Collaborate Disseminate
SCYTHE has unveiled its latest version of the SCYTHE Core platform, introducing a number of new features designed to provide essential insight into the exploitability, impact, and prioritization of threats. SCYTHE 4.0 introduces dual-deployment options… Continue reading SCYTHE 4.0 empowers team collaboration in real-world adversarial campaigns
A vulnerability in Schneider Electric computer control systems popular in heating, air conditioning and other building systems could allow hackers to take control of them, researchers at security firm Armis warn. The remote code execution vulnerability puts millions of devices at risk, Armis said in a report out Tuesday. The affected Modicon programmable logic controllers (PLCs) are also used widely in manufacturing, automation applications and energy utilities. The vulnerability could be used to deploy a variety of attacks, from launching ransomware to altering the commands to machinery. “It’s a very wide range,” said Ben Seri, vice president of research at Armis. “It does reach on one end nation-states and sophisticated attacks in that type of scale, but it can also just be the next logical steps for ransomware attackers.” The vulnerability would allow attackers to hijack a command that would leak a password hash from the device’s memory. Once they have […]
The post Researchers find big flaw in a Schneider Electric ICS system popular in building systems, utilities appeared first on CyberScoop.
SCYTHE, a leader in continuous adversarial emulation, is introducing the SCYTHE Marketplace at the RSA Conference 2020. The SCYTHE Marketplace opens up SCYTHE’s synthetic malware creation platform to trusted third party developers so that they can turn… Continue reading SCYTHE Marketplace: Enabling corporate red teams to test the latest real world cyber threats
We welcome back Bryson Bort, who is the Founder/CEO of GRIMM. Bryson will be talking about Purple Teaming, Top Attack Simulation Scenarios, and Testing Command & Control Channels. To learn more about SCYTHE, visit: https://securityweekly.com/sc… Continue reading Purple Teaming, SCYTHE – Paul’s Security Weekly #609
With the private industrial cybersecurity market thriving, the Department of Homeland Security is continuing to push for closer coordination with experts on the front lines of defending facilities like power plants from hackers. In speeches last week to vendors, security researchers, and state officials, DHS personnel said they wanted to help put companies on a more proactive defensive posture to thwart hacking threats to industrial environments. The department has been working with ICS vendors to test security products before they go to market, but more needs to be done, Jeanette Manfra, assistant director for cybersecurity at DHS’s Cybersecurity and Infrastructure Security Agency, said last Wednesday at Hack the Capitol, an ICS security conference in Washington, D.C. “In this space, unlike really, frankly, any other, we have got to have much more capability to prevent the attacks from happening before they get in there – or at least detect them quickly so […]
The post Appealing for collaboration, DHS nudges ICS companies toward a more ‘proactive’ defense appeared first on CyberScoop.
Paul Asadoorian and Matt Alderman recorded interviews with the following vendors at RSA Conference 2019: – Endgame – Virsec – SCYTHE Full Show Notes Visit http://securityweekly.com/esw for all the latest episodes! Hosts
The post Endga… Continue reading Endgame, Virsec, & SCYTHE – Enterprise Security Weekly #130
In the Security News, 5 tips for access control from an ethical hacker, Japan is to hunt down Citizens insecure IoT devices, kid tracking watches allow attackers to monitor real time location data, and Imperva mitigate a DDoS attack generated 500 m… Continue reading Japan, Imperva, & DDoS – Paul’s Security Weekly #592
Bryson is the Founder and CEO of SCYTHE and Founder of GRIMM. He comes on the show to talk about Attack Simulation. Full Show Notes Follow us on Twitter: https://www.twitter.com/securityweekly Hosts Announcements RSA Conference 2019 is … Continue reading Bryson Bort, SCYTHE- Paul’s Security Weekly #589
SCYTHE, an Arlington, Va., based cybersecurity company, announced on Monday that it raised $3 million in seed funding for its automated red-teaming platform. The company flagship platform allows customers to simulate attack campaigns against their own networks in order to assess their defensive posture. SCYTHE says that its product uses a catalog of threats to “automatically deploy a combination of threat actor communications and end-point capabilities on the production environment.” Enterprises can customize their own adversarial campaigns then get reports on how well their systems stood up to the threat. Heading SCYTHE is Bryson Bort, a former U.S. Army officer who has worked in various cybersecurity strategy and research and development at multiple outfits. Bryson is the co-founder of ICS Village, a nonprofit that educates the public about risks to industrial control systems through live simulations. He also founded and is the chairman of GRIMM, a cybersecurity consultancy. “We’re constantly adding […]
The post SCYTHE raises $3 million for attack simulation platform appeared first on Cyberscoop.
Continue reading SCYTHE raises $3 million for attack simulation platform
Ransomware protection intercepts threats targeting enterprise data FileCloud announced FileCloud Breach Intercept, which offers ransomware protection. FileCloud offers branding and customization tools, allowing you to set your own policies, and design your own emails and alerts. Customized emails and UX reduce spoofing risk as hackers can’t run a mass spoofing unless they have an exact copy of an email from one of your employees. Nfusion 2 provides stronger misattribution environments for online investigation Ntrepid announced … More → Continue reading New infosec products of the week: October 20, 2017