Twyner
@twizzle.bsky.social
Cyber Threat Intelligence at Microsoft | Former Yahoo & Secret Squirrel | Thoughts my own
Reposted by Twyner
Never assume your audience knows what acronyms stand for.
November 13, 2025 at 1:28 AM
Never assume your audience knows what acronyms stand for.
Reposted by Twyner
If you’ve been laid off from a cyber threat intel position, and you want a ticket to CYBERWARCON, please reach out.
October 23, 2025 at 1:27 PM
If you’ve been laid off from a cyber threat intel position, and you want a ticket to CYBERWARCON, please reach out.
Reposted by Twyner
CFP closes this Friday, September 26th at 11:59pm EST!
If you'd like to speak at CYBERWARCON this year, get your talk submission in ASAP to be considered!
Submit your talk here >> www.cyberwarcon.com/cfp2025
#CYBERWARCON #CFP
If you'd like to speak at CYBERWARCON this year, get your talk submission in ASAP to be considered!
Submit your talk here >> www.cyberwarcon.com/cfp2025
#CYBERWARCON #CFP
September 23, 2025 at 6:15 PM
CFP closes this Friday, September 26th at 11:59pm EST!
If you'd like to speak at CYBERWARCON this year, get your talk submission in ASAP to be considered!
Submit your talk here >> www.cyberwarcon.com/cfp2025
#CYBERWARCON #CFP
If you'd like to speak at CYBERWARCON this year, get your talk submission in ASAP to be considered!
Submit your talk here >> www.cyberwarcon.com/cfp2025
#CYBERWARCON #CFP
Reposted by Twyner
We published a reading list of our favorite cyber and cyber-adjacent books.
We're keeping it relatively broad. Books about privacy and surveillance are and will be a part of this.
This is meant to be a post to be updated regularly. If you have suggestions on what we should read next, please share!
We're keeping it relatively broad. Books about privacy and surveillance are and will be a part of this.
This is meant to be a post to be updated regularly. If you have suggestions on what we should read next, please share!
These are our favorite cyber books on hacking, espionage, crypto, surveillance, and more | TechCrunch
These are our favorite cybersecurity books, both by fiction authors, as well as journalists and researchers.
techcrunch.com
July 21, 2025 at 2:59 PM
We published a reading list of our favorite cyber and cyber-adjacent books.
We're keeping it relatively broad. Books about privacy and surveillance are and will be a part of this.
This is meant to be a post to be updated regularly. If you have suggestions on what we should read next, please share!
We're keeping it relatively broad. Books about privacy and surveillance are and will be a part of this.
This is meant to be a post to be updated regularly. If you have suggestions on what we should read next, please share!
Reposted by Twyner
June 30, 2025 at 10:24 AM
Reposted by Twyner
Today, Microsoft Threat Intelligence Center is proud to announce the release of RIFT, an open-source tool designed to assist malware analysts automate the identification of attacker-written code within Rust binaries. https://msft.it/63324SLarg
Unveiling RIFT: Enhancing Rust malware analysis through pattern matching | Microsoft Security Blog
Threat actors are adopting Rust for malware development. RIFT, an open-source tool, helps reverse engineers analyze Rust malware, solving challenges in the security industry.
msft.it
June 27, 2025 at 6:55 PM
Today, Microsoft Threat Intelligence Center is proud to announce the release of RIFT, an open-source tool designed to assist malware analysts automate the identification of attacker-written code within Rust binaries. https://msft.it/63324SLarg
I’ve been fortunate enough to go to at least one F1 race a year since 2021 but this year I won’t be going to any and I’m not sure how to feel
June 27, 2025 at 2:01 PM
I’ve been fortunate enough to go to at least one F1 race a year since 2021 but this year I won’t be going to any and I’m not sure how to feel
Reposted by Twyner
More CVE-2024-42009 exploitation from invoice[@]b-s-r[.]eu from May 29, 2025
Same subject and payload that CERT-PL found, but sent via TOR node instead of freemail provider
cert.pl/en/posts/202...
Same subject and payload that CERT-PL found, but sent via TOR node instead of freemail provider
cert.pl/en/posts/202...
June 9, 2025 at 1:10 PM
More CVE-2024-42009 exploitation from invoice[@]b-s-r[.]eu from May 29, 2025
Same subject and payload that CERT-PL found, but sent via TOR node instead of freemail provider
cert.pl/en/posts/202...
