Dark | Light
[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

# ![@cyb3rops Avatar](https://lunarcrush.com/gi/w:26/cr:twitter::1538299243.png) @cyb3rops Florian Roth ⚡️

Florian Roth ⚡️ posts on X about agencies, microsoft, devs, backup the most. They currently have XXXXXXX followers and XXX posts still getting attention that total XXXXXX engagements in the last XX hours.

### Engagements: XXXXXX [#](/creator/twitter::1538299243/interactions)
![Engagements Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1538299243/c:line/m:interactions.svg)

- X Week XXXXXXX -XX%
- X Month XXXXXXX +0.21%
- X Months XXXXXXXXX +24%
- X Year XXXXXXXXX +15%

### Mentions: XX [#](/creator/twitter::1538299243/posts_active)
![Mentions Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1538299243/c:line/m:posts_active.svg)

- X Week XX -XX%
- X Month XX +20%
- X Months XXX +20%
- X Year XXX +92%

### Followers: XXXXXXX [#](/creator/twitter::1538299243/followers)
![Followers Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1538299243/c:line/m:followers.svg)

- X Week XXXXXXX +0.20%
- X Month XXXXXXX +0.86%
- X Months XXXXXXX +5.30%
- X Year XXXXXXX +9.50%

### CreatorRank: XXXXXXX [#](/creator/twitter::1538299243/influencer_rank)
![CreatorRank Line Chart](https://lunarcrush.com/gi/w:600/cr:twitter::1538299243/c:line/m:influencer_rank.svg)

### Social Influence [#](/creator/twitter::1538299243/influence)
---

**Social category influence**
[stocks](/list/stocks)  XXXX% [technology brands](/list/technology-brands)  XXXX% [countries](/list/countries)  XXXX% [luxury brands](/list/luxury-brands)  XXXX% [automotive brands](/list/automotive-brands)  XXXX% [finance](/list/finance)  XXXX% [travel destinations](/list/travel-destinations)  XXXX%

**Social topic influence**
[agencies](/topic/agencies) 1.28%, [microsoft](/topic/microsoft) 0.64%, [devs](/topic/devs) 0.64%, [backup](/topic/backup) 0.64%, [guam](/topic/guam) 0.64%, [token](/topic/token) 0.64%, [$4732t](/topic/$4732t) 0.64%, [activities](/topic/activities) 0.64%, [radar](/topic/radar) 0.64%, [login](/topic/login) XXXX%

**Top accounts mentioned or mentioned by**
[@justwanttoq1](/creator/undefined) [@kolekoyote556](/creator/undefined) [@uk_daniel_card](/creator/undefined) [@grok](/creator/undefined) [@cyberdivergent](/creator/undefined) [@shotgunner101](/creator/undefined) [@tank23x0](/creator/undefined) [@i_paronomasiac](/creator/undefined) [@notnordgaren](/creator/undefined) [@mishkasfox](/creator/undefined) [@james_inthe_box](/creator/undefined) [@moltar81435](/creator/undefined) [@splunk](/creator/undefined) [@s1ck0fall](/creator/undefined) [@visegrad24](/creator/undefined) [@thedonutpuncher](/creator/undefined) [@croodsolutions](/creator/undefined) [@wessorh](/creator/undefined) [@huntresslabs](/creator/undefined) [@hackinglz](/creator/undefined)

**Top assets mentioned**
[Microsoft Corp. (MSFT)](/topic/microsoft) [Crowdstrike Holdings Inc (CRWD)](/topic/crowdstrike)
### Top Social Posts [#](/creator/twitter::1538299243/posts)
---
Top posts by engagements in the last XX hours

"Interesting"  
[X Link](https://x.com/cyb3rops/status/1976536982743363682) [@cyb3rops](/creator/x/cyb3rops) 2025-10-10T06:35Z 208.2K followers, 28.4K engagements


