Sources & Methods
Blog and monthly digest of Cyber Threat Intelligence (CTI) information sources, tools, articles, events, and helpful tips sourcesmethods.com by @mattreduce.com
@bellingcat.com
Bellingcat is an independent investigative collective of researchers, investigators and citizen journalists brought together by a passion for open source research. Want to support our charity? bellingcat.com/donate
@thesilence.bsky.social
Principal analyst @vtxproject / #Synapse #APT1 report / former Mandiant Doing #threatintel before it was a thing
@criskittner.bsky.social
military strategy, geopolitical analysis, CTI, avid photographer
@cyberalliance.bsky.social
CTA is a group of cybersecurity practitioners who work together to improve the overall security of the global digital ecosystem. We are stronger together. www.cyberthreatalliance.org
@jamiemaccoll.bsky.social
Senior Research Fellow @rusi.bsky.social | Senior Research Associate @virtualroutes.bsky.social | Usually researching ransomware and cybercrime | Sometime indie landfill guitarist
@goretsky.bsky.social
@ESET Distinguished Researcher | alum of McAfee, Microsoft MVP, Tribal Voice, Zultys | Mod @Lenovo, @Neowin.Net, Scots Newsletter forums | Intel Insider Council | Repost ≠ endorse
@esetresearch.bsky.social
Security research and breaking news straight from ESET Research Labs. welivesecurity.com/research/
@threatinsight.proofpoint.com
Proofpoint's insights on targeted attacks and the cybersecurity threat landscape.
@mag00.bsky.social
Security person. Formerly @ Federal Reserve, FB, Coinbase. See Starting Up Security @ http://scrty.io
@volexity.com
A security firm providing Incident Response, Proactive Threat Assessments, Trusted Advisory, and Threat Intelligence // volexity.com
@greynoise.io
GreyNoise analyzes Internet background noise. Use GreyNoise to remove pointless security alerts, find compromised devices, or identify emerging threats.
@bhinfosecurity.bsky.social
Specializing in pen testing, red teaming, and Active SOC. We share our knowledge through blogs, webcasts, open-source tools, and Backdoors & Breaches game. blackhillsinfosec.com & poweredbybhis.com
@limacharlie.io
Security tools and infrastructure on-demand. Use LimaCharlie to automate and manage security operations at scale.
@likethecoins.bsky.social
@thedfirreport.bsky.social
Real Intrusions by Real Attackers, the Truth Behind the Intrusion. https://thedfirreport.com
@vxundergroundre.bsky.social
The largest collection of malware source code, samples, and papers on the internet. Password: infected (unofficial, this is a bot! Maintained by @yjb.bsky.social, the bot can't handle retweets, video, and maybe a few other things)
@shmoocon.bsky.social
Jan 10-12, 2025 Washington, D.C. Less 🫎 Than Ever This account is mostly used to push information. Got questions? Email us at info @ shmoocon.org.
@syrion89.bsky.social
macOS Detection Engineer at SentinelOne. Offensive Security, Malware, Reverse Engineering and Apple Security. Opinions are my own. https://syrion.me
@sentinellabs.bsky.social
We are the Threat Intelligence and Malware Analysis team of @SentinelOne https://sentinellabs.com https://labscon.io
@hultquist.bsky.social
Mandiant Intelligence at Google. CYBERWARCON and SLEUTHCON founder. Johns Hopkins professor. Army vet.
@corpen.secman.pl
Hunting ghosts in wires and boxes, Head of CTI, former NCSC-PL, PL Navy #fightingthreats | @PIVOTcon.bsky.social co-founder & Chief Meme Officer
@defcon.bsky.social
The world’s premier hacker conference. Serving the global hacker community since 1993. Defcon.org Forum.defcon.org Defcon.social
@specterops.io
Know Your Adversary - Adversary Simulation | Detection | Resilience specterops.io
@crowdstrike.com
official CrowdStrike account (check domain👆) The first cloud-native platform that protects endpoints and cloud workloads, identity & data. #WeStopBreaches. Free trial: http://crwdstr.ke/tryfalcon
@shellcromancer.io
Building something new! Used to be a security engineer @ Brex & Cloudflare. Hobbyist reverse engineer of 🍎 and 🐧 things… dogs are better than humans.
@bigbadw0lf.bsky.social
Frontline Intelligence with #AdvancedPractices 🦅 @Google Threat Intel | views are my own
@jags.bsky.social
Executive Director for Intelligence and Security Research @ SentinelOne. Distinguished Fellow and Adj Professor @ Hopkins SAIS Alperovitch Institute. Three Buddy Problem Co-Host. LABScon Founder, Cyber Paleontologist, Fourth-Party Collector.