Same subject and payload that CERT-PL found, but sent via TOR node instead of freemail provider
cert.pl/en/posts/202...
I know AI / LLMs get a lot of flack these days but I’ve thoroughly been enjoying whipping up a quick script or summarizing 50+ pages of legalese. I guess we’ll see how long it takes for me to regret those words though
May 27, 2025 at 8:14 PM
I know AI / LLMs get a lot of flack these days but I’ve thoroughly been enjoying whipping up a quick script or summarizing 50+ pages of legalese. I guess we’ll see how long it takes for me to regret those words though
Reposted by Twyner
Microsoft has discovered a cluster of worldwide cloud abuse activity by new Russia-affiliated threat actor Void Blizzard (LAUNDRY BEAR), whose cyberespionage activity targets gov't, defense, transportation, media, NGO, and healthcare in Europe and North America. https://msft.it/63324S9Jkp
New Russia-affiliated actor Void Blizzard targets critical sectors for espionage | Microsoft Security Blog
Microsoft Threat Intelligence has discovered a cluster of worldwide cloud abuse activity conducted by a threat actor we track as Void Blizzard, who we assess with high confidence is Russia-affiliated and has been active since at least April 2024. Void Blizzard’s cyberespionage operations tend to be highly targeted at specific organizations of interest to Russia, including in government, defense, transportation, media, non-governmental organizations (NGOs), and healthcare sectors primarily in Europe and North America.
msft.it
May 27, 2025 at 9:55 AM
Microsoft has discovered a cluster of worldwide cloud abuse activity by new Russia-affiliated threat actor Void Blizzard (LAUNDRY BEAR), whose cyberespionage activity targets gov't, defense, transportation, media, NGO, and healthcare in Europe and North America. https://msft.it/63324S9Jkp
Reposted by Twyner
China provides several map services that can be useful for open source researchers. Gaode Maps is one of them. Conveniently, it is also accessible to people based outside of China. Have a look at @bellingcat.com's Online Investigation Toolkit to learn more: bellingcat.gitbook.io/toolkit/more...
Gaode Maps | Bellingcat's Online Investigation Toolkit
Gaode Maps (also known as AMap) is a mapping application and technology from the Chinese company Alibaba.
bellingcat.gitbook.io
May 26, 2025 at 4:24 PM
China provides several map services that can be useful for open source researchers. Gaode Maps is one of them. Conveniently, it is also accessible to people based outside of China. Have a look at @bellingcat.com's Online Investigation Toolkit to learn more: bellingcat.gitbook.io/toolkit/more...
The amount of medicine I’ve taken the last 24 hours to be a semi-functioning parent should be researched
May 24, 2025 at 3:23 PM
The amount of medicine I’ve taken the last 24 hours to be a semi-functioning parent should be researched
Reposted by Twyner
#ESETresearch publishes its investigation of Operation RoundPress, which uses XSS vulnerabilities to target high-value webmail servers. We attribute the operation to Sednit with medium confidence. www.welivesecurity.com/en/eset-rese... 1/5
Operation RoundPress targeting high-value webmail servers
ESET researchers uncover a Russia-aligned espionage operation that they named RoundPress and that targets webmail servers via XSS vulnerabilities.
www.welivesecurity.com
May 15, 2025 at 7:36 AM
#ESETresearch publishes its investigation of Operation RoundPress, which uses XSS vulnerabilities to target high-value webmail servers. We attribute the operation to Sednit with medium confidence. www.welivesecurity.com/en/eset-rese... 1/5
Reposted by Twyner
Fascinating to see reference to GRU unit 20728 from FR relative to Russia's offensive cyber program -- as far as I'm aware, a first from a Western service?
www.diplomatie.gouv.fr/fr/dossiers-...
www.diplomatie.gouv.fr/fr/dossiers-...
Russie – Attribution de cyberattaques contre la France au service de renseignement militaire russe (APT28) (29.04.25)
La France condamne avec la plus grande fermeté le recours par le service de renseignement militaire russe (GRU) au mode opératoire d'attaque APT28, (…)
www.diplomatie.gouv.fr
April 29, 2025 at 5:16 PM
Fascinating to see reference to GRU unit 20728 from FR relative to Russia's offensive cyber program -- as far as I'm aware, a first from a Western service?
www.diplomatie.gouv.fr/fr/dossiers-...
www.diplomatie.gouv.fr/fr/dossiers-...
Reposted by Twyner
JUST 2 DAYS LEFT! 🐍 💸 ⚡
Got something to say about cybercrime? Share it on the #SLEUTHCON 2025 stage!
