October 27, 2021

The Risks of Supply Chain Corruption from IoT Devices

A recent report highlighted by the National Cyber Security Centre uncovered a 37% increase in supply chain attacks in the previous year. Unsurprisingly, this increase coincides with a growing demand to integrate Internet-of-Things (IoT) and Industrial IoT (IIoT) into company networks. Supply chain corruption via (I)IoT is an area that demands further research and attention. 

Read Now


July 28, 2022

Threat Emulation: Qakbot

Welcome to the July 2022 SCYTHE #ThreatThursday! This edition features an emulation of Qakbot, a piece of malware that is no stranger to the threat intel community.

Read Now

June 30, 2022

Windows Telemetry Persistence

June’s Threat Thursday will focus on a unique persistence method that is not widely used by threat actors, but works all the way through at least Windows 11 21H2. In 2020 a few researchers from TrustedSec outlined a unique method of persistence that leverages Windows Telemetry.

Read Now

May 30, 2022

Breaking: Follina (MSDT) Vulnerability

There’s a new vulnerability abusing the ms-msdt protocol handler to execute arbitrary code in Office. Since “msdt vulnerability” is hard to track, Kevin Beaumont dubbed this vulnerability Follina (and we’ll continue to use that nomenclature in this post).

Read Now