Wins, More Content, and Can’t-Miss Events!

Wins, More Content, and Can’t-Miss Events!

Has October been the busiest month of the year or what? From exciting developments to engaging events, SCYTHE has been buzzing with activity! Keep reading below to discover what we’ve been up to and what’s on the horizon for November.

What's New at SCYTHE

?? Celebrating Our Achievements! ??

A huge congratulations to our Founder & CEO Bryson ?? Bort for being recognized as a DC Tech Titan by Washingtonian Magazine for the third year in a row! Read More


Wait... that's not all ??

We’re excited to share that our product has won the 2024 Q3 Product Awards by Products That Count . A huge thank you to our incredible team for making this achievement possible! ?? Explore the winners and the Q3 Product Guide eBook.

?? Why These 6 Common Cyber Insurance Requirements Aren't Enough: The Illusion of Cybersecurity Readiness

Article by Marc Brown - VP - Sales, Product, Marketing at SCYTHE

As cyber threats grow more sophisticated, especially with AI-powered risks, the standards for obtaining cyber insurance are rising. Basic protections are no longer enough; insurers are tightening underwriting standards and narrowing coverage options. Companies must demonstrate stronger security controls, multi-factor authentication, incident response plans, and more. However, many of these requirements are check-the-box measures that fail to address the complexities of today’s threats. To ensure effective cyber insurance, the industry must adopt a more adaptive approach that includes risk-based assessments, real-time threat evaluations, and continuous validation. This shift is essential for genuinely understanding and mitigating organizations' risks in the evolving cyber landscape.

Read the full article.

We Need Your Input!

To assist with our #CyberFitness research, please take a moment to complete our 2-minute Cybersecurity Budgeting & Planning survey. Your feedback would be invaluable in shaping our understanding of current trends and needs in cybersecurity. Thank you for your participation! Participate here.

Events

October's Events You May Have Missed

Threat Thursday Recap: PowerShell Persistence Unveiled

In our recent Threat Thursday session, we explored our new threat emulation plan focused on hijacking PowerShell profiles to gain persistence. The discussion highlighted how threat actors can exploit a common PowerShell persistence mechanism by creating a script at $profile, ensuring that commands are loaded each time PowerShell is launched interactively to execute a payload.

November's Events You Won't Want to Miss

Nov 7 - Threat Thursday Live, 12 PM ET

Join us as we delve into a newly released Indicator of Compromise (IoC) for SCYTHE customers, uncovering the ClearFake PowerShell Social Engineering campaign. This sophisticated threat disguises itself as a fake browser update, hijacking clipboards and deploying malware via PowerShell. Register here.

Nov 13 - Hunting Through The SIEM (w/ Splunk), 1-4 PM ET

Join our hands-on cybersecurity workshop! Dive into threat hunting with SCYTHE and Splunk (SIEM) to detect and track multi-stage threats. Boost your skills and stay ahead of advanced cyber threats. Register here.

Cybersecurity News Roundup

?? LUNAR SPIDER's Evolving Tactics: A Threat to the Financial Sector

In October 2024, EclecticIQ analysts uncovered a malvertising campaign linked to the Russian-speaking threat actor group LUNAR SPIDER. This campaign utilized an obfuscated JavaScript downloader called Latrodectus to deploy Brute Ratel C4 malware, illustrating the group's adaptability following recent law enforcement actions. Despite the arrest of key leader Vyacheslav Penchukov, LUNAR SPIDER continues to operate and maintain connections within the cybercrime ecosystem, collaborating with other ransomware groups to facilitate sophisticated attacks on the financial sector. Analysts emphasize the importance of vigilance as LUNAR SPIDER's operations persist with resilience and innovation. Read more.

?? PSAUX Ransomware Exploits Critical CyberPanel Vulnerability

A PSAUX ransomware attack has impacted over 22,000 CyberPanel instances, exploiting a serious remote code execution (RCE) vulnerability found in versions 2.3.6 and possibly 2.3.7. Discovered by researcher DreyAnd, the flaws allow attackers to bypass authentication and execute commands with root privileges, enabling full server control. CyberPanel quickly released version 2.3.8 to address these vulnerabilities. The PSAUX ransomware, active since June, encrypts server files and leaves a ransom note. A free decryptor is now available, though users are advised to upgrade CyberPanel to the latest version immediately. Read more.

If you’ve made it this far, take the next step and watch SCYTHE's demo to discover how our platform can help keep you cyber fit: https://scythe.io/platform-demo

Marc Brown

Startup Enthusiast | CEO, CMO, CPO, VP Sales | Author | Driving Success with a Get-It-Done Mindset & Strategic Business Approach

3 周

Really looking forward to more feedback in our short 2-minute survey. https://www.surveymonkey.com/r/ZYTMTJV

要查看或添加评论,请登录

社区洞察

其他会员也浏览了