Talks are due soon. Submissions close April 18 @ 11:59pm ET. 🎯
The conference kicks off June 6 in Arlington VA + online!
🔗 sleuthcon.com/cfp
#CallForProposals #Cybersecurity #CyberConference
Got something to say about cybercrime? Share it on the #SLEUTHCON 2025 stage!
Talks are due soon. Submissions close April 18 @ 11:59pm ET. 🎯
The conference kicks off June 6 in Arlington VA + online!
🔗 sleuthcon.com/cfp
#CallForProposals #Cybersecurity #CyberConference
April 17, 2025 at 6:36 PM
JUST 2 DAYS LEFT! 🐍 💸 ⚡
Got something to say about cybercrime? Share it on the #SLEUTHCON 2025 stage!
Talks are due soon. Submissions close April 18 @ 11:59pm ET. 🎯
The conference kicks off June 6 in Arlington VA + online!
🔗 sleuthcon.com/cfp
#CallForProposals #Cybersecurity #CyberConference
Got something to say about cybercrime? Share it on the #SLEUTHCON 2025 stage!
Talks are due soon. Submissions close April 18 @ 11:59pm ET. 🎯
The conference kicks off June 6 in Arlington VA + online!
🔗 sleuthcon.com/cfp
#CallForProposals #Cybersecurity #CyberConference
Reposted by Twyner
Hello friends. The dreaded and long awaiting blog on WHAT THE FUCK HAPPENED TO THE CYBERSECURITY JOBS MARKET has arrived.
tisiphone.net/2025/04/01/l...
I'm sorry.
tisiphone.net/2025/04/01/l...
I'm sorry.
Lesley, What Happened to the “Cybersecurity Skills Shortage”?
Are you stressed out right now? I’m stressed out. Most Americans are, and cybersecurity job seekers are definitely not an exception. I do a ton of career mentoring and career clinics, and I s…
tisiphone.net
April 2, 2025 at 3:04 AM
Hello friends. The dreaded and long awaiting blog on WHAT THE FUCK HAPPENED TO THE CYBERSECURITY JOBS MARKET has arrived.
tisiphone.net/2025/04/01/l...
I'm sorry.
tisiphone.net/2025/04/01/l...
I'm sorry.
Reposted by Twyner
Today, @volexity.com released GoResolver, open-source tooling to assist reverse engineers with obfuscated Golang samples. @r00tbsd.bsky.social & Killian Raimbaud presented details at INCYBER Forum earlier today. Learn how GoResolver works+where to download it: www.volexity.com/blog/2025/04...
#dfir
#dfir
GoResolver: Using Control-flow Graph Similarity to Deobfuscate Golang Binaries, Automatically
In the course of its investigations, Volexity frequently encounters malware samples written in Golang. Binaries written in Golang are often challenging to analyze because of the embedded libraries and...
www.volexity.com
April 1, 2025 at 1:45 PM
Today, @volexity.com released GoResolver, open-source tooling to assist reverse engineers with obfuscated Golang samples. @r00tbsd.bsky.social & Killian Raimbaud presented details at INCYBER Forum earlier today. Learn how GoResolver works+where to download it: www.volexity.com/blog/2025/04...
#dfir
#dfir
Reposted by Twyner
I wrote a piece on China’s evolution into a bigger, more sophisticated and more threatening cyber power over the past decade, and particularly in the last few years. I also look at the pivotal role played by China’s private sector ecosystem in that shift. www.economist.com/china/2025/0...
Chinese hacking is becoming bigger, better and stealthier
Experts say it is the main shift in the cyber-threat landscape in a decade
www.economist.com
March 26, 2025 at 11:27 AM
I wrote a piece on China’s evolution into a bigger, more sophisticated and more threatening cyber power over the past decade, and particularly in the last few years. I also look at the pivotal role played by China’s private sector ecosystem in that shift. www.economist.com/china/2025/0...
Last chance to apply! Posting will likely be taken down tomorrow, so get those resumes in!
Want to come join our team of #threatintel folks responsible for finding and stopping government-backed actors targeting our users? Now is your chance! Feel free to ask me questions - I’m always an open book. Apply below:
Paranoids Sr. Cyber Threat Investigator
It takes powerful technology to connect our brands and partners with an audience of hundreds of millions of people. Whether you’re looking to write mobile app code, engineer the servers behind our mas...
ouryahoo.wd5.myworkdayjobs.com
March 18, 2025 at 11:35 AM
Last chance to apply! Posting will likely be taken down tomorrow, so get those resumes in!
