Joined April 2009
- Tweets 1,301
- Following 949
- Followers 730
- Likes 6,161
146 Photos and videos
4 Oct 2025
Challenge accepted. Challenge completed. 💪 #FlareOn12
The last one, #9 was brutal, but I made it — 30th out of 2,500 players! Proud to have represented @ReversingLabs for the first time and placed it high on the scoreboard.
Thanks @Mandiant & @googlecloud for Flare-On 12!
1
51
2,940
Maik Morgenstern retweeted
4 Sep 2025
#flareon12 is coming in hot and fast this year and will only run for 4 weeks this year instead of the usual 6. Don't miss it! flare-on.com
3
27
91
16,509
30 Jun 2025
I don't retweet much but this is big. One of the best RE tools on Windows got even better.
We're excited to announce a major new release of x64dbg!
The main new feature is support for bitfields, enums and anonymous types, which allows all types in the Windows SDK to be represented and displayed 🔥
389
16 Oct 2024
2 weeks ago I posted the first statistics for #flareon11 Went from 2462 participants who solved Ch1 to 3652 and from 3 finishers to 64!
Challenge 2 is still the first tough test for many, only 43% of Ch1 solvers managed to do it. Followed by 5, 7 and of course the special ch9.
2
15
1,855
15 Oct 2024
And done, achieved my goal for this year: Top 100!
Lost so much time on 9, I was on the right way, but took a wrong turn and went deep down the rabbit hole.
10 was a nice final challenge! Special mentions for 5 and 7.
Learned a lot and had lots of fun!
#flareon11
3
25
2,349
4 Oct 2024
OMG, Ch7 was cruel and Ch8 was all new stuff for me, but at least faster to solve ... Seeing the flag was extremely rewarding for both though! Only 2 more to go now #flareon11
1
19
2,078
2 Oct 2024
The current #flareon11 scoreboard stats while I despair over challenge 7.
2462 people managed to complete the 1st challenge. The 2nd challenge already left 1500 people behind. Ch 5 was the next big test, stopping 400 ppl for now. And now Ch 7 is the next roadblock.
3
2
19
5,860
1 Sep 2024
Excellent summary. I always think back to that SOC manager who I asked what they look for in sandbox reports: "The overall score. We just want to know whether it is malware or not!"
It's the sad truth 😐😐😐
1 Sep 2024
Automatic sandbox analysis systems should not be used like an "antivirus scanner". That is not their purpose and they are also pretty bad at that.
Unfortunately providing an "overall score" or verdict gives the wrong impression.
3
433
3 Jun 2024
Doing a bit of vulnerability research and found this gem ... that is a good way to protect secrets such as API keys 😀
1
304
22 Mar 2024
What a fantastic day! Exciting talks in the morning during our AV-TEST Security Summit and then the most amazing AV-TEST Awards ever. Thank you for making this day a success and for being part of 20 years of AV-TEST!
22 Mar 2024
Congratulations to all winners of this year's @avtestorg Awards and many thanks to all our speakers at the AV-#Security #summit, as well as our guests, partners & friends and the whole AV-TEST team for the great work over the last 20 years! You all made this such a great event!
354
Maik Morgenstern retweeted
20 Mar 2024
The @avtestorg Security Summit is underway and we are on the lookout for interesting IT security topics!
#cybersecruity #informationsecurity #cybercrime
3
3
354
20 Mar 2024
Opened the @avtestorg Security Summit 2024 earlier today and just finished my talk about YARA. Spoiler: You still need EPP/EDR 😁
#100daysofyara #cybersecurity #endpointprotection
2
1
19
1,139
8 Mar 2024
Scary stuff. Just checked our database at @avtestorg
for the latest WdBoot.sys drivers we know. Looks like the faulty driver (check the filesize!) was introduced Feb 6th 2024, v4.18.24010.7. Drivers before that look fine.
8 Mar 2024
Not sure what led to this, but the one of the latest Defender updates pushed a completely empty WdBoot.sys driver.
21KB binary, no imports, no boot callback registration, no unload routine.
2
295
23 Feb 2024
We collected all publicly reported cyber security incidents in Europa 2023 and put it into a report. Check it out! #threatintel #cybersecurity
23 Feb 2024
Cyber-Incidents in Numbers: Year 2023 » av-test.org/en/news/cyber-in…
Since 2023, our team has dedicatedly collected and analyzed data on cyber incidents across Europe, with a particular focus on Germany.
#cybercrime #cybersecurity #internetsecurity #ransomware
5
231
20 Feb 2024
Most comprehensive thread regarding the #lockbit takedown. If you have missed the show, read this thread.
19 Feb 2024
"We can confirm that Lockbit’s services have been disrupted as a result of International Law Enforcement action – this is an ongoing and developing operation."
"Return here for more information at: 11:30 GMT on Tuesday 20th Feb."
"Operation Cronos"
🤔
1
6
5,198
7 Feb 2024
All certification tests of @avtestorg in 2024 will be run under the AMTSO standard!
Read more about my perspective about cyber security testing in the interview between me and @AMTSO
To learn about our members' perspectives on fair cybersecurity testing, you can follow our member interview series.
➡ Read our interview with Maik Morgenstern @TriggerMeHappy, CTO at @avtestorg
2
229
3 Feb 2024
Based on x.com/cyb3rops/status/175344… I created 2 rules to cover more malware using the #anydesk certificate. Florian's rules detect 396 of 421 malware, 0 FPs for 560 legitimate AnyDesk files. My rules add coverage for 24 of the 25 undetected files, 0 FPs:
github.com/mmorgens/yara/blo…
2 Feb 2024
I have created a YARA rule to detect binaries that are signed with a potentially compromised AnyDesk signing certificate
(if the PE header info isn't AnyDesk -> other binaries signed with the compromised cert)
#100DaysOfYARA #AnyDesk
github.com/Neo23x0/signature…
2
2
1,333
3 Feb 2024
Another observation for the #anydesk case: If you compare the productname that is set for the executable you get the following two graphs: Malware on the left, actual AnyDesk files on the right. Malware used the string "anydesk" in only a few occassions.
2
397