cyb3rint3l
@cyb3rint3l.bsky.social
Pinned
cyb3rint3l
@cyb3rint3l.bsky.social
· Oct 5
Threat Hunting with Sysinternals – Learn Live Windows Forensics (ProcMon, Autoruns, TCPView)
YouTube video by cyb3rint3l
youtu.be
In this second part of the "Threat Hunting with Sysinternals" series, designed for SOC Analysts, Blue Teamers and System/Network administrators, we explore Process Monitor, Autoruns and TCPView.
youtu.be/VgWSUKVUUfU
youtu.be/VgWSUKVUUfU
In this second part of the "Threat Hunting with Sysinternals" series, designed for SOC Analysts, Blue Teamers and System/Network administrators, we explore Process Monitor, Autoruns and TCPView.
youtu.be/VgWSUKVUUfU
youtu.be/VgWSUKVUUfU
Threat Hunting with Sysinternals – Learn Live Windows Forensics (ProcMon, Autoruns, TCPView)
YouTube video by cyb3rint3l
youtu.be
October 5, 2025 at 6:35 PM
In this second part of the "Threat Hunting with Sysinternals" series, designed for SOC Analysts, Blue Teamers and System/Network administrators, we explore Process Monitor, Autoruns and TCPView.
youtu.be/VgWSUKVUUfU
youtu.be/VgWSUKVUUfU
Reposted by cyb3rint3l
Largest NPM supply chain attack in history. Attackers compromised 18 core JavaScript packages with 2+ billion weekly downloads after phishing a maintainer. Malware targets crypto wallets & steals credentials. Millions of developers affected worldwide www.aikido.dev/blog/npm-deb...
September 8, 2025 at 7:23 PM
Largest NPM supply chain attack in history. Attackers compromised 18 core JavaScript packages with 2+ billion weekly downloads after phishing a maintainer. Malware targets crypto wallets & steals credentials. Millions of developers affected worldwide www.aikido.dev/blog/npm-deb...
Reposted by cyb3rint3l
#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/7
August 26, 2025 at 3:38 PM
#ESETResearch has discovered the first known AI-powered ransomware, which we named #PromptLock. The PromptLock malware uses the gpt-oss:20b model from OpenAI locally via the Ollama API to generate malicious Lua scripts on the fly, which it then executes 1/7
Reposted by cyb3rint3l
The new Bloodhound version has some genuinely crazy cool new features -- OpenGraph really blows the doors off the potential for Bloodhound to not just map attack paths within Microsoft Active Directory or Entra ID tenants, but now... ANYTHING 🤩 youtu.be/kVOjXGbm_Ro
August 19, 2025 at 1:03 PM
The new Bloodhound version has some genuinely crazy cool new features -- OpenGraph really blows the doors off the potential for Bloodhound to not just map attack paths within Microsoft Active Directory or Entra ID tenants, but now... ANYTHING 🤩 youtu.be/kVOjXGbm_Ro
SpiderFoot is one of the tools I've used most in my OSINT journey so far.
I highly recommend it!
#osint #cyb3rint3l #cybersecurity #osintseries #digitalfootprint #infosec #spiderfoot #reconnaissance #shodan #virustotal
I highly recommend it!
#osint #cyb3rint3l #cybersecurity #osintseries #digitalfootprint #infosec #spiderfoot #reconnaissance #shodan #virustotal
August 18, 2025 at 9:25 PM
SpiderFoot is one of the tools I've used most in my OSINT journey so far.
I highly recommend it!
#osint #cyb3rint3l #cybersecurity #osintseries #digitalfootprint #infosec #spiderfoot #reconnaissance #shodan #virustotal
I highly recommend it!
#osint #cyb3rint3l #cybersecurity #osintseries #digitalfootprint #infosec #spiderfoot #reconnaissance #shodan #virustotal
Reposted by cyb3rint3l
CISA open‐sources Thorium malware forensic platform.
https://deadstack.net/cluster/11364
🔗🔥 Stories follow in replies.
#tech #opensource #infosec #government #cybersecurity
https://deadstack.net/cluster/11364
🔗🔥 Stories follow in replies.
#tech #opensource #infosec #government #cybersecurity
CISA open‐sources Thorium malware forensic platform
In a bid to aid cyber defenders, CISA has released Thorium—a free, open‐source malware forensic analysis platform. Designed to streamline the integration of automated threat investigation tools, the platform aims to ease the strain on security teams tackling an ever-increasing volume of…
deadstack.net
July 31, 2025 at 5:21 PM
CISA open‐sources Thorium malware forensic platform.
https://deadstack.net/cluster/11364
🔗🔥 Stories follow in replies.
#tech #opensource #infosec #government #cybersecurity
https://deadstack.net/cluster/11364
🔗🔥 Stories follow in replies.
#tech #opensource #infosec #government #cybersecurity
No six-figure #cybersecurity solution will save you if:
❌ You haven't trained your users
❌ You save RDP credentials on the client
❌ Force UNC paths to remember login details
❌ You lack a Patch Management strategy
❌ You are not incorporating Monitoring
❌ You assume you are too small to be hit
❌ You haven't trained your users
❌ You save RDP credentials on the client
❌ Force UNC paths to remember login details
❌ You lack a Patch Management strategy
❌ You are not incorporating Monitoring
❌ You assume you are too small to be hit
July 24, 2025 at 8:12 PM
No six-figure #cybersecurity solution will save you if:
❌ You haven't trained your users
❌ You save RDP credentials on the client
❌ Force UNC paths to remember login details
❌ You lack a Patch Management strategy
❌ You are not incorporating Monitoring
❌ You assume you are too small to be hit
❌ You haven't trained your users
❌ You save RDP credentials on the client
❌ Force UNC paths to remember login details
❌ You lack a Patch Management strategy
❌ You are not incorporating Monitoring
❌ You assume you are too small to be hit
🎬 How can we analyse a Windows system for malware while making sure to preserve crucial forensic evidence?
Join me in the 1st part of this three-part Threat Hunting series, where I delve into Process Explorer, showing how we can further expand our DFIR arsenal by fine-tuning this Sysinternals tool.
Join me in the 1st part of this three-part Threat Hunting series, where I delve into Process Explorer, showing how we can further expand our DFIR arsenal by fine-tuning this Sysinternals tool.
July 9, 2025 at 10:13 AM
🎬 How can we analyse a Windows system for malware while making sure to preserve crucial forensic evidence?
Join me in the 1st part of this three-part Threat Hunting series, where I delve into Process Explorer, showing how we can further expand our DFIR arsenal by fine-tuning this Sysinternals tool.
Join me in the 1st part of this three-part Threat Hunting series, where I delve into Process Explorer, showing how we can further expand our DFIR arsenal by fine-tuning this Sysinternals tool.
A thorough day-by-day write-up on the ongoing conflict. It is worth reading to understand how cyber operations not only affect but could at times play a decisive role in the course of events.
socradar.io/reflections-...
socradar.io/reflections-...
Reflections of the Israel-Iran Conflict on the Cyber World - SOCRadar® Cyber Intelligence Inc.
The Israel-Iran conflict is no exception. With APT groups taking visible roles early, and hacktivist narratives spreading quickly online...
socradar.io
June 20, 2025 at 6:37 AM
A thorough day-by-day write-up on the ongoing conflict. It is worth reading to understand how cyber operations not only affect but could at times play a decisive role in the course of events.
socradar.io/reflections-...
socradar.io/reflections-...
💾 Windows ME (meeehhh...)
Windows Millennium Edition, or ME, arrived in 2000, aiming to bring multimedia & home computing together.
It brought System Restore, digital media support, faster boot times, but also bugs &headaches.
Often criticised as one of MS's weakest releases, ME became (1/2)
Windows Millennium Edition, or ME, arrived in 2000, aiming to bring multimedia & home computing together.
It brought System Restore, digital media support, faster boot times, but also bugs &headaches.
