Jorge Orchilles

September 9, 2021

ThreatThursday - Phobos Ransomware

As usual, we will consume Cyber Threat Intelligence and map it to MITRE ATT&CK. We will create an adversary emulation plan, share it on our Community Threats Github, and we will show how to Attack, Detect, and Respond to Phobos attacks.

Read Now

September 2, 2021

Threat Thursday - Hive Ransomware

The FBI released a Flash Alert on August 25, 2021 warning organizations about the Hive ransomware that has affected at least 28 organizations including Memorial Health. As usual for #ThreatThursday, we will consume the Cyber Threat Intelligence and map it to MITRE ATT&CK, we create and share an adversary emulation plan on the SCYTHE GitHub, and discuss ways to prevent, detect, and respond to this threat. 

Read Now

July 22, 2021

You can’t detect 0-day exploits but… you can detect what happens next

A zero day (or 0-day) is a vulnerability that is not known by the software vendor nor the end users. They are a great way to gain initial access into an organization without being detected. Zero days are rarely used in widespread attacks as they are a high cost to the attacker (identifying a vulnerability that has a high chance of successful exploitation).

Read Now

July 8, 2021

Threat Thursday - Exfiltration Over Web Service: Exfiltration to Cloud Storage

This #ThreatThursday is all about leveraging cloud storage to exfiltrate data. We also cover a tool that leaves credentials unsecured on the file system. In particular, we are going to look at how threat actors leverage cloud services like MEGA and use open source tools like rclone to exfiltrate data.

Read Now

June 24, 2021

Threat Thursday Top Ransomware TTPs

At SCYTHE we are constantly collaborating with industry experts and organizations. Recently, someone reached out as they are building out a ransomware readiness assessment. “We are looking for a consolidated mapping of major ransomware actors on the ATT&CK framework, like SCYTHE does for individual actors on #ThreatThursday.

Read Now

More BLOG POSTS

September 10, 2021

SCYTHE was recently selected as one of SINET’s companies to watch for 2021

SCYTHE was recently selected as one of SINET’s companies to watch for 2021, along with Corsha and DEEPFACTOR. SINET recognizes companies to watch by the value they bring in the beginning stage as a startup company. SCYTHE is continuously honored and grateful for the recognition that has been granted to us.

Read Now

September 7, 2021

T1030- Testing Data Transfer Limit Sizes

Ransomware is not the only threat. Data exfiltration can occur in many scenarios. SCYTHE can be used to test detection of data exfiltration by testing the transfer limits of data. Enjoy our latest blog by Elaine Harrison-Neukirch.

Read Now

September 7, 2021

SCYTHE named one of 101 Leading Virginia Risk Management Firms and Startups – The Future of Risk Management

SCYTHE is honored to be named one of the 101 Leading Virginia Risk Management Firms and Startups by Daily Finance.

Read Now