Verifying myself: I am woany on Keybase.io. j4guAPg049D-JylYh7zCKg5jOc5AbffYY9NJ / keybase.io/woany/sigs/j4g…

We’re hiring for our cyber crime / counter-ransomware intelligence mission. Senior analyst position, some details flexible. I promise you were are working on globally unique and important capabilities. careers.microsoft.com/us/en/job/1124…

Today we are releasing an in-depth analysis of a #NOBELIUM post-exploitation backdoor that Microsoft Threat Intelligence Center (MSTIC) refers to as #FoggyWeb, a passive & highly targeted backdoor capable of remotely exfiltrating sensitive info from a compromised AD FS server.

If you have been looking to do 🏹hunting at scale with 🛡️#MicrosoftSentinel we published a new blog to port our Network beaconing use case in #ApacheSpark via #AzureSynapse with 📔Azure ML Notebooks. First part is published .👇 #MSTIC #threathunting .techcommunity.microsoft.com/t5/microsoft-s…

Has anyone dumped PRT's via mimikatz recently? e.g. using "Sekurlsa::cloudap" function Tried replicating on both Win10 & Win11, all machines AAD joined, dsregcmd showing AzureADPrt: Yes

Updated RiskIqSharp lib, published as v1.0.0, with more API's implemented: github.com/woanware/RiskI…

New version for etw-event-dumper (v1.0.1), fixes a BOM issue on the output file. Thanks Willi Ballenthin for reporting! github.com/woanware/etw-e…

👋 Microsoft security teams are hiring. Several #MSTIC roles: •careers.microsoft.com/us/en/job/1263… (APT technical analysis required) •careers.microsoft.com/us/en/job/1246… (incident response experience preferred) •careers.microsoft.com/us/en/job/1159… (signals, data science) +partner teams: x.com/BakedSec/statu…

Not that I post too often but available at "the other place": @[email protected]

MSTIC is looking for Senior Security Researchers (Malware Reverse Engineers) in the US and Australia to join our MSTIC-RE team. This is an exciting opportunity to make a tangible difference in combating Nation State (NS/APT/DHA) and ransomware threats. jobs.careers.microsoft.com/global/en/job/…

MSTIC is hiring Threat Intel Analysts in the UK: jobs.careers.microsoft.com/global/en/job/…

Lots of MSFT jobs going at the moment: aka.ms/msticjobs 🕵️ aka.ms/ghostjobs 👻 aka.ms/dartjobs 🎯