"Linux keeps getting more attractive not because its devs suddenly mastered UX but because Apple and Microsoft keep alienating their users. Apple hasnt shipped anything useful in a decade apart from Memoji and Microsofts busy forcing everyone into its Copilot-powered cloud. If someone really manages to make Linux easy to use hassle-free aesthetically pleasing and simple to install and set up it could become the best alternative for desktop users. Im actually using the Arch-based Omarchy right now and I like where its going - it already ticks a lot of those boxes. Microsoft on the other hand is"  
[X Link](https://x.com/cyb3rops/status/1975621966297002345) [@cyb3rops](/creator/x/cyb3rops) 2025-10-07T17:59Z 208.2K followers, 103K engagements


"fully agree with Kevin"  
[X Link](https://x.com/cyb3rops/status/1976067291885470033) [@cyb3rops](/creator/x/cyb3rops) 2025-10-08T23:28Z 208.2K followers, 123.6K engagements


"Base64 protected backups"  
[X Link](https://x.com/cyb3rops/status/1977026553260421149) [@cyb3rops](/creator/x/cyb3rops) 2025-10-11T15:00Z 208.1K followers, 38.9K engagements


"In a world where threat actors gain access to legitimate accounts through token theft or password spraying and then operate like normal users to stay under the radar understanding baseline user behavior is crucial. They may behave like normal users for a while but eventually they have to begin reconnaissance pivoting privilege escalation data exfiltration or other malicious activities. You need the right tools data and expertise to recognize when their behavior deviates from the norm"  
[X Link](https://x.com/cyb3rops/status/1876257836801659389) [@cyb3rops](/creator/x/cyb3rops) 2025-01-06T13:21Z 208.1K followers, 15.4K engagements


"@wessorh Because YARA is strong in string matching Using it for hash or entropy calculations is like using a Ferrari to transport fire wood 🪵"  
[X Link](https://x.com/cyb3rops/status/1978496742652834062) [@cyb3rops](/creator/x/cyb3rops) 2025-10-15T16:22Z 208.2K followers, XXX engagements


"What really bothers me is that neither F5s statement nor the attestation letters from NCC Group or IOActive mention when the breach actually happened. They only say that F5 learned about it in August 2025. Thats not when it started. There must be forensic evidence pointing to the first signs of compromise - timestamps login traces file access logs anything. Was it weeks before they noticed Months Maybe even years They dont say. Not even approximately. When companies omit that detail its usually one of two things: - They genuinely have no clue when the attackers got in (which would be"  
[X Link](https://x.com/cyb3rops/status/1978543001417736448) [@cyb3rops](/creator/x/cyb3rops) 2025-10-15T19:26Z 208.2K followers, 74.3K engagements


"Guys Im done correcting crappy YARA rules in public repos. Let them use that junk to train their LLMs - itll keep us detection engineers relevant for a while longer"  
[X Link](https://x.com/cyb3rops/status/1978418102762189108) [@cyb3rops](/creator/x/cyb3rops) 2025-10-15T11:10Z 208.2K followers, 31.6K engagements


"Extradite him to the US and put him in prison for life. Industrial espionage like this doesnt just steal data or disrupt operations. It wipes out decades of research and development that others have paid for. It gives them a shortcut through time and money skipping the hard work in engineering chemistry and healthcare. It undermines the technological lead of entire industries and drags down the living standards of millions of people - and generations - in the affected countries. Shorter life expectancy weaker healthcare higher costs of living more poverty more crime more cold-related deaths."  
[X Link](https://x.com/cyb3rops/status/1978410915331441082) [@cyb3rops](/creator/x/cyb3rops) 2025-10-15T10:41Z 208.2K followers, 36.7K engagements


"Nice - CrowdStrikes blog contains some logs and IOCs CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)"  
[X Link](https://x.com/cyb3rops/status/1975300386149048789) [@cyb3rops](/creator/x/cyb3rops) 2025-10-06T20:41Z 208.2K followers, 24.4K engagements


