Marco Giovanetti

Our own @matte_lodi is presenting #IntelOwl at #FOSDEM2023 @intel_owl @ProjectHoneynet

@rj_chap @gabriele_pippi @SettiDavide89 Kudos to @gabriele_pippi more than me ;) Thank you for appreciating our work

Great job on your "Handling a distributed cryptominer AD worm" article @mgiovamo! Kudos to @gabriele_pippi and @settidavide89 for their support! #blueteam #DFIR #cryptominer #worm certego.net/en/news/handli…

@LeemoPrevi @cesco_78 Io ho avuto problemi con la lunghezza (troppo lunga) :/

@as250 @mikko @jaykay2342 @nopnopdave @gelim @Arrfab Thank you, missed it early this year. Anyway, from my side nothing against this (the filter was deployed way before the tweet😁), but at this point I think someone stressed you until you decided to remove mirror for CentOs. Hope I wasn't one of them tbh 🤷‍♂️

@mgiovamo @mikko @jaykay2342 @nopnopdave @gelim @Arrfab Answered this already earlier in the thread: Shenanigans.

Not sure about the rationale behind centos.mirrors.as250.net having a Server header set to EICAR AV test string 🤔@as250 ?

@mikko @jaykay2342 @as250 @nopnopdave @gelim @Arrfab Everyone can set up a filter on IDSs/IPSs, but what's the point to use an EICAR string in the Server header?

@jaykay2342 @as250 @nopnopdave @mgiovamo @gelim @Arrfab Oh wow. "we currently have the following issue: one of the mirrors has the hostname set to the EICAR AntiVirus test string, and now every connection from our network to these mirrors triggers alerts"

PcapMonkey: a #pcap #analyzer provided by @Certego_IRT

How we at Certego IRT have handled multiple advanced AD compromises. certego.net/en/news/handli… Stay safe even during holidays. Merry Christmas :) @SettiDavide89 @mgiovamo @Certego_IRT #DFIR #Malware #blueteam #IncidentResponse

Se sei uno sviluppatore front-end, dai uno sguardo a questa offerta di lavoro presso Certego! lnkd.in/eQCyAgP lnkd.in/eGzzX77

@antiproprietary @Deloitte For sure more than 197

CVSS 7, my first Microsoft Word vulnerability. security feature bypass which can lead to a no-macro docx medium integrity level RCE. purple team blog post on @Certego_IRT blog will coming portal.msrc.microsoft.com/en-US/security…

We are hiring! Take a look at the following link: lnkd.in/e4eaGY7

Check out my new article about our new blog series: Advanced VBA macros: bypassing olevba static analyses with 0 hits certego.net/en/news/advanc… @Certego_IRT #RedTeam #BlueTeam #PurpleTeam #vba #olevba #oletools #ViperMonkey #defenseevasion

If anybody is interested, at @Certego_IRT we're hiring and we currently have several open positions. We are open to smart working and even to full remote positions: certego.net/en/careers/

#ransomware #italy #covid19 #fuckunicorn Website https://www.fofl.]it/ s//www.fofl.]it/IMMUNI.exe Sample app.any.run/tasks/6d0a6fbf… @guelfoweb @forensico @Certego_IRT @Ethereal_x0r @malwrhunterteam @VK_Intel @JayTHL @James_inthe_box @Arkbird_SOLG @reecdeep @BleepinComputer

We are proud to announce that Certego has joined the community of Contributors to @virustotal, the biggest aggregator of antivirus engines and website scanners certego.net/en/news/certeg…

To celebrate this new decade, I have just released a new open source tool that could help security researchers on daily #threatintelligence operations: #IntelOwl Check out the blog post for further info: certego.net/en/news/new-ye… @Certego_IRT @JAMESWT_MHT @reecdeep