Maril Vernon

May 12, 2022

Actionable Purple Teaming: Why and How You Can (and Should) Go Purple

If you are curious about the emerging and maturing concept of purple teaming in cybersecurity, look no further. Purple teaming power houses Chief Technology Officer Jorge Ochilles from SCYTHE, Purple Team Lead and Senior Security Engineer Maril Vernon from Aquia, and Founder and CEO Dan DeCloss of PlexTrac recently combined forces to discuss why and how you need to get started in purple teaming as a way to be more proactive and mature your cybersecurity program.

Read Now


July 28, 2022

Threat Emulation: Qakbot

Welcome to the July 2022 SCYTHE #ThreatThursday! This edition features an emulation of Qakbot, a piece of malware that is no stranger to the threat intel community.

Read Now

June 30, 2022

Windows Telemetry Persistence

June’s Threat Thursday will focus on a unique persistence method that is not widely used by threat actors, but works all the way through at least Windows 11 21H2. In 2020 a few researchers from TrustedSec outlined a unique method of persistence that leverages Windows Telemetry.

Read Now

May 30, 2022

Breaking: Follina (MSDT) Vulnerability

There’s a new vulnerability abusing the ms-msdt protocol handler to execute arbitrary code in Office. Since “msdt vulnerability” is hard to track, Kevin Beaumont dubbed this vulnerability Follina (and we’ll continue to use that nomenclature in this post).

Read Now