"Cisco just confirmed that multiple zero-days against ASA/FTD VPN web services were exploited in the wild. CISA followed up with an Emergency Directive ordering federal agencies to inventory patch or disconnect affected devices. The last X Cisco advisories are directly tied to this campaign: - CVE-2025-20333 - RCE (CVSS 9.9) - CVE-2025-20363 - RCE (CVSS 9.0) - CVE-2025-20362 - Unauthorized access (CVSS 6.5) Ciscos own report details persistence in ROMMON on legacy ASA 5500-X devices without Secure Boot. Attacker activity includes malware implantation command execution log tampering and even"  
[X Link](https://x.com/cyb3rops/status/1971524546210508887) [@cyb3rops](/creator/x/cyb3rops) 2025-09-26T10:37Z 208.2K followers, 172.2K engagements


"Many commented that determining when a breach began depends on how long the victim retains its logs. Thats simply not true. Log data is just one piece of forensic evidence and often not even the most reliable. Analysts can build timelines from dozens of other artifacts file system timestamps registry entries MFT records shim cache user account creation events leftover temporary files scheduled tasks jump lists browser traces and more. Even with minimal log retention theres usually enough forensic residue to approximate when the first malicious activity occurred. So no it doesnt all depend on"  
[X Link](https://x.com/cyb3rops/status/1978960478391976197) [@cyb3rops](/creator/x/cyb3rops) 2025-10-16T23:05Z 208.2K followers, 23.2K engagements

[GUEST ACCESS MODE: Data is scrambled or limited to provide examples. Make requests using your API key to unlock full data. Check https://lunarcrush.ai/auth for authentication information.]

@cyb3rops Avatar @cyb3rops Florian Roth ⚡️

Florian Roth ⚡️ posts on X about agencies, microsoft, devs, backup the most. They currently have XXXXXXX followers and XXX posts still getting attention that total XXXXXX engagements in the last XX hours.

Engagements: XXXXXX #

Engagements Line Chart

  • X Week XXXXXXX -XX%
  • X Month XXXXXXX +0.21%
  • X Months XXXXXXXXX +24%
  • X Year XXXXXXXXX +15%

Mentions: XX #

Mentions Line Chart

  • X Week XX -XX%
  • X Month XX +20%
  • X Months XXX +20%
  • X Year XXX +92%

Followers: XXXXXXX #

Followers Line Chart

  • X Week XXXXXXX +0.20%
  • X Month XXXXXXX +0.86%
  • X Months XXXXXXX +5.30%
  • X Year XXXXXXX +9.50%

CreatorRank: XXXXXXX #

CreatorRank Line Chart

Social Influence #

Social category influence stocks XXXX% technology brands XXXX% countries XXXX% luxury brands XXXX% automotive brands XXXX% finance XXXX% travel destinations XXXX%

Social topic influence agencies 1.28%, microsoft 0.64%, devs 0.64%, backup 0.64%, guam 0.64%, token 0.64%, $4732t 0.64%, activities 0.64%, radar 0.64%, login XXXX%

Top accounts mentioned or mentioned by @justwanttoq1 @kolekoyote556 @uk_daniel_card @grok @cyberdivergent @shotgunner101 @tank23x0 @i_paronomasiac @notnordgaren @mishkasfox @james_inthe_box @moltar81435 @splunk @s1ck0fall @visegrad24 @thedonutpuncher @croodsolutions @wessorh @huntresslabs @hackinglz

Top assets mentioned Microsoft Corp. (MSFT) Crowdstrike Holdings Inc (CRWD)

Top Social Posts #

Top posts by engagements in the last XX hours

"Interesting"
X Link @cyb3rops 2025-10-10T06:35Z 208.2K followers, 28.4K engagements

"Linux keeps getting more attractive not because its devs suddenly mastered UX but because Apple and Microsoft keep alienating their users. Apple hasnt shipped anything useful in a decade apart from Memoji and Microsofts busy forcing everyone into its Copilot-powered cloud. If someone really manages to make Linux easy to use hassle-free aesthetically pleasing and simple to install and set up it could become the best alternative for desktop users. Im actually using the Arch-based Omarchy right now and I like where its going - it already ticks a lot of those boxes. Microsoft on the other hand is"
X Link @cyb3rops 2025-10-07T17:59Z 208.2K followers, 103K engagements

"fully agree with Kevin"
X Link @cyb3rops 2025-10-08T23:28Z 208.2K followers, 123.6K engagements

"Base64 protected backups"
X Link @cyb3rops 2025-10-11T15:00Z 208.1K followers, 38.9K engagements

"In a world where threat actors gain access to legitimate accounts through token theft or password spraying and then operate like normal users to stay under the radar understanding baseline user behavior is crucial. They may behave like normal users for a while but eventually they have to begin reconnaissance pivoting privilege escalation data exfiltration or other malicious activities. You need the right tools data and expertise to recognize when their behavior deviates from the norm"
X Link @cyb3rops 2025-01-06T13:21Z 208.1K followers, 15.4K engagements

"@wessorh Because YARA is strong in string matching Using it for hash or entropy calculations is like using a Ferrari to transport fire wood 🪵"
X Link @cyb3rops 2025-10-15T16:22Z 208.2K followers, XXX engagements

"What really bothers me is that neither F5s statement nor the attestation letters from NCC Group or IOActive mention when the breach actually happened. They only say that F5 learned about it in August 2025. Thats not when it started. There must be forensic evidence pointing to the first signs of compromise - timestamps login traces file access logs anything. Was it weeks before they noticed Months Maybe even years They dont say. Not even approximately. When companies omit that detail its usually one of two things: - They genuinely have no clue when the attackers got in (which would be"
X Link @cyb3rops 2025-10-15T19:26Z 208.2K followers, 74.3K engagements

"Guys Im done correcting crappy YARA rules in public repos. Let them use that junk to train their LLMs - itll keep us detection engineers relevant for a while longer"
X Link @cyb3rops 2025-10-15T11:10Z 208.2K followers, 31.6K engagements

"Extradite him to the US and put him in prison for life. Industrial espionage like this doesnt just steal data or disrupt operations. It wipes out decades of research and development that others have paid for. It gives them a shortcut through time and money skipping the hard work in engineering chemistry and healthcare. It undermines the technological lead of entire industries and drags down the living standards of millions of people - and generations - in the affected countries. Shorter life expectancy weaker healthcare higher costs of living more poverty more crime more cold-related deaths."
X Link @cyb3rops 2025-10-15T10:41Z 208.2K followers, 36.7K engagements

"Nice - CrowdStrikes blog contains some logs and IOCs CrowdStrike Identifies Campaign Targeting Oracle E-Business Suite via Zero-Day Vulnerability (now tracked as CVE-2025-61882)"
X Link @cyb3rops 2025-10-06T20:41Z 208.2K followers, 24.4K engagements

"Cisco just confirmed that multiple zero-days against ASA/FTD VPN web services were exploited in the wild. CISA followed up with an Emergency Directive ordering federal agencies to inventory patch or disconnect affected devices. The last X Cisco advisories are directly tied to this campaign: - CVE-2025-20333 - RCE (CVSS 9.9) - CVE-2025-20363 - RCE (CVSS 9.0) - CVE-2025-20362 - Unauthorized access (CVSS 6.5) Ciscos own report details persistence in ROMMON on legacy ASA 5500-X devices without Secure Boot. Attacker activity includes malware implantation command execution log tampering and even"
X Link @cyb3rops 2025-09-26T10:37Z 208.2K followers, 172.2K engagements

"Many commented that determining when a breach began depends on how long the victim retains its logs. Thats simply not true. Log data is just one piece of forensic evidence and often not even the most reliable. Analysts can build timelines from dozens of other artifacts file system timestamps registry entries MFT records shim cache user account creation events leftover temporary files scheduled tasks jump lists browser traces and more. Even with minimal log retention theres usually enough forensic residue to approximate when the first malicious activity occurred. So no it doesnt all depend on"
X Link @cyb3rops 2025-10-16T23:05Z 208.2K followers, 23.2K engagements

@cyb3rops
/creator/twitter::cyb3rops