@aaroncti.bsky.social
Founder @perspectiveintel.bsky.social - Helping small businesses make sense of cyber threats. Author of Cyber Threat Intelligence: The No-Nonsense Guide for CISOs & Security Managers. Training at Kase Scenarios! Exec/Webinars @osint-community.bsky.social
@matthewkennedy.bsky.social
Lead at Microsoft Threat Intelligence Center (MSTIC). Adjunct Faculty at Georgetown University. Penn State Alum. Tweets are my own.
@oxley.io
Amazon/AWS Threat Intelligence. @CitizenLab.ca Research Fellow. Former federal agent. Fan of space, books, technology, and Mother Nature🌪️. Personal account. 🇺🇸 🇺🇦 🇹🇼 #ThreatIntel Storm chasing: https://bsky.app/profile/wxdox.com
@webbreacher.com
Maker of WhatsMyName OSINT tool | Co-owner @ myosint.training | Finder of things and knower of secrets (IYKYK) | Always #OSINTCurious
@philofishal.bsky.social
macOS security researcher espousing no one's opinions but my own. Dogged follower of #lufc, at least until the world stops going round (IYKYK). philastokes.com
@steved3.io
Father. Grandpa. Geek. Hacker. Former journalist. Security researcher. CMO @BSidesLV.org Member: Curated Intel
@pylos.co
Threat Intel / CTI / OT / ICS / Critical Infra stuff along with other things. I genuinely care, and wish others did too. Website: pylos.co Training/Consulting: paralus.co
@attack.mitre.org
MITRE ATT&CK® - A knowledge base for describing the behavior of adversaries. Replying/Following/Reposting ≠ endorsement.
@pivotcon.bsky.social
Threat Research Conference in Malaga, Spain, 7-9 May 2025 #StayTuned #ComingSoon #PIVOTcon #PIVOTcon25 https://pivotcon.org
@selenalarson.bsky.social
cyber, dogs, sports, memes. she/her. podcaster. "bluesky's humblest resident nailfluencer 💅" - Jerry my heart is in the west 🌵🌊
@sleuthcon.bsky.social
SLEUTHCON is returning June 6th, 2025 in Arlington, VA! Join us in-person or virtually. 🎟️ Grab your tix now! | https://www.sleuthcon.com
@wylienewmark.bsky.social
cyber(punk) threat intel. cyber operations, counterintelligence, russia, iran. i see kanly today in everything. “bloody inertia interspersed with bouts of bloody frenzy.” creator: #FUZZYSNUGGLYDUCK, drilangleton, Beff Horn. opinions are my own.
@cyberwarcon.bsky.social
CYBERWARCON is a one-day conference in Arlington, VA focused on the specter of destruction, disruption, and malicious influence on our society through cyber capabilities. cyberwarcon.com
@pstirparo.bsky.social
#ThreatIntel #ICS #DFIR; ''Learning iOS Forensics'' author; #BSidesZH #BSidesBE #PIVOTcon org. @pivotcon.bsky.social https://pstirparo.ch twitter.com/pstirparo Related interests/obsessions: #ThreatHunting #CTI #YARA #CriticalThinking #Books #Obsidian
@bushidotoken.net
🇬🇧 | Senior Threat Intelligence Advisor at Team Cymru | Co-author SANS FOR589 | Co-founder Curated Intel
@invisig0th.bsky.social
Founder of The Vertex Project (@vtxproject) Father of the #APT1 Report @Mandiant. Inventor of #synapse, #vivisect, UNCs, imphash, ... DEFCON CTF Champion, Founder of Kenshoto
@vertexproject.bsky.social
We create technology for analytical teams to provide intelligence-driven insights to decision makers. For more info, visit https://vertex.link!
@hacks4pancakes.com
I am eminently qualified to speak from experience about a variety of dumpster fires. ICS DFIR at Dragos, martial artist, marksman, humanist, level 14 Neutral Good rogue, USAF retired. I post *very serious* things about infosec. Thoughts my own. Enby. 🏳️🌈
@ransomwaresommelier.com
Recorded Future - Ransomware Researcher Owner @greenarcher.io - Yours Truly, Johnny Dollar | The Press Guardian | The Clock | The Green Archer Weird mix of security, comics, photography and wine! www.greenarcher.io