Threat Researcher @Trellix - My tweets are my own
Joined November 2008
- Tweets 89
- Following 385
- Followers 95
- Likes 70
11 Photos and videos
Alfred Alvarado retweeted
6 Sep 2023
ICYMI: On August 29, 2023, an FBI-led effort dismantled the Qakbot malware and botnet. Learn about the upward attack trend preceding the takedown from Daksh Kapur, @_Fritto_, and Nico Yturriaga. bit.ly/3R8uZeo
3
3
652
Law enforcement led a successful campaign to disrupt and dismantle Qakbot on August 29, 2023. @TrellixARC’s Daksh Kapur, @_Fritto_, and Nico Yturriaga share everything you need to know to understand the malware and botnet. Qakbot:
bit.ly/3R8uZeo
3
5
1,455
Alfred Alvarado retweeted
🚨 Giveaway 🚨
Do we need a reason to hold a giveaway?
We want to give away two @TCMSecurity vouchers!
(1) Practical Web Application Penetration Testing
AND
(1) Practical Ethical Hacking
All you have to do to enter is:
1️⃣ Retweet this Tweet
2️⃣ Make sure you’re following us
Winner announced tomorrow at 5:00 PM
39
187
144
27,589
23 Apr 2023
T-2: n00b pin acquired, presenting room found, n00b pin already lost 😞
3
6
341
Explore securing the software supply chain with VP Customer Advocacy, @TrellixARC Karine Ben-Simhon at the Moscone South 207 #RSAC Sandbox Stage. The panel will cover:
🛡️ Threat intelligence
📈 Recent trends
🧰 Mitigation strategies
Join her: bit.ly/3KjUlRA
1
4
3
1,915
Want to mitigate the risk of being targeted w/ LOLBins? During their #RSAC session (located in Moscone South - 153), @TrellixARC researchers @tim_hux & @_Fritto_ discuss applicable threat hunting strategies & map MITRE techniques to real world examples. bit.ly/3KjUlRA
1
1,638
Avoid being a future victim of weaponized LOLBins — join @TrellixARC security researchers @tim_hux and @_Fritto_ at #RSAC to equip yourself with relevant threat hunting tools & techniques. bit.ly/3nEd02F
2
2
2,140
9 Feb 2023
In an additional report today, the @Trellix Threat Intelligence Group talks CVE-2021-21974, providing data on telemetry gathered by our sensors & share information about activity targeting this 2yr old vuln that some have left unpatched.
trellix.com/en-us/about/news…
4
181
9 Feb 2023
The latest @Trellix report covers CVE-2023-0286, researchers Mark Bereza(@ROPsicle) & John Dunlap discuss the vulnerability as well as the litany of prerequisites & mitigating factors that limit its usefulness to attackers.
trellix.com/en-us/about/news…
3
1
251
6 Feb 2023
VMWare identified older and outdated products that have reached end of general support are those targeted in ESXiArgs Ransomware attacks. VMWare recommends upgrading to the latest supported version and disabling the OpenSLP
service in ESXi.
blogs.vmware.com/security/20…
73
Alfred Alvarado retweeted
27 Jan 2023
Lockbit ransomware group has informed us they have acquired a 3rd ransomware variant.
- Lockbit Red
- Lockbit Black
- Lockbit Green
They also have modified their ESXI ransomware variant.
Yes, they actually wrote "TLP:RED" in the image.
29
100
451
126,171
Alfred Alvarado retweeted
26 Jan 2023
HIVE ransomware group's Tor domain has been seized by EUROPOL
*No official announcement yet from United States Department of Justice or EUROPOL
21
149
679
131,985
Alfred Alvarado retweeted
21 Jan 2023
1/ DEV-0569, current distribution via #GoogleAds.
1.- #Gozi aka #Ursnif (bot) ↓
2.- #RedLine (stealer) ↓
And if the conditions are right, possibly:
3.- #CobaltStrike (C2) ↓
4.- #Royal Ransomware 💥
(No more BatLoader in the infection chain)
4
98
255
59,838
Alfred Alvarado retweeted
11 Jan 2023
🚨 Ongoing mass exploitation of CVE-2022-44877 (Centos Web Panel 7 Unauthenticated Remote Code Execution).
Source: 206.189.170.136 🇺🇸
Malicious Base64 payload is a reverse shell that connects to 206.189.170.136:9181
The scanning of CWP instances started around January 06th.
6
35
95
14,635
16 Nov 2022
Hot Off The Press - The Trellix Threat Report: Fall 2022 – Insights Ransomware Tracking trellix.com/en-us/advanced-r…
29 Sep 2022
Oh, It’s about to get real 01:15 PM tomorrow “Catch Me If You can”
Learn how to detect and address a threat hiding in a non-malicious source by diving into Living off the Land (LotL) attacks and exploring how to defend against them at Xpand Live. Register today: trellix.com/xpand
1
2
Learn how to detect and address a threat hiding in a non-malicious source by diving into Living off the Land (LotL) attacks and exploring how to defend against them at Xpand Live. Register today: trellix.com/xpand
1
1
Alfred Alvarado retweeted
26 Aug 2022
"The attack can be performed without user interaction if the management interface of the device has been configured to be internet facing."
@phLaul explains a new critical remote code execution vulnerability impacting DrayTek routers.
Read here: go.trellix.com/3dEf0D6
1
5
Join us from September 27-29 at Xpand Live for a deep dive into five relevant areas of modern security, covering everything from SecOps to #SoulfulWork and more!
▶️ ▶️ Register now: go.trellix.com/3vWBS7p
1
2
3
Join @spovolny in New Orleans on April 7th and listen to a great session titled A Case Study in Hacking Critical Infrastructure. go.trellix.com/3tqxPxR
3
8