Share this page!

Enter URL or ID to Unroll

You can paste full URL like: https://x.com/threadreaderapp/status/1644127596119195649
or just the ID like: 1644127596119195649

How to get URL link on X (Twitter) App

  1. On the Twitter thread, click on or icon on the bottom
  2. Click again on or Share Via icon
  3. Click on Copy Link to Tweet
  4. Paste it above and click "Unroll Thread"!
  5. More info at Twitter Help
Intezer Profile picture
Intezer
@IntezerLabs
Leave the SOC grunt work to Intezer. Automatically triage alerts 24/7, respond faster, and cut out noise & false positives. Try free: https://t.co/7NqZ3ZU0OO
May 9, 2023 5 tweets 2 min read
Incident Response Tip ⚡
When you need to open a file in a text editor to inspect its raw data during an investigation, here are 4 useful #VScode plugins to inspect different non-binary file types.
A thread 🧵 (1/4 useful IR plugins) Email - highlights the syntax of .eml files. marketplace.visualstudio.com/items?itemName… Image
May 19, 2022 4 tweets 2 min read
Here's a tip for creating Sigma rules.

Sometimes you want to keep your rule strict to avoid false positives, but other times it can be useful to add relevant info.

Thread 🧵

intezer.com/blog/threat-hu… Image e.g. Emotet uses Word documents so you can extend the rule to include detection of cmd processes that execute Word, Excel, and PowerPoint. This way the detection will cover other variants of the threat.

Keep reading intezer.com/blog/threat-hu…