Current view of the #PurpleTeam workshop. Emulating #APT33 #Ryuk #Orangeworm and #WastedLocker in a hands-on, isolated environment for each student! Thanks for hosting us @HITBSecConf #HITBCyberWeek

Next one is December 5: https://scythe.io/workshops

How do you emulate #ransomware in a secure, safe, and professional manner? Check out my talk where we consume CTI on the #EvilCorp attack on @Garmin with #WastedLocker ransomware, create a plan, and emulate it with Cobalt Strike and SCYTHE...

Excellent post on detecting and mitigating recent #ransomware attacks by @PhilHagen Covers detecting the behaviors prior to the ransomware being deployed like socgholish, cobalt strike, and lolbins. Examples include #wastedlocker #trickbot #emotet...

How do you emulate #ransomware in a secure, safe, and professional manner? Check out my talk where we consume CTI on the #EvilCorp attack on @Garmin with #WastedLocker ransomware, create a plan, and emulate it with Cobalt Strike and SCYTHE...

How do you emulate #ransomware in a secure, safe, and professional manner? Check out my talk where we consume CTI on the #EvilCorp attack on @Garmin with #WastedLocker ransomware, create a plan, and emulate it with Cobalt Strike and SCYTHE...

How do you emulate #ransomware in a secure, safe, and professional manner? Check out my talk where we consume CTI on the #EvilCorp attack on @Garmin with #WastedLocker ransomware, create a plan, and emulate it with Cobalt Strike and SCYTHE...

How do you emulate #ransomware in a secure, safe, and professional manner? Check out my talk where we consume CTI on the #EvilCorp attack on @Garmin with #WastedLocker ransomware, create a plan, and emulate it with Cobalt Strike and SCYTHE...

How do you emulate #ransomware in a secure, safe, and professional manner? Check out my talk where we consume CTI on the #EvilCorp attack on @Garmin with #WastedLocker ransomware, create a plan, and emulate it with Cobalt Strike and SCYTHE...

Attention Required! | Cloudflare

This campaign is similar to the @garmin one done by #EvilCorp to drop #wastedlocker #ransomware also leverages Cobalt Strike for initial access and lateral movement. I did a talk and demo @defcon @VillageRedTeam blog here: https://www.scythe.io/library/threatthursday-evil-corp

My talk on emulating #Ransomware in a safe manner from @defcon @VillageRedTeam is up! We looked into how @garmin was breached by #evilcorp using Cobalt Strike and then dropped #wastedlocker. I used CS & created synthetic, safe ransomware with @scythe_io

https://youtu.be/CXpHaY-2Fvw

After my presentation, someone from @TalosSecurity showed me their CTI and @SecurePeacock said 2 sub-techniques were hidden. So, I updated the JSON file for the @MITREattack Navigator Layer for #EvilCorp #WastedLocker #ransomware attack against @garmin...

redteamvillage - Twitch DEF CON Red Team Village - Ethical Hacking, Red Teamming,...

Come watch #DEFCONSafeMode #RedTeam Village talk, it is streaming now.

Covering @Garmin hack by #EvilCorp and emulating #WastedLocker #ransomware https://twitch.tv/redteamvillage

Blog: https://scythe.io/library/threatthursday-evil-corp

Slides:...

Why am I nervous? It's my first @defcon @VillageRedTeam talk at a #DEFCON and making the best of #DEFCONSafeMode!

Come watch my talk on #adversaryemulation at #redteam village. Emulating the @Garmin hack by #EvilCorp #Ransomware #WastedLocker...

In 1 hour I will be emulating the #EvilCorp #WastedLocker attack that hit @Garmin @defcon @VillageRedTeam so you too can #redteam or #purpleteam your organization and discover whether "this could happen to us" #DEFCONSafeMode #adversaryemulation

https://www.twitch.tv/redteamvillage

I will be emulating the #EvilCorp #WastedLocker attack that hit @Garmin today at 2:15pm PT @defcon @VillageRedTeam so you too can #redteam or #purpleteam your organization and discover whether "this could happen to us" #DEFCONSafeMode...

I was so focused on emulating the attack chain that #EvilCorp did on @Garmin as well as recreating the #WastedLocker #ransomware that I did not look into if Garmin paid the ransom or restored. Anyone know? @campuscodi @GossiTheDog

I will be emulating the #EvilCorp #WastedLocker attack that hit @Garmin today at 2:15pm PT @defcon @VillageRedTeam so you too can #redteam or #purpleteam your organization and discover whether "this could happen to us" #DEFCONSafeMode...

I will be emulating the #EvilCorp #WastedLocker attack that hit @Garmin tomorrow 2:15pm PT @defcon @VillageRedTeam so you too can #redteam or #purpleteam your organization and discover whether "this could happen to us" #DEFCONSafeMode...

Wow look at all the #ransomware in the news on the latest @SANSInstitute NewsBites! I did some work consuming CTI from the Garmin hack. The group is called #EvilCorp and they used #WastedLocker malware. #AdversaryEmulation talk will cover how to emulate:...

Garmin hack by #EvilCorp using #WastedLocker #ransomware will be emulated in my @VillageRedTeam #adversaryemulation #redteam talk The Cyber Threat Intelligence was good but it was not mapped to @MITREattack so I mapped it and am sharing with all of...

I will be emulating the #EvilCorp #WastedLocker attack that hit @Garmin in July on Thursday @defcon @VillageRedTeam so you too can #redteam or #purpleteam your organization and discover whether "this could happen to us" #DEFCONSafeMode...

On August 6 at 2:15pm PDT I will be giving a talk @defcon @VillageRedTeam on #adversaryemulation and emulating #ransomware Will be doing #WastedLocker given the Garmin hack in July 2020. I will be on Discord answering questions live. #redteam...