Calling all Charlton Athletic fans, I have a selection of kit shirts on sale, including some stunning vintage shirts, with more to come! Check them out below! #cafc #Charlton ebay.co.uk/usr/paunewto_6…

New Blog Post!! In this one I show how and why you need to be doing threat hunting in your SOC! I also include some hunt & detection examples for Cobalt Strike and Impacket! #infosec #threathunting #cobaltstrike newtonpaul.com/a-guide-to-thr…

And when a SOC analyst makes a wrong call, it's not on them. It's on me / the leadership team. We didn't arm you with the right context...OR The evidence in the alert wasn't good enough...OR We didn't provide enough training here. "We'll do better" Own it.

New Blog Post! This is a short one, where I take a look at some sneaky phishing sites that avoid analysis by being Virtual Machine Aware. #phishing #CyberSecurity #infosec newtonpaul.com/virtual-machin…

Being included with the likes of CrowdStrike Red Canary, a Zscaler company Michael Koczwara and WithSecure Labs to name a few, feels good! 😂

"Adversaries at all levels of sophistication use Cobalt Strike beacons, and this guide is an excellent resource for hunting those beacons:" - Tony Lambert

This report on Cobalt Strike should serve as a guide to help defenders protect their networks. We have gathered all techniques & relevant detections in one writeup with some additional information to help our community. This is only a start with many more to come. #CobaltStrike

Next level swag. #CrowdStrike

Thanks to all the folks in the community doing what you do, we appreciate you: Ankit Anubhav,Katie Nickels,Will,James,Tommy M (TheAnalyst),Maxime Thiebaut,Michael Koczwara,f_462_958,@Hexacorn,@beardofbinary,Didier Stevens,Ramin Nafisi,Tony Lambert,Paul_sec

Grateful for the shoutout! Hoping to push more content next year, providing threat actors chill and the day job quietens down. 😂#infosec

How gorgeous is my baby? 🥺😭❤️ Retweet if you think so! #CatsOfTwitter #CatsOnTwitter

Because she's been on steroids for awhile now, her hair's not growing back as much (post haircut). 😭🥺 #CatsOfTwitter #cats

Share a photo of your beloved pet! Here's my 10 yr old Silver Chinchilla cat, Winter ❤️ #cats #CatsOfTwitter

Great thread showing how NOT to respond to an incident. Really highlights the need for a quick response and why having well trained analysts is so important.

The best thing that you can do for them this Easter is to save them from ending up on your dinner plate. #GoVegan 🌱

Silver Chinchillas normally are fluffy but my baby is on steroids + chemo after having had her 2x a year haircut. So now, my cat Winter looks like she has a massive head because her fluffiness is focused on her head, and her tail. 😂

The goal of any top tier Threat Hunt process should be automated hunts, where pathways are taken to generate advanced threat leads and enrichment for analysts to triage. Here’s a great blog from Rob Lowery on how you can get started lowery.tech/threat-hunting…

My first blog post in over two years, life has been keeping me busy. newtonpaul.com/svchost-analys… This quick post looks at triaging svchost making unusual DNS requests to infostealer C2 domains. #infosec #cyber #soc

Using Microsoft Dev Tunnels for C2 and Persistent Access. newtonpaul.com/tunneling-c2-t… #cyber

Following on from my last post on Microsoft Dev Tunnels, in this post, I take a look at similar functionality baked into VSCode. Remote Tunnels are increasingly being abused by threat actors, and allow for easy remote code execution. #CyberSecurity newtonpaul.com/vscode-remote-…