Taylor Parizo

@[email protected]
464 Followers
238 Following
1.4K Posts
Threat Hunting and former Threat Intelligence | “Doubt is not a pleasant state, but certainty is a ridiculous one” - Voltaire
Bloghttps://blog.axelarator.net/
PixelFedhttps://pixel.infosec.exchange/taylorparizo
Taylor Parizo2d ago
Might be time to sell my 32Gb of RAM for a network switch. #FCC
Taylor Parizo3d ago

MOIST KEYCHAIN!? We cannot be serious 😂

In early February 2026, the Iranian state-aligned cyber espionage group MuddyWater (also tracked as Seedworm, MERCURY, Static Kitten, MOIST KEYCHAIN, and Mango Sandstorm)
https://krypt3ia.wordpress.com/2026/03/20/threat-intelligence-report-mango-sandstorm-indoor-fakeset-activity/
#ThreatIntel

Threat Intelligence Report: MANGO SANDSTORM Dindoor / Fakeset Campaign

Date: March 2026By: Krypt3ia Executive Summary In early February 2026, the Iranian state-aligned cyber espionage group MuddyWater (also tracked as Seedworm, MERCURY, Static Kitten, and Ma…

Krypt3ia
Taylor Parizo4d ago
Nice list. Some tools have a lot of feature overlap which make enrichment much easier. I’m in Censys, Validin, and Hunt.io (didn’t see mentioned) almost daily. I need to familiarize myself with using BGP tables more though.
https://github.com/curated-intel/Attribution-to-IP
GitHub - curated-intel/Attribution-to-IP: A collection of methods to learn who the owner of an IP address is.

A collection of methods to learn who the owner of an IP address is. - curated-intel/Attribution-to-IP

GitHub
Taylor Parizo6d ago
We got a Telnet vulnerability older than some GTA 6 developers.
Taylor ParizoMar 12
I've been habitually taking my camera with me when I go out so I take more photos. I thought I'd take more at the museum over the weekend but only ended up taking one. Not even mad because this is one of the more creative ones in a long time. Inside looking out a window so I metered the window light rather than the average room light.
#Fujifilm
Show threadTaylor ParizoMar 6

One more for good measure because why not:

host.services.cert.parsed.issuer_dn="cgWUqATNuKVKop+/nRG88+u7AEo2ulPc/6DzDNJyq3Q"

#ThreatIntel #CTI #MuddyWater

Show threadTaylor ParizoMar 5

The second html_title query has been updated to:

host.services.endpoints.http.html_title={"McCluskey", "MotoGP Fans Deutschland"}

Taylor ParizoMar 4

Censys queries to track CharmingKitten / MuddyWater

host.services.endpoints.http.body_hash_sha256="de3b9b38fc63a27bc8899a1cdba4130347b3a76d8a694245aa7f018cce693d11"



host.services.endpoints.http.html_title="McCluskey"



host.services:((software.cpe="cpe:2.3:a:microsoft:internet_information_services:10.0:*:*:*:*:*:*:*" or hardware.cpe="cpe:2.3:a:microsoft:internet_information_services:10.0:*:*:*:*:*:*:*" or operating_systems.cpe="cpe:2.3:a:microsoft:internet_information_services:10.0:*:*:*:*:*:*:*") and endpoints.http.html_title="URL Shortener")

#ThreatIntel #CTI

Taylor ParizoMar 3
I’ve gone down the hyprland rabbit hole. Doomscrolling has been replaced by modifying config files.
#Hyprland
Show threadTaylor ParizoFeb 27
Yeah this sums it up. #threatintel