Want to come join our team of #threatintel folks responsible for finding and stopping government-backed actors targeting our users? Now is your chance! Feel free to ask me questions - I’m always an open book. Apply below:
Paranoids Sr. Cyber Threat Investigator
It takes powerful technology to connect our brands and partners with an audience of hundreds of millions of people. Whether you’re looking to write mobile app code, engineer the servers behind our mas...
ouryahoo.wd5.myworkdayjobs.com
March 12, 2025 at 3:53 PM
Want to come join our team of #threatintel folks responsible for finding and stopping government-backed actors targeting our users? Now is your chance! Feel free to ask me questions - I’m always an open book. Apply below:
Reposted by Twyner
Come learn. Come share. Come hang out with the people making security better.
🗓️24-26 September 2025
📍Berlin, Germany
Click to learn more 👉 tinyurl.com/u8v7cwpb
#VB2025 #CyberConference #CyberSecurity #InfoSec #Networking
🗓️24-26 September 2025
📍Berlin, Germany
Click to learn more 👉 tinyurl.com/u8v7cwpb
#VB2025 #CyberConference #CyberSecurity #InfoSec #Networking
March 4, 2025 at 2:59 PM
Come learn. Come share. Come hang out with the people making security better.
🗓️24-26 September 2025
📍Berlin, Germany
Click to learn more 👉 tinyurl.com/u8v7cwpb
#VB2025 #CyberConference #CyberSecurity #InfoSec #Networking
🗓️24-26 September 2025
📍Berlin, Germany
Click to learn more 👉 tinyurl.com/u8v7cwpb
#VB2025 #CyberConference #CyberSecurity #InfoSec #Networking
Reposted by Twyner
Worth resharing this today, WIRED’s guide to protecting yourself from government surveillance
The WIRED Guide to Protecting Yourself From Government Surveillance
Donald Trump has vowed to deport millions and jail his enemies. To carry out that agenda, his administration will exploit America’s digital surveillance machine. Here are some steps you can take to ev...
www.wired.com
January 20, 2025 at 2:16 PM
Worth resharing this today, WIRED’s guide to protecting yourself from government surveillance
Reposted by Twyner
Send your CfP and don't be like Anakin and wait until the last day before we close submissions (7 February). We look forward to your threat research.
🆗 trusted community
❌📹no recording
❌🎦no streaming
❌ 📱no live posting
#CfP #ThreatIntel #PIVOTcon25
🆗 trusted community
❌📹no recording
❌🎦no streaming
❌ 📱no live posting
#CfP #ThreatIntel #PIVOTcon25
January 9, 2025 at 2:46 PM
Send your CfP and don't be like Anakin and wait until the last day before we close submissions (7 February). We look forward to your threat research.
🆗 trusted community
❌📹no recording
❌🎦no streaming
❌ 📱no live posting
#CfP #ThreatIntel #PIVOTcon25
🆗 trusted community
❌📹no recording
❌🎦no streaming
❌ 📱no live posting
#CfP #ThreatIntel #PIVOTcon25
Reposted by Twyner
For the #threatintel crowd, I’m hiring two cyber threat intel engineers for AWS Threat Intelligence! US-based, full-time from offices in the DC area, Austin, and Seattle. All backgrounds encouraged to apply. Can’t beat the scope or impact of the work. Let me know if you have questions! 👇
Security Intelligence Engineer, AWS Threat Intelligence
We are open to hiring candidates to work out of one of the following locations:Annapolis Junction, MD, USA | Arlington, VA, USA | Austin, TX, USA | Herndon, VA, USA | New York, NY, USA | Seattle, WA, ...
amazon.jobs
January 7, 2025 at 1:56 AM
For the #threatintel crowd, I’m hiring two cyber threat intel engineers for AWS Threat Intelligence! US-based, full-time from offices in the DC area, Austin, and Seattle. All backgrounds encouraged to apply. Can’t beat the scope or impact of the work. Let me know if you have questions! 👇
I don't know why but waiting a week to watch a new episode of some show on a streaming platform, just feels wrong to me for some reason. Netflix spoiled me I guess
July 17, 2023 at 6:53 PM
I don't know why but waiting a week to watch a new episode of some show on a streaming platform, just feels wrong to me for some reason. Netflix spoiled me I guess