BC Security
@bcsecurity.bsky.social
Threat Emulation | Training | Red Team | Penetration Testing | Compliance
Cyber on the rise: In 2025, Taiwan experienced an average of 2.6 million daily cyberattacks on critical infrastructure, from hospitals to energy systems, up from the previous year. Many of these incidents were tied to broader military and political pressure.
www.reuters.com/world/china/...
www.reuters.com/world/china/...
January 8, 2026 at 4:59 PM
Cyber on the rise: In 2025, Taiwan experienced an average of 2.6 million daily cyberattacks on critical infrastructure, from hospitals to energy systems, up from the previous year. Many of these incidents were tied to broader military and political pressure.
www.reuters.com/world/china/...
www.reuters.com/world/china/...
New year, new site, new tool!
We’ve refreshed the BC Security website and introduced SIMAPTIC, our continuous threat-exposure and validation platform that simulates multi-stage attacks and provides teams with real signals they can act on.
simaptic.ai
Also, check out the new website!
bcsecurity.io
We’ve refreshed the BC Security website and introduced SIMAPTIC, our continuous threat-exposure and validation platform that simulates multi-stage attacks and provides teams with real signals they can act on.
simaptic.ai
Also, check out the new website!
bcsecurity.io
January 2, 2026 at 4:32 PM
New year, new site, new tool!
We’ve refreshed the BC Security website and introduced SIMAPTIC, our continuous threat-exposure and validation platform that simulates multi-stage attacks and provides teams with real signals they can act on.
simaptic.ai
Also, check out the new website!
bcsecurity.io
We’ve refreshed the BC Security website and introduced SIMAPTIC, our continuous threat-exposure and validation platform that simulates multi-stage attacks and provides teams with real signals they can act on.
simaptic.ai
Also, check out the new website!
bcsecurity.io
Happy Holidays from all of us at BC Security!
As the year winds down, we just want to say thanks to our clients, partners, and the awesome community around us. Your support means everything, and it’s what keeps us building, learning, and doing what we love.
Thank you to everyone!
As the year winds down, we just want to say thanks to our clients, partners, and the awesome community around us. Your support means everything, and it’s what keeps us building, learning, and doing what we love.
Thank you to everyone!
December 26, 2025 at 12:21 AM
Happy Holidays from all of us at BC Security!
As the year winds down, we just want to say thanks to our clients, partners, and the awesome community around us. Your support means everything, and it’s what keeps us building, learning, and doing what we love.
Thank you to everyone!
As the year winds down, we just want to say thanks to our clients, partners, and the awesome community around us. Your support means everything, and it’s what keeps us building, learning, and doing what we love.
Thank you to everyone!
Empire v6.3.0 released!!!!
Bringing major upgrades like Starkiller v3.2.0, mTLS support, ChaCha20-Poly1305 encryption, expanded PSExec agent options, and flexible env-based configuration — making Empire more secure and operator-friendly than ever.
github.com/BC-SECURITY/...
Bringing major upgrades like Starkiller v3.2.0, mTLS support, ChaCha20-Poly1305 encryption, expanded PSExec agent options, and flexible env-based configuration — making Empire more secure and operator-friendly than ever.
github.com/BC-SECURITY/...
December 12, 2025 at 9:17 PM
Empire v6.3.0 released!!!!
Bringing major upgrades like Starkiller v3.2.0, mTLS support, ChaCha20-Poly1305 encryption, expanded PSExec agent options, and flexible env-based configuration — making Empire more secure and operator-friendly than ever.
github.com/BC-SECURITY/...
Bringing major upgrades like Starkiller v3.2.0, mTLS support, ChaCha20-Poly1305 encryption, expanded PSExec agent options, and flexible env-based configuration — making Empire more secure and operator-friendly than ever.
github.com/BC-SECURITY/...
Reposted by BC Security
Empire v6.3.0 is out!
• mTLS agents & listeners
• ChaCha20-Poly1305 encryption + DH key exchange
• HTTPS host reuse across HTTP & malleable listeners
• Customizable C# obfuscation via EmpireCompiler
• Major dependency upgrades & stability fixes
github.com/BC-SECURITY/...
• mTLS agents & listeners
• ChaCha20-Poly1305 encryption + DH key exchange
• HTTPS host reuse across HTTP & malleable listeners
• Customizable C# obfuscation via EmpireCompiler
• Major dependency upgrades & stability fixes
github.com/BC-SECURITY/...
GitHub - BC-SECURITY/Empire: Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers.
Empire is a post-exploitation and adversary emulation framework that is used to aid Red Teams and Penetration Testers. - BC-SECURITY/Empire
github.com
December 12, 2025 at 1:07 PM
Empire v6.3.0 is out!
• mTLS agents & listeners
• ChaCha20-Poly1305 encryption + DH key exchange
• HTTPS host reuse across HTTP & malleable listeners
• Customizable C# obfuscation via EmpireCompiler
• Major dependency upgrades & stability fixes
github.com/BC-SECURITY/...
• mTLS agents & listeners
• ChaCha20-Poly1305 encryption + DH key exchange
• HTTPS host reuse across HTTP & malleable listeners
• Customizable C# obfuscation via EmpireCompiler
• Major dependency upgrades & stability fixes
github.com/BC-SECURITY/...
Cyber Monday Deal: Level Up Your Cyber Skills!
One of our flagship cyber courses is going on sale, for a limited time.
If you’ve been waiting to jump into hands-on, operator-level training, now’s your moment.
training.bc-security.org/courses/empi...
One of our flagship cyber courses is going on sale, for a limited time.
If you’ve been waiting to jump into hands-on, operator-level training, now’s your moment.
training.bc-security.org/courses/empi...
Empire Operations 1
Empire Operations I is an introductory hands-on course with the Empire Post Exploitation Framework. In this course, students will learn the basics of using and operating Empire while being introduced…
training.bc-security.org
December 1, 2025 at 4:48 PM
Cyber Monday Deal: Level Up Your Cyber Skills!
One of our flagship cyber courses is going on sale, for a limited time.
If you’ve been waiting to jump into hands-on, operator-level training, now’s your moment.
training.bc-security.org/courses/empi...
One of our flagship cyber courses is going on sale, for a limited time.
If you’ve been waiting to jump into hands-on, operator-level training, now’s your moment.
training.bc-security.org/courses/empi...
AI-driven cyber-espionage is now real. Anthropic reports autonomous agents running full intrusion chains with minimal human input. Defense has to move at machine speed now. Full report: www.anthropic.com/news/disrupt...
Disrupting the first reported AI-orchestrated cyber espionage campaign
A report describing an a highly sophisticated AI-led cyberattack
www.anthropic.com
November 20, 2025 at 2:11 AM
AI-driven cyber-espionage is now real. Anthropic reports autonomous agents running full intrusion chains with minimal human input. Defense has to move at machine speed now. Full report: www.anthropic.com/news/disrