As we navigate towards the midway-point of 2022, and despite current uncertainty over the company’s ownership, there is no doubt that Twitter remains cybersecurity’s favorite social media sharing platform. Whether you’re looking for the latest news on ransomware attacks and cybercrime, APTs and cyber war, digital forensics and incident response, malware outbreaks or reverse engineering, Twitter has it all and more.
Infosec is all about sharing knowledge, and on Twitter you’ll find our industry’s finest and brightest doing just that. So who should you be following in 2022 to stay up with current events, expand your knowledge and learn about new skills and resources? We’ve hand-picked 22 essential cybersecurity accounts for you to follow in 2022. While some you will find on our lists from previous years, there’s plenty of new, interesting and influential tweeters to discover on this year’s roster, too. Let’s check it out!
Kim Zetter is a San Francisco-based journalist who has been writing about cybersecurity, national security and election security for over a decade. Author of a bestselling and authoritative book on Stuxnet, @KimZetter is an account where you will find the best in cybersecurity-related journalism.
"[Journalists] are not neutral chroniclers of this descent into authoritarianism… we have skin in the game. For journalism to survive, democracy must survive — the two need each other." https://t.co/MG3yM0Zzjj— Kim Zetter (@KimZetter) May 19, 2022
Reverse engineer and zero-day exploit expert, Maddie Stone works as a security researcher at Google Project Zero and is a regular con speaker. Her twitter account @maddiestone is essential for anyone wanting to keep up with the latest bugs and zero-day discoveries.
CVE-2022-22675 is an iOS/macOS in-the-wild 0-day in AppleAVD that was patched in March #itw0dayshttps://t.co/5xNZhGHdQK— Maddie Stone (@maddiestone) May 17, 2022
Florian Roth is a detection engineer who is probably best known for his YARA and IOC THOR APT scanner. Florian also has a vast collection of free tools and detection utilities available on github. Florian’s feed @cyb3rops contains an unmissable mix of original and curated content focusing on the latest threats and threat detection.
If someone exploits the vulnerable F5 boxes on the mgmt port from the Internet to run 'rm -rf /*'Is it mostly likelyA. a threat actor trying to cause havocB. school kid using curlC. unsolicited help with the decommissioning so that real TAs can't use them to ransom the org— Florian Roth (@cyb3rops) May 11, 2022
Catalin has featured on our list in the past, and even though he now describes himself as an “Ex-cybersecurity reporter” after having moved to work on newsletters for podcasting outlet RiskyBiz, his Twitter feed @campuscodi is still a goldmine of curated cybersecurity news and intel that’s not to be missed.
Stack Overflow under attack: what we learned about handling DDoS attackshttps://t.co/H9bWuwqgxK pic.twitter.com/A2gFgd22Ae— Catalin Cimpanu (@campuscodi) May 22, 2022
Christopher is a Microsoft Threat Intelligence Center crimeware researcher, former incident responder and security architect. Follow @cglyer to stay on top of the latest malware outbreaks and developing news around ransomware and cybercrime.
The cybercrime economy has industrialized over the last 4 years since human operated ransomware burst onto the sceneCome for the @MsftSecIntel compendium of the ransomware ecosystem…stay for the hardening recommendations to help reduce your riskhttps://t.co/5OkI3b7TG3— Christopher Glyer (@cglyer) May 11, 2022
Billy Leonard is Global Head of Analysis of State Sponsored Hacking and Threats at Google Threat Analysis Group (TAG). While that sure is a lot of nouns, it all translates into a Twitter account worth following if you are interested in shares of IoCs and other valuable info pertaining to the latest threat actor activity.