CROSS-INTEL

17 days ago · Tallinn

Great time doing a workshop with my friend @joe_carson about Identity under attack at CYCON 2026 organized by @ccdcoe ..

0

5

2

0

212

19 days ago

@FilipiPires @ccdcoe @brysonbort @scythe_io @RedTeamVillage_ @RaicesCyberOrg Great @FilipiPires !!

0

1

0

4

cross_intel retweeted

Bringing security knowledge to cybersecurity professionals

19 days ago

Attackers don't break in. They log in. Valid credentials. Excessive privileges. Forgotten identities. That's all they need. This Thursday at @ccdcoe #CyCon2026, we're running a 90-minute Workshop "Identity Under Attack" that puts security and business leaders inside a real identity breach scenario. Privilege escalation, lateral movement, business impact. No safety net. May 28. 4:00 PM EET. Tallinn. If identity is your blind spot, this is the room to be in. #IdentitySecurity #CyCon2026 #SCYTHE #IncidentResponse #CyberSecurity #RedTeam #ThreatIntelligence #PurpleTeam #ZeroTrust #PrivilegedAccess #PAM #IAM #CloudSecurity #TabletopExercise #Infosec #MITRE #CredentialCompromise #LateralMovement #CyberDefense

FilipiPires's tweet photo. Attackers don't break in. They log in.
Valid credentials. Excessive privileges. Forgotten identities. That's all they need.
This Thursday at @ccdcoe #CyCon2026, we're running a 90-minute Workshop "Identity Under Attack" that puts security and business leaders inside a real identity breach scenario. Privilege escalation, lateral movement, business impact. No safety net.

May 28. 4:00 PM EET. Tallinn.

If identity is your blind spot, this is the room to be in.
#IdentitySecurity #CyCon2026 #SCYTHE #IncidentResponse #CyberSecurity #RedTeam #ThreatIntelligence #PurpleTeam #ZeroTrust #PrivilegedAccess #PAM #IAM #CloudSecurity #TabletopExercise #Infosec #MITRE #CredentialCompromise #LateralMovement #CyberDefense

1

2

0

253

Who to follow

cross_intel retweeted

27 days ago

@bsidessp it was incredible.. 3000 + people focused on learning about Cybersecurity, Offensive Security..Hacking and much more.. Thank you everyone that participated watching my talk about: APT28 Breach & Attack Emulation - Correlating a live Lab with the BadPaw/MeowMeow Campaign Soon we’ll share the recorded session #SCYTHE #AEV #BAS #redteam #purpleteam #blueteam #socvalidation #bsidessp

FilipiPires's tweet photo. @bsidessp it was incredible..
3000 + people focused on learning about Cybersecurity, Offensive Security..Hacking and much more..
Thank you everyone that participated watching my talk about:

APT28 Breach & Attack
Emulation - Correlating a live Lab with the BadPaw/MeowMeow Campaign

Soon we’ll share the recorded session

#SCYTHE #AEV #BAS #redteam #purpleteam #blueteam #socvalidation #bsidessp

1

3

1

0

64

cross_intel retweeted

28 days ago

Talking about APT28 - BadPaw at @bsidessp 🫡🫡 #SCYTHE #RTV #BSidesSP #purpleteam #redteam

1

3

1

0

170

cross_intel retweeted

29 days ago

See you there on @bsidessp .. Let’s goo 🦄🦄🚀🚀

1

2

1

0

184

about 1 month ago

@scythe_io @FilipiPires 👏👏👏

0

2

0

19

cross_intel retweeted

SCYTHE @scythe_io

about 1 month ago

Malware analysis tells you how an attack is built. Threat emulation tells you whether your security controls are actually prepared to face it. SCYTHE Labs walked through a real JScript dropper from MalwareBazaar, decoding the full 5-stage attack chain across 13 MITRE ATT&CK techniques, then translating every finding into a repeatable emulation campaign validated against a live Windows 11 target. Read the full technical breakdown here: https://t.co/JRNgiZ7kIO By: @FilipiPires #ThreatEmulation #DetectionEngineering #JScriptDropper

scythe_io's tweet photo. Malware analysis tells you how an attack is built. Threat emulation tells you whether your security controls are actually prepared to face it. SCYTHE Labs walked through a real JScript dropper from MalwareBazaar, decoding the full 5-stage attack chain across 13 MITRE ATT&CK techniques, then translating every finding into a repeatable emulation campaign validated against a live Windows 11 target.

