Adam Mashinchi

October 22, 2020

#ThreatThursday - FIN6

Welcome to another week of #ThreatThursday! This week’s Threat Thursday is going to be slightly different from the standard as we discuss the FIN6 Adversary Emulation plan released by MITRE Engenuity’s Center for Threat-Informed Defense. We will focus on the importance of machine-readable Cyber Threat Intelligence at the adversary behavior and TTP level, sharing adversary emulation plans, and YAML-to-JSON conversion

Read Now

October 1, 2020

#ThreatThursday - MAZE

Welcome to another edition of #ThreatThursday. This week we are excited to kick off Cybersecurity Awareness Month looking at MAZE, a ransomware threat which emerged around May 2019, predominantly affecting organizations in the USA. MAZE, like other ransomware, also has an extortion component, where exfiltration of the original data also occurs in addition to the encryption/ransom component.

Read Now

September 17, 2020

#ThreatThursday - HoneyBee

Welcome to another edition of #ThreatThursday. This week we look at Honeybee, a campaign led by an unknown actor that targets humanitarian aid organizations and has been active in Vietnam, Singapore, Argentina, Japan, Indonesia, and Canada. This post coincides with a talk I gave at EkoParty on Adversary Emulation.

Read Now

July 31, 2020

Porting Tools to SCYTHE: An SDK Proof of Concept

With the release of the SCYTHE Software Development Kit (SDK), we released two new and important components to help make the development of SCYTHE modules frictionless for third party developers: the Module Buster application and the Python3 runtime. We feel that one of the best ways for us to demonstrate how easy it is to create a new SCYTHE module is to demonstrate how we ported an open source tool, written in Python, to SCYTHE.

Read Now

June 3, 2020

SCYTHE & PlexTrac Present: Dealin' With The Data

Join Security Weekly's Tyler Robinson, SCYTHE's Adam Mashinchi, and PlexTrac's Dan DeCloss for a discussion on how to "Deal With The Data". The discussion opens with Tyler outlining common headaches that red teamers must deal with at their jobs.

Read Now

More BLOG POSTS

January 19, 2021

Why you should embrace Purple Team today

We are not introducing a new job role where you have to hire more people or have to spend more money. See, a purple team is a virtual, functional team that fosters collaboration and efficiency in testing, measuring, and improving your current cyber security people, process, and technology (security controls).

Read Now

January 14, 2021

#ThreatThursday - Egregor Ransomware with Sean Gallagher

Jorge Orchilles sits down with Sean Gallagher, a Senior Threat researcher at Sophos Labs. Sean walks us through understanding how this ransomware operates, creating an adversary emulation plan, and the best defense against a similar attack.

Read Now

January 14, 2021

#ThreatThursday - Egregor Ransomware

This week we will take a look at Egregor ransomware that has breached, exfiltrated data, and brought down multiple networks since September 2020. Stealing data before deploying ransomware has been a common modus operandi of the Egregor group.

Read Now