Unicorn Library

By Trey Bilbrey | March 20, 2026

MuddyWater Displaying New Tactics and Intriguing Malware

How MuddyWater Leveled Up Its Game.

Topics:

#threatthursday, Red Team, Purple Team, CTI, APT, Knowledge sharing, adversarial emulation

By Christopher Peacock | February 9, 2023

Making Procedure-Level Intelligence Actionable for Defenders

Have you ever wondered if you could catch malicious actors if they got past...

Topics:

Blue Team, Purple Team, CTI, Detection Engineering

By Jake Williams | May 30, 2022

Breaking: Follina (MSDT) Vulnerability

There’s a new vulnerability abusing the ms-msdt protocol handler to execute...

Topics:

Red Team, Blue Team, CTI

By Jake Williams | April 12, 2022

Why is SCYTHE Building a CTI Team?

Over the course of my cybersecurity career, I’ve been fortunate to work in...

Topics:

Blue Team, CTI

By Christopher Peacock | March 16, 2022

Summiting the Pyramid of Pain: The TTP Pyramid

A Special Thanks The TTP Pyramid expands David Bianco’s Pyramid of Pain. We...

Topics:

Blue Team, Purple Team, CTI, Blue Feature

By Nathali Cano | February 4, 2022

Breaking Down LOLBAS Attacks With The Help Of Hunter-gatherers

A few weeks ago , while watching the Hadza: Last of the First documentary, I...

Topics:

Blue Team, Purple Team, CISO/Executive, ICS, Policy, Events, CTI, Ransomware, ICS/Critical Infrastructure

By SCYTHE | July 29, 2021

Threat Intelligence Sharing: Democratizing Risk Information

As July 2021 closes, the Executive Order on Improving the Nation’s...

Topics:

CTI

By Tim Schulz | February 4, 2021

Introduction to Adversary Emulation

What is adversary emulation? Adversary emulation leverages adversary...

Topics:

Red Team, Blue Team, CTI

By Jorge Orchilles | June 28, 2020

Cuddling the Cozy Bear, Emulating APT29 by Jorge Orchilles - Cyber Junegle

Adversary Emulation is a type of ethical hacking engagement where the...

Topics:

Red Team, Blue Team, CTI