Often criticised as one of MS's weakest releases, ME became (1/2)
June 3, 2025 at 4:06 PM
💾 Windows ME (meeehhh...)
Windows Millennium Edition, or ME, arrived in 2000, aiming to bring multimedia & home computing together.
It brought System Restore, digital media support, faster boot times, but also bugs &headaches.
Often criticised as one of MS's weakest releases, ME became (1/2)
Windows Millennium Edition, or ME, arrived in 2000, aiming to bring multimedia & home computing together.
It brought System Restore, digital media support, faster boot times, but also bugs &headaches.
Often criticised as one of MS's weakest releases, ME became (1/2)
🔍 Windows 98: Where the internet and PC became one
Released in 1998, Windows 98 refined the Win 95 experience with better hardware support, the Quick Launch bar & the Active Desktop.
It was the OS where the early web took off, with IE embedded.
But it was also the golden age for viruses (1/2)
Released in 1998, Windows 98 refined the Win 95 experience with better hardware support, the Quick Launch bar & the Active Desktop.
It was the OS where the early web took off, with IE embedded.
But it was also the golden age for viruses (1/2)
May 31, 2025 at 12:01 PM
🔍 Windows 98: Where the internet and PC became one
Released in 1998, Windows 98 refined the Win 95 experience with better hardware support, the Quick Launch bar & the Active Desktop.
It was the OS where the early web took off, with IE embedded.
But it was also the golden age for viruses (1/2)
Released in 1998, Windows 98 refined the Win 95 experience with better hardware support, the Quick Launch bar & the Active Desktop.
It was the OS where the early web took off, with IE embedded.
But it was also the golden age for viruses (1/2)
🖥️ Windows 95: The OS that changed it all
Building on the foundation set by Windows 3.1, which introduced many to GUIs, Windows 95 launched in 1995 and took digital innovation to new heights.
With the iconic Start button and Plug-and-Play simplicity, Windows 95 opened the gateway to the (1/2)
Building on the foundation set by Windows 3.1, which introduced many to GUIs, Windows 95 launched in 1995 and took digital innovation to new heights.
With the iconic Start button and Plug-and-Play simplicity, Windows 95 opened the gateway to the (1/2)
May 27, 2025 at 4:05 PM
🖥️ Windows 95: The OS that changed it all
Building on the foundation set by Windows 3.1, which introduced many to GUIs, Windows 95 launched in 1995 and took digital innovation to new heights.
With the iconic Start button and Plug-and-Play simplicity, Windows 95 opened the gateway to the (1/2)
Building on the foundation set by Windows 3.1, which introduced many to GUIs, Windows 95 launched in 1995 and took digital innovation to new heights.
With the iconic Start button and Plug-and-Play simplicity, Windows 95 opened the gateway to the (1/2)
💽 There came Windows 3.1
Arriving in 1992, Windows 3.1 introduced millions to the world of GUIs with its polished look, iconic Program Manager, TrueType fonts and... Minesweeper!💣
It made computing colourful, structured, and... fun.
But it also saw early vulnerabilities emerge as (1/2)
Arriving in 1992, Windows 3.1 introduced millions to the world of GUIs with its polished look, iconic Program Manager, TrueType fonts and... Minesweeper!💣
It made computing colourful, structured, and... fun.
But it also saw early vulnerabilities emerge as (1/2)
May 24, 2025 at 12:01 PM
💽 There came Windows 3.1
Arriving in 1992, Windows 3.1 introduced millions to the world of GUIs with its polished look, iconic Program Manager, TrueType fonts and... Minesweeper!💣
It made computing colourful, structured, and... fun.
But it also saw early vulnerabilities emerge as (1/2)
Arriving in 1992, Windows 3.1 introduced millions to the world of GUIs with its polished look, iconic Program Manager, TrueType fonts and... Minesweeper!💣
It made computing colourful, structured, and... fun.
But it also saw early vulnerabilities emerge as (1/2)
🗂️ Then came Windows 2.0
Released in 1987, Windows 2.0 introduced overlapping windows, desktop icons & better graphics support, making the interface more dynamic.