Read the full technical breakdown here: https://t.co/JRNgiZ7kIO

By: @FilipiPires

#ThreatEmulation
#DetectionEngineering
#JScriptDropper

2

4

2

0

153

about 1 month ago

CROSS-INTEL 🤝 @segura_security We’re joining forces to bring Zero Trust + Privileged Access Security to the next level. Identity is the new attack surface. we help you control it. 👉 Want to reduce risk and secure what matters? Let’s talk. #CyberSecurity #PAM #InfoSec #Partner

cross_intel's tweet photo. CROSS-INTEL 🤝 @segura_security
We’re joining forces to bring Zero Trust + Privileged Access Security to the next level.
Identity is the new attack surface. we help you control it.
👉 Want to reduce risk and secure what matters? Let’s talk.
#CyberSecurity #PAM #InfoSec #Partner https://t.co/H0RAju39Kf

1

0

99

cross_intel retweeted

BSidesPorto @bsidesporto

about 1 month ago

The Second Wave is LIVE. 🚨 Tickets are moving fast and this is your chance to be part of one of the most technical and community-driven security events in Portugal 🇵🇹 . 👉 Grab your ticket : https://t.co/yS0ggG4S2d Tag your crew. Don’t miss this. #BSidesPorto #Cyber #redteam

bsidesporto's tweet photo. The Second Wave is LIVE. 🚨
Tickets are moving fast and this is your chance to be part of one of the most technical and community-driven security events in Portugal 🇵🇹 .
👉 Grab your ticket : https://t.co/yS0ggG4S2d
Tag your crew. Don’t miss this.

#BSidesPorto #Cyber #redteam https://t.co/D7bFZfdbmS

2

8

3

0

370

about 2 months ago

@FilipiPires @PacktPublishing Congrats @FilipiPires !!

0

1

0

20

cross_intel retweeted

about 2 months ago

Attackers don't break in. They log in. My new book is out: "TPRM-driven Supply Chain Cybersecurity" 📚 by @PacktPublishing A threat-informed playbook on how adversaries abuse legitimate access across vendor ecosystems and how to stop it. 📖 Packt: https://t.co/jmw4trLKVq 📖 Amazon: https://t.co/k2qLmeytxL RTs appreciated 🙏

FilipiPires's tweet photo. Attackers don't break in. They log in.
My new book is out: "TPRM-driven Supply Chain Cybersecurity" 📚 by @PacktPublishing
A threat-informed playbook on how adversaries abuse legitimate access across vendor ecosystems and how to stop it.
📖 Packt: https://t.co/jmw4trLKVq
📖 Amazon: https://t.co/k2qLmeytxL
RTs appreciated 🙏

5

20

9

8

1K

cross_intel retweeted

SCYTHE @scythe_io

about 2 months ago

Purple Team Exercise Framework v4 is here is here, turning exercise findings into production detections instead of reports that go unread. PTEF v4 adds the operational structure purple teams have been building around manually: a detection engineering lifecycle, a hunt-to-detection pipeline, graded outcome scoring on a 0 to 5 scale, gap categorization, a maturity model, and AI/ML attack surface coverage mapped to MITRE ATLAS. Also included: 10 reference guides, 4 exercise templates, and 3 native emulation plans (Volt Typhoon, PsExec, AI Discovery), with no C2 framework or paid tools required. Get the PTEF v4 for Free: https://t.co/0ovw3H6jEq #PurpleTeam #DetectionEngineering #ThreatEmulation

scythe_io's tweet photo. Purple Team Exercise Framework v4 is here is here, turning exercise findings into production detections instead of reports that go unread.

PTEF v4 adds the operational structure purple teams have been building around manually: a detection engineering lifecycle, a hunt-to-detection pipeline, graded outcome scoring on a 0 to 5 scale, gap categorization, a maturity model, and AI/ML attack surface coverage mapped to MITRE ATLAS.

Also included: 10 reference guides, 4 exercise templates, and 3 native emulation plans (Volt Typhoon, PsExec, AI Discovery), with no C2 framework or paid tools required.

Get the PTEF v4 for Free: https://t.co/0ovw3H6jEq

#PurpleTeam

#DetectionEngineering

#ThreatEmulation

0

4

1

2

259

cross_intel retweeted

SCYTHE @scythe_io

2 months ago

🦄 Meet the minds behind UniCon 2026. On April 9 from 11 AM to 5:30 PM ET, we're going deep on Continuous Validation in the Age of AI, with practitioners and leaders who live and breathe threat emulation, detection engineering, and what AI-driven adversary tradecraft means for your detection logic: Bryson 🦄 Bort (@brysonbort) Caroline Wong (@CarolineWMWong) Jason Christopher (@jdchristopher) Scott H. Alex Waitkus Michael Brunetti Tyler Casey Michael Haag (@M_haggis) Christian Nicholson Join us for a full virtual day of candid conversations, real-world strategies, and actionable takeaways https://t.co/ZwPcPBjdNn #UniCon2026 #ContinuousValidation #ThreatEmulation

scythe_io's tweet photo. 🦄 Meet the minds behind UniCon 2026.

On April 9 from 11 AM to 5:30 PM ET, we're going deep on Continuous Validation in the Age of AI, with practitioners and leaders who live and breathe threat emulation, detection engineering, and what AI-driven adversary tradecraft means for your detection logic:

Bryson 🦄 Bort (@brysonbort)
Caroline Wong (@CarolineWMWong)
Jason Christopher (@jdchristopher)
Scott H.
Alex Waitkus
Michael Brunetti
Tyler Casey
Michael Haag (@M_haggis)
Christian Nicholson

Join us for a full virtual day of candid conversations, real-world strategies, and actionable takeaways

https://t.co/ZwPcPBjdNn

#UniCon2026
#ContinuousValidation
#ThreatEmulation

0

3

1

375

cross_intel retweeted

2 months ago

Hey everyone. After years contributing to open source projects, I decided it was time to build something of my own for the community. Introducing DrogonSec Security Scanner. DrogonSec is an open-source, modular security framework written in Go, created by me and maintained by @cross_intel . The goal is simple: give security teams a single, unified tool to identify risks across code, dependencies, secrets, and infrastructure. It was built to give security professionals a single, unified tool to detect vulnerabilities across code, dependencies, secrets, and infrastructure with AI-powered remediation on the roadmap. Inspired by Horusec, Drogonsec is its modern, actively maintained successor with enhanced capabilities and alignment to the latest OWASP standards. Enjoy guys -> https://t.co/NV3kfwYyO0 #CyberSecurity #AppSec #DevSecOps #OpenSource #GoLang #SAST #SCA #CloudSecurity #OWASP #SecurityTools #RedTeam #BlueTeam #InfoSec #GitHub #SecurityEngineering #ThreatDetection #Startups #BuildInPublic

FilipiPires's tweet photo. Hey everyone.
After years contributing to open source projects, I decided it was time to build something of my own for the community.

Introducing DrogonSec Security Scanner.

DrogonSec is an open-source, modular security framework written in Go, created by me and maintained by @cross_intel .

The goal is simple: give security teams a single, unified tool to identify risks across code, dependencies, secrets, and infrastructure.

It was built to give security professionals a single, unified tool to detect vulnerabilities across code, dependencies, secrets, and infrastructure with AI-powered remediation on the roadmap.

Inspired by Horusec, Drogonsec is its modern, actively maintained successor with enhanced capabilities and alignment to the latest OWASP standards.

Enjoy guys -> https://t.co/NV3kfwYyO0

#CyberSecurity #AppSec #DevSecOps #OpenSource #GoLang #SAST #SCA #CloudSecurity #OWASP #SecurityTools #RedTeam #BlueTeam #InfoSec #GitHub #SecurityEngineering #ThreatDetection #Startups #BuildInPublic

1

21

5

15

1K

cross_intel retweeted

Adversary Village @AdversaryVillag

3 months ago

🦄 UniCon 2026 | April 9 | FREE | Online @scythe_io is bringing together top cyber defense professionals for 6h of real adversarial content. If you defend real systems against real attackers, this thread is for you. 🧵👇 Register now 👇 🔗 https://t.co/zR7PFtkaIh

FilipiPires's tweet photo. 🦄 UniCon 2026 | April 9 | FREE | Online
@scythe_io is bringing together top cyber defense professionals for 6h of real adversarial content.
If you defend real systems against real attackers, this thread is for you. 🧵👇
Register now 👇 🔗 https://t.co/zR7PFtkaIh https://t.co/eXW43Qmqoq

1

6

4

0

395

cross_intel retweeted

3 months ago

A hands-on activity on “APT28 BadPaw/MeowMeow: From Manual Lab to Adversary Emulation” was conducted by @FilipiPires , Head of Technical Advocacy at @scythe_io , and Founder & Investor at CROSS-INTEL at @AdversaryVillag at @OneRSAC 2026. #AdversaryVillage #RSAC2026

AdversaryVillag's tweet photo. A hands-on activity on “APT28 BadPaw/MeowMeow: From Manual Lab to Adversary Emulation” was conducted by @FilipiPires , Head of Technical Advocacy at @scythe_io , and Founder & Investor at CROSS-INTEL at @AdversaryVillag at @OneRSAC 2026.

#AdversaryVillage #RSAC2026 https://t.co/9xkXhFUbTP

1

7

3

0

626

cross_intel retweeted

BSidesPorto @bsidesporto

3 months ago

The very first wave of tickets for BSides Porto 2026 are dropping on April 1st… and no, it’s not a joke 😂 Mark your calendar and get ready, you won’t want to miss it! #bsides #infosec #cybersecurity #event #hacking

1

8

3

0

234