
Scott Sutherland
2.1K posts

Scott Sutherland
@_nullbind
Security Researcher @NetSPI | PowerUpSQL Author



Adversaries aren't just using malware—they're hiding behind your IT tools. 🔧 Remote monitoring and management (RMM) abuse has surged in the last year. Ransomware groups weaponize tools like ScreenConnect, NetSupport Manager, and SimpleHelp because they're signed, trusted, and blend right in. Our latest blog covers the most commonly abused RMM tools, how they work, and how to detect them—before it's too late: redcanary.com/blog/security-…


















"Offense and defense aren't peers. Defense is offense's child." - @JohnLaTwC We built an LLM-powered AMSI provider and paired it against a red team agent. Then, @0xdab0 wrote a blog about it: dreadnode.io/blog/llm-power… A few observations from the experiment: >>> To advance, we must generate unique, ground-truth datasets. >>> Defenses will need to live at the edge. >>> The real potential lies in the interaction between red and blue. >>> This is a blueprint for generative adversarial reinforcement learning.



