Jeremy Brown

109 posts

Jeremy Brown

@AlteredBytes

Coffee Lover. Nerd. Does wild stuff in network sessions. VP of Analysis @TrinityCyber

Joined Ekim 2020

647 Following325 Followers

Jeremy Brown@AlteredBytes·28 Tem

Excited to be presenting at @BlackHatEvents with a sponsored session talk - diving into hidden and impactful threats. Come see for yourself! #beyond-the-attack-hidden-threats-evolving-defense-48461" target="_blank" rel="nofollow noopener">blackhat.com/us-25/sponsore…

English

Jeremy Brown@AlteredBytes·1 Kas

@stvemillertime @TrinityCyber We got you, Steve. Full session, inline file parsing and actions like replace, remove and modify on payloads.

English

Steve YARA Synapse Miller@stvemillertime·31 Eki

My homies @TrinityCyber know whats up

English

696

Steve YARA Synapse Miller@stvemillertime·31 Eki

My first love was pcap, so I kinda hope for a resurgence of NSM/NDR, but like the -NG++ version of it

English

Jeremy Brown@AlteredBytes·5 Eyl

@stvemillertime Preeeeach

English

Steve YARA Synapse Miller@stvemillertime·4 Eyl

Garden plants left alone tend to overgrow themselves, become brittle, imbalanced, blossom less, yield less. Many do not truly thrive without routine care and aggressive pruning. I think of this often about detection rules, workflows, tools, and "the way we do things."

English

2.4K

Jeremy Brown@AlteredBytes·11 Oca

@ImposeCost Absolute madness, I tell you.

English

Jeremy Brown retweeted

GreyNoise@GreyNoiseIO·8 Kas

We cannot thank @TrinityCyber enough for providing valuable intel on CVE-2023-20198 last month. 🤝 With this information, we acted quickly and got a tag out! Grateful to be able to work together to keep our customers safe + secure.

English

3.3K

Jeremy Brown@AlteredBytes·3 May

Had a blast chatting with @JasonSWalls for his new podcast, Epik Mellon. Go check it out!

QA Cafe@qacafe

Subscribe to our #podcast, Epik Mellon, on YouTube (@EpikMellon" target="_blank" rel="nofollow noopener">youtube.com/@EpikMellon) and on your favorite podcast platform now! First episodes feature @twintersunh, our CTO, and @AlteredBytes from @TrinityCyber. #networks #cybersecurity #broadband #wifi #ipv6

English

379

Jeremy Brown@AlteredBytes·3 May

@Mao_Ware @likethecoins We’ve got an opening, can you DM me?

English

996

Brian Bartholomew@Mao_Ware·3 May

Officially on the job market today. Anyone looking for an old TI guy with a "smidge" of years under his belt, let me know. Happy to have a chat.

English

43.2K

Jeremy Brown@AlteredBytes·25 Nis

Don’t miss this hot new collab between @TrinityCyber and @GreyNoiseIO where we provide some of the latest exploits used by Mirai, including CVE-2023-1389. Sharing Intel benefits everyone. Go check it out! greynoise.io/blog/active-ex…

English

1.5K

Jeremy Brown@AlteredBytes·25 Nis

Massive win for the team! We’re honored to be protecting USAF internet traffic and working together for better outcomes.

Trinity Cyber@TrinityCyber

.@TrinityCyber and @ATT deliver a new #cybersecurity solution to the @usairforce. Our Secure Internet Gateway offers automated threat prevention at scale and will greatly enhance #cyber protections for all federal agencies. Learn more: hubs.la/Q01MF_JZ0

English

209

Jeremy Brown@AlteredBytes·21 Nis

PaperCut server exploits are in the wild; here’s how you detect the first stage: HTTP GET/POST + URI ending in “SetupCompleted” AND HTTP Response “200 OK” + header “Set-Cookie: JSESSIONID=“ with a valid token. Go hunt for this! #ThreatHunting

English

267

Jeremy Brown@AlteredBytes·19 Nis

.@TrinityCyber is actively stopping attacks on PaperCut servers connected to the internet. Exploit details are embargoed, but involve the use of JavaScript, encoded PowerShell, RMM agents and lead to ransomware. @BleepinComputer bleepingcomputer.com/news/security/…

English

2.2K

Jeremy Brown retweeted

Steve YARA Synapse Miller@stvemillertime·10 Nis

The #100DaysofYARA crew slayed it this year: big hustles fm @greglesnewich @shellcromancer @BitsOfBinary @wxs @Qutluch @notareverser @silascutler @dan__mayer @AlteredBytes @malvidin @th3_protoCOL @tlan @jstrosch @threathog @pmelson @Vert1cal_ & more. Props y'all. YARA rules.

English

4.2K

Jeremy Brown@AlteredBytes·4 Oca

@greglesnewich +1 for another great resource, UUID Global. You can research a LOT about CLSIDs in LNK files with it: uuid.pirate-server.com

English

310

Greg Lesnewich@greglesnewich·4 Oca

#100DaysofYARA LNK files often store a CLSID in the TargetID fields - the previous file we looked at (GOLDBACKDOOR) did not include this header, so I suspected looking for LNKs without that CLSID might surface some anomalies More on LNK file structure: u0041.co/blog/post/4

English

16.2K

Jeremy Brown@AlteredBytes·6 Ara

@jessjohannes Those eyes…so cute

English

Jessica Johannes@jessjohannes·6 Ara

When the fur kid gets back from the groomers and is feeling extra.

English

Jeremy Brown@AlteredBytes·23 Eki

omg 2 year Twitter anniversary, yaaaas

English

Jeremy Brown@AlteredBytes·16 Eki

@greglesnewich vCalendar and LNK files!

English

Greg Lesnewich@greglesnewich·15 Eki

Okay more feedback requested please if y’all want #100DaysofYARA for 2023! Since y’all wanted tutorials, let me know what kind of tutorials you’d like to see! Ideas include: - doc/x - PE - bulk PE similarity - general process/flow Other ideas are welcomed 😄

Greg Lesnewich@greglesnewich

If #100DaysofYARA were to happen again next year, what would people be most interested in? Anything else, throw it in a comment below! #dailyyara

English

Jeremy Brown@AlteredBytes·26 Eyl

@stvemillertime Same, bro

English

Steve YARA Synapse Miller@stvemillertime·26 Eyl

If you ask me about my data and tooling...

GIF

English

Jeremy Brown retweeted

Jim Mandelbaum@Jmandelbaum·18 Ağu

Time to listen to my latest podcast with @AlteredBytes where we talk beyond the packet and some best practices for cyber security #gigamon #cybersecurity bit.ly/3c2jVxt

English

Jeremy Brown@AlteredBytes·2 Ağu

I’m looking for an experienced (3-5 years+) threat hunter who’s comfortable with both network traffic and static file analysis. You find it, you can actively take it out with @TrinityCyber tech. This you? Shoot me a DM

English

Jeremy Brown@AlteredBytes·25 Haz

Having grown up in a state that’s got trigger laws going into effect as we speak - I’m beyond disappointed at SCOTUS ruling. This is a brutal attack on women’s health, bodily autonomy, and a 50 year regression for America. I’ll always support the right to choose.

English

Discover

@BlackHatEvents @stvemillertime @TrinityCyber @ImposeCost @JasonSWalls @Mao_Ware @likethecoins @GreyNoiseIO