It powered early business applications & famously introduced keyboard shortcuts still used today. For many, it was their 1st time (1/2)
Released in 1987, Windows 2.0 introduced overlapping windows, desktop icons & better graphics support, making the interface more dynamic.
It powered early business applications & famously introduced keyboard shortcuts still used today. For many, it was their 1st time (1/2)
May 20, 2025 at 4:05 PM
🗂️ Then came Windows 2.0
Released in 1987, Windows 2.0 introduced overlapping windows, desktop icons & better graphics support, making the interface more dynamic.
It powered early business applications & famously introduced keyboard shortcuts still used today. For many, it was their 1st time (1/2)
Released in 1987, Windows 2.0 introduced overlapping windows, desktop icons & better graphics support, making the interface more dynamic.
It powered early business applications & famously introduced keyboard shortcuts still used today. For many, it was their 1st time (1/2)
🖥️ And then, there was Windows 1.0
Launched in 1985, Windows 1.0 was Microsoft's 1st step into the GUI world, layering windows on top of MS-DOS.
It planted the seed for personal computing with tiled windows, mouse support & basic multitasking, including (1/2)
Launched in 1985, Windows 1.0 was Microsoft's 1st step into the GUI world, layering windows on top of MS-DOS.
It planted the seed for personal computing with tiled windows, mouse support & basic multitasking, including (1/2)
May 17, 2025 at 12:01 PM
🖥️ And then, there was Windows 1.0
Launched in 1985, Windows 1.0 was Microsoft's 1st step into the GUI world, layering windows on top of MS-DOS.
It planted the seed for personal computing with tiled windows, mouse support & basic multitasking, including (1/2)
Launched in 1985, Windows 1.0 was Microsoft's 1st step into the GUI world, layering windows on top of MS-DOS.
It planted the seed for personal computing with tiled windows, mouse support & basic multitasking, including (1/2)
🪙 Many things are going on right now regarding the #Coinbase incident.
Coinbase (correctly) refused to pay the cybercriminals a $20M ransom. Instead, in a chess-type move, they offered a $20M bounty as a reward for intel provided.
Nevertheless, this further ignites the KYC discussion. #ransomware
Coinbase (correctly) refused to pay the cybercriminals a $20M ransom. Instead, in a chess-type move, they offered a $20M bounty as a reward for intel provided.
Nevertheless, this further ignites the KYC discussion. #ransomware
May 16, 2025 at 10:42 AM
🪙 Many things are going on right now regarding the #Coinbase incident.
Coinbase (correctly) refused to pay the cybercriminals a $20M ransom. Instead, in a chess-type move, they offered a $20M bounty as a reward for intel provided.
Nevertheless, this further ignites the KYC discussion. #ransomware
Coinbase (correctly) refused to pay the cybercriminals a $20M ransom. Instead, in a chess-type move, they offered a $20M bounty as a reward for intel provided.
Nevertheless, this further ignites the KYC discussion. #ransomware
❌5 clicks and 10 commands are all it takes for a Bitpixie attack to compromise BitLocker-encrypted devices without pre-boot authentication enabled.
Here's the PoC and why your once moaning executive will thank you later for keeping trade secrets safe: www.youtube.com/watch?v=_7e_...
#Cybersecurity
Here's the PoC and why your once moaning executive will thank you later for keeping trade secrets safe: www.youtube.com/watch?v=_7e_...
#Cybersecurity
May 15, 2025 at 4:45 PM
❌5 clicks and 10 commands are all it takes for a Bitpixie attack to compromise BitLocker-encrypted devices without pre-boot authentication enabled.
Here's the PoC and why your once moaning executive will thank you later for keeping trade secrets safe: www.youtube.com/watch?v=_7e_...
#Cybersecurity
Here's the PoC and why your once moaning executive will thank you later for keeping trade secrets safe: www.youtube.com/watch?v=_7e_...
#Cybersecurity
If Microsoft has let this guy @thomasmaurer.bsky.social go, no one should feel safe working in tech giants.
I've been following Thomas for the last 8 years & I find his commitment & contribution to the IT community outstanding.
Some events in life we should take as warnings. This is one of them.
I've been following Thomas for the last 8 years & I find his commitment & contribution to the IT community outstanding.
Some events in life we should take as warnings. This is one of them.
May 15, 2025 at 8:53 AM
If Microsoft has let this guy @thomasmaurer.bsky.social go, no one should feel safe working in tech giants.
I've been following Thomas for the last 8 years & I find his commitment & contribution to the IT community outstanding.
Some events in life we should take as warnings. This is one of them.
I've been following Thomas for the last 8 years & I find his commitment & contribution to the IT community outstanding.
Some events in life we should take as warnings. This is one of them.
🇪🇺 Big milestone for cybersecurity in the European Union (EU):
The EU Vulnerability Database (EUVD) is now live.
The EU is (finally) moving from theory to practice and that’s a win in protecting the critical infrastructure.🔐
✅ Supports NIS2 requirements
✅ Helps with supply chain & vuln mgmt
1/2
The EU Vulnerability Database (EUVD) is now live.
The EU is (finally) moving from theory to practice and that’s a win in protecting the critical infrastructure.🔐
✅ Supports NIS2 requirements
✅ Helps with supply chain & vuln mgmt
1/2
May 13, 2025 at 5:30 PM
🇪🇺 Big milestone for cybersecurity in the European Union (EU):
The EU Vulnerability Database (EUVD) is now live.
The EU is (finally) moving from theory to practice and that’s a win in protecting the critical infrastructure.🔐
✅ Supports NIS2 requirements
✅ Helps with supply chain & vuln mgmt
1/2
The EU Vulnerability Database (EUVD) is now live.
The EU is (finally) moving from theory to practice and that’s a win in protecting the critical infrastructure.🔐
✅ Supports NIS2 requirements
✅ Helps with supply chain & vuln mgmt
1/2
Compliance doesn't equal security. We need to stop confusing checkboxes with protection.
Often, organisations tend to chase certificates while neglecting their security posture.
Paperwork aside, we need to invest in:
📌Incident response
📌 Continuous monitoring
📌 Threat modelling
📌 Security culture
Often, organisations tend to chase certificates while neglecting their security posture.
Paperwork aside, we need to invest in:
📌Incident response
📌 Continuous monitoring
📌 Threat modelling
📌 Security culture
May 12, 2025 at 6:23 AM
Compliance doesn't equal security. We need to stop confusing checkboxes with protection.
Often, organisations tend to chase certificates while neglecting their security posture.
Paperwork aside, we need to invest in:
📌Incident response
📌 Continuous monitoring
📌 Threat modelling
📌 Security culture
Often, organisations tend to chase certificates while neglecting their security posture.
Paperwork aside, we need to invest in:
📌Incident response
📌 Continuous monitoring
📌 Threat modelling
📌 Security culture
May 10, 2025 at 11:30 AM
💰Amid a #ransomware incident, panic can set in. But paying the ransom only:
🚫 Encourages more attacks
🚫 Funds criminal operations
🚫 Provides no guarantee of data restoration or non-disclosure
Instead:
✅Invest in proper IR
✅Test backups
✅Build resilience, not reliance on hope
🚫 Encourages more attacks
🚫 Funds criminal operations
🚫 Provides no guarantee of data restoration or non-disclosure
Instead:
✅Invest in proper IR
✅Test backups
✅Build resilience, not reliance on hope
May 8, 2025 at 11:23 AM
💰Amid a #ransomware incident, panic can set in. But paying the ransom only:
🚫 Encourages more attacks
🚫 Funds criminal operations
🚫 Provides no guarantee of data restoration or non-disclosure
Instead:
✅Invest in proper IR
✅Test backups
✅Build resilience, not reliance on hope
🚫 Encourages more attacks
🚫 Funds criminal operations
🚫 Provides no guarantee of data restoration or non-disclosure
Instead:
✅Invest in proper IR
✅Test backups
✅Build resilience, not reliance on hope