October 27, 2021

The Risks of Supply Chain Corruption from IoT Devices

A recent report highlighted by the National Cyber Security Centre uncovered a 37% increase in supply chain attacks in the previous year. Unsurprisingly, this increase coincides with a growing demand to integrate Internet-of-Things (IoT) and Industrial IoT (IIoT) into company networks. Supply chain corruption via (I)IoT is an area that demands further research and attention. 

Read Now


December 8, 2022

Qakbot Reloaded

Qakbot is making the rounds once again, expanding its service as malware used by Initial Access Brokers (IAB). After a takedown attempt on Emotet and a recent pause of its operation, Qakbot and Bokbot/IceID have dominated the field as IABs. Qakbot, also known as QBot was a banking trojan at its inception but due to its modular design can be quite versatile. An important call out here is that recent cyber threat intelligence reveals Qakbot threat actors have modified their tactics, techniques, and procedures. This is precisely why we have created this new emulation.

Read Now

December 6, 2022

Purple Teaming and Financial Services

SCYTHE was recently featured by the Credit Union National Association for its work with Dupaco Community Credit Union! “You don’t need to have tens or hundreds of analysts, a blue team, a red team, or cyber-intelligence experts to implement a purple team. You just need great security people interested in researching and understanding attacks. To start, you just need one TTP and a tool capable of receiving logs and generating alerts.”

Read Now

December 1, 2022

Black Basta IOCs

Black Basta is making the news once again as our friends at SentinelLabs released new research tying the operator’s latest activity to the Russian-linked FIN7. Despite being a relatively new player in the ransomware arena, Black Basta quickly gained credibility given their novel tools and techniques.

Read Now