What would you do if your company’s IT devices were discovered to be part of a botnet? In October 2018, dozens of companies’ Hadoop servers were found to be compromised and participating in a self-replicating botnet. The botnet’s malware was able to install itself via a vulnerability in Hadoop that had been publicly known for […]
The SCYTHE team is excited to announce that our latest release gives you the power of Atomic Red Team with all the automation and ease of use of the SCYTHE platform. Plus, you can now create and share your own SCYTHE threats allowing the ecosystem of adversary simulation to expand via the community! What’s new in version 2.4? Signature
Introduction *hacker voice* “I’m in” is a Hollywood-esque phrase you’ve probably heard before. But how does someone actually do that? Do you wear a hoodie and change your terminal text to bright green? You could, but that won’t be of much help. Bypassing authentication is when an attacker gains access to an application, service, or
As the cybersecurity industry continues to evolve, the use of certain terminology is changing and becoming more prevalent; such as the increased mention of Red Teams and Blue Teams inside boardrooms and IT departments. With the use of these terms, it is also means their definitions can be broad or confusing, sometimes becoming interchangeable with
Many of the conveniences brought via modern tools, operating systems, and applications also bring means for an adversary to execute actions while under the guise of a valid service. This is seen distinctly in the increased use of Fileless Malware. Fileless Malware can be broadly defined as execution of malicious instructions in memory with no
With the news that ransomware attacks are on the decline, in favor of crypto-mining (aka “crypto-jacking”), it is tempting to now reshuffle your enterprise’s defensive priorities based on the adversary trends. But before you retask your Blue Team to focus on researching cryptocurrency miners, let’s take a moment and remember a few key fundamental facts about ransomware,
When I started GRIMM, I had a vision to tackle the greatest cybersecurity challenges that face our clients, industry and the greater business and government communities. Two and a half years ago, one of those challenges was brought to the company because of our reputation. A Fortune 50 company had been breached and suffered significant damages.
Earlier today we announced that we raised $3 million in an initial funding round led by the co-founder of Tenable, Ron Gula of Gula Tech Adventures. This investment will help accelerate our ability to deliver our attack simulation platform and drive new product development. We’ve planned a roadmap of new features and innovations that will disrupt the
Today, SCYTHE unveiled unique enhancements to the SCYTHE attack simulation platform. This release allows measuring effectiveness of an enterprise’s security controls with granularity and prioritizing areas for real action across the entire enterprise against your people, technology or processes easier than ever before. Highlights: Campaign Automation Be creative and make your job easier than ever!
August is right around the corner, our favorite time of the year – Black Hat and DEF CON! SCYTHE is gearing up for a great week in Las Vegas – and we’re especially excited because this is our first official hacker summer camp since officially launching the company last October. Here’s a bit of what