Log inSign up
SCYTHE
5,952 posts
user avatar
SCYTHE
@scythe_io
The most advanced attack emulation platform on the market. Know where you stand with the real thing. 🦄
Columbia, MD
scythe.io
Joined October 2017
369
Following
6,862
Followers

New to X?

Sign up now to get your own personalized timeline!

Create account

By signing up, you agree to the Terms of Service and Privacy Policy, including Cookie Use.

Terms·Privacy·Cookies·Accessibility·Ads Info·© 2026 X Corp.
Don't miss what's happening
People on X are the first to know.
Log inSign up
  • Pinned
    user avatar
    SCYTHE
    @scythe_io
    May 5
    June's lineup is stacked with data exfiltration tradecraft, macOS backdoor techniques, and AI-augmented social engineering, all grounded in what these shifts mean for detection and response. June 11 | 12:00 - 12:20 PM ET | Threat Thursday LIVE: Protected Data Exfiltration with
    493
  • user avatar
    SCYTHE
    @scythe_io
    13h
    Knowing a detection exists isn't the same as knowing it works. SCYTHE runs the technique so you don't have to guess. hubs.ly/Q04ntw3Q0 #DetectionEngineering
    104
  • user avatar
    SCYTHE
    @scythe_io
    16h
    82% of detections in 2025 were malware-free per the CrowdStrike 2026 GTR. Full article: hubs.ly/Q04nttkr0 Pull your detection rules and categorize by modality. If most require a malicious binary to fire, you're optimized for the minority of real-world adversary behavior.
    134
  • user avatar
    SCYTHE
    @scythe_io
    Jul 5
    Land on disk, then map the environment: pull users, enumerate processes by UID, and identify every AV and EDR that could become a roadblock later.  Tyler Casey on why post-access recon is the first move in every operation. See our next live sessions here:
    00:00
    207
  • user avatar
    SCYTHE
    @scythe_io
    Jul 4
    Happy 4th to our team, our partners, and the entire cybersecurity community 🇺🇸 Enjoy the downtime, you've earned it. #July4th #HappyFourth
    217
  • user avatar
    SCYTHE
    @scythe_io
    Jul 2
    PoC to ransomware campaign in days. ESET's GentleKiller breakdown: 8 BYOVD variants, 400+ targeted processes, 48 security vendors on the kill list. Full breakdown from ESET Research: hubs.ly/Q04mY27q0 Got a question? Talk to us: hubs.ly/Q04mXHWn0 #BYOVD
    181
  • user avatar
    SCYTHE
    @scythe_io
    Jul 2
    AI risk has outlasted the typical hype cycle, and the conversation has moved from speculation to executive orders directing safe testing and evaluation. Featuring Trey Bilbrey (@TCraf7) and Tim Schulz (@teschulz, @StarseerAI CEO) Catch our next live sessions:
    00:00
    198
  • user avatar
    SCYTHE
    @scythe_io
    Jul 1
    Knowing how an adversary operates is not the same as proving you can stop it. That gap is where security programs quietly lose ground. We think threat-informed defense runs on two motions, together: new threat intel validated the moment it lands, and deployed controls validated
    119
  • user avatar
    SCYTHE
    @scythe_io
    Jun 30
    Unicorn Dispatch LIVE: Oops, That Was AI: AI-Augmented Social Engineering
    300
  • user avatar
    SCYTHE
    @scythe_io
    Jun 30
    No race condition, no file on disk, no password prompt: CopyFail (CVE-2026-31431) pops root in under 200ms by corrupting the page cache. Watch Trey Bilbrey (@TCraf7) and Tyler Casey break it down live and validate detections. Register here: hubs.ly/Q04mX2-W0
    235
  • user avatar
    SCYTHE
    @scythe_io
    Jun 30
    Are your phishing simulations still training your team to look for typos and broken grammar? Join us here: hubs.ly/Q04mXfw80 today at 3:50 PM ET, @‌brysonbort and @‌ErichKron (@KnowBe4) break down how AI-augmented social engineering removes the artifacts simulations and
    172
  • user avatar
    SCYTHE
    @scythe_io
    Jun 29
    A SIEM rule that's never seen real execution is an untested hypothesis. Here's how to close that gap: hubs.ly/Q04mXwnF0 🦄 #DetectionEngineering
    176
  • user avatar
    SCYTHE
    @scythe_io
    Jun 29
    60% of SOC analysts hit false positives frequently or very frequently per the SANS 2025 Detection & Response Survey Every analyst triaging noise is an analyst not investigating a real attack. That's an adversary force multiplier. Questions? Talk to us: hubs.ly/Q04mXrBc0
    138
REPLAY
user avatar
SCYTHE
@scythe_io
Unicorn Dispatch LIVE: Oops, That Was AI: AI-Augmented Social Engineering