 29
Replying to @Viking_Sec @razhael
I have immense respect for the detail and quality of ’s work and his willingness to work with computer security professionals rather than just leech off them for a story. He is one on my exception list.
Reply Retweet Like
InstaCyber May 29
Replying to @instacyber
If they *did*, those are probably companies you don't want to hire for your next incident response job 😬
Reply Retweet Like
InstaCyber May 29
Yeah I'm sure 100% of IR teams would break NDAs to confirm a relatively low-interest detail to media.
Reply Retweet Like
InstaCyber May 23
Protip for hunting: if it's called "myvtfile.exe" and is submitted from China, it's trash you've seen many times before.
Reply Retweet Like
InstaCyber May 22
I've seen very specific malware names I designated being used by other analysts, even though those names were only used in customer reporting. We should all remember that we are generally fishing in the same pool; unique information will only be produced from non-public data.
Reply Retweet Like
InstaCyber retweeted
Tobias Feakin May 22
At the recent conference on cyber engagement I reinforced Australia’s position on the of incidents. It is difficult but far from impossible and we are increasingly accurate in identifying those responsible.
Reply Retweet Like
InstaCyber May 20
Replying to @Nameksei_jin @tlansec
The group named the tool BlackWater themselves.
Reply Retweet Like
InstaCyber May 15
Replying to @RidT @craiu
Indeed, there are plenty of services that operate in exactly this way, requiring auth over a "more physical" resource like a phone # but still allowing unique usernames. The reason for numbers in these apps is just to enable easy interrogation of accounts from user contact lists
Reply Retweet Like
InstaCyber May 15
Replying to @RidT @craiu
I'm interested to understand more about this. Surely not requiring a harder come by resource such as a phone number vs simple sign up with disposable email would at least increase the perceived userbase, and help provide inflated numbers for investor approval?
Reply Retweet Like
InstaCyber May 15
*eagerly awaits footage posted on VK of the cake crossing the eastern Ukrainian border*
Reply Retweet Like
InstaCyber May 10
Replying to @tlansec @michael_yip
Trolling aside, Python3 and JSON output will probably get you a lot of the way on these aspects too. Obviously wielding jq and pivoting around can be problematic there, but I guess that's where storage like ES really does come into play.
Reply Retweet Like