Your EDR sees the process, but does it see where the data went? Tomorrow at 12:00 PM ET on Threat Thursday Live, Trey Bilbrey (@tcraf7) and Tyler Casey walk through protected data exfiltration across LOLBAS abuse, C2 channels, public file hosting, and cloud storage like AWS, plus where defenders actually have a shot at catching it. Register here: hubs.ly/Q04ksbFd0 #ThreatThursdayLive #DetectionEngineering #CybersecurityEvents

#unicorndispatchlive with @snehalantani going live shortly!

The choreography gets the headlines. The entry point is password spraying. Rob Joyce (@RGB_Lights), Owner at Joyce Cyber and former Cybersecurity Director at the NSA and Trey Bilbrey (@TCraf7) on Iran's hack-and-leak playbook. The mundane stuff is what gets them in. See more of our upcoming live sessions: hubs.ly/Q04jvh4N0 #ThreatEmulation

Got some new coffee in the mix. Its definitely worth a try if you’re into unique coffee.

Huge thank you to everyone who came out to @BSidesTampa this weekend. I had an absolute blast delivering both a hands-on workshop with my good buddy Tyler Casey and the opening keynote! The conversations, questions, and energy from the community were incredible. Really appreciate everyone who spent part of their weekend volunteering, sharing ideas, and talking shop with us. Looking forward to the next one.

Four SCYTHE sessions live in June. Bring your questions. 📅 June 5 | 1 PM ET - Train Like You Fight Bryson Bort (@brysonbort) Snehal Antani (@snehalantani) on the wartime mindset for modern defenders. hubs.ly/Q04gXTM90 📅 June 11 | 12 PM ET -- Protected Data Exfiltration Tyler Casey Trey Bilbrey (@TCraf7) on moving sensitive data past controls, and what catches it. hubs.ly/Q04gXWPj0 📅 June 25 | 12 PM ET -- ChillyHell macOS Backdoor Bilbrey, Pemberton, Casey on macOS backdoor behavior detection coverage that actually holds. hubs.ly/Q04gXP4d0 📅 June 30 | 3:50 PM ET -- Oops, That Was AI Bryson Bort (@brysonbort) Erich Kron (@ErichKron) on AI-augmented social engineering, defender side. hubs.ly/Q04gX-Lb0 If you've only read about these, come watch them run. hubs.ly/Q04gXT8M0 #ThreatEmulation

Tomorrow, May 7 at 3:00 PM ET, @brysonbort sits down with Rob Joyce (@RGB_Lights), Owner at Joyce Cyber and former Cybersecurity Director at the NSA, and Trey Bilbrey (@TCraf7) for Threat Brief LIVE: Iran, Hot TTPs and State of the Threat 🦄 They'll cover Iran's current cyber posture, the active groups worth tracking, recent hits on prominent organizations, and what specific exposure looks like for US companies and critical infrastructure operators. Register here: hubs.ly/Q04fn-vd0 #ThreatEmulation #ICSecurity

Alex leads Cyber research at Southern Company - he shares how he's tested electric substation security. 🦄⚡

Seeing a lot of AI in your network? All traffic provides the ocean for hackers to swim in your network and blend into the waves. They are there, you’re just not seeing them. Notepad is the software that got the headlines, but it was AI usage it abused. 1/7

LIVE now with @infosec_fox on #Unicorndispatchlive. 🦄🎙️

I made a cool infographic to describe the PTEF (github.com/scythe-io/purple-… ) and what it provides. Thought it would be nice to put out there for those interested in getting into Purple Teaming. Its also worth giving it gander if your thinking about how you can start updating and testing against the new MITRE ATT&CK update to v19 (attack.mitre.org/resources/u… ). # PurpleTeaming #Infosec

Hey guys.. If you missed my presentation on @RedTeamVillage_ at @defcon 33 last year!.. That is your opportunity!!.. We had a great event called RTV Overflow..and I did the same presentation to you guys!.. Check the link in the comment below..and I hope to see at DEF CON 33 this year!.. #RTV #RedTeamVillage #offensivesecurity #DEFCON33 #redteam #Redteamvillage #Malwareexploitation #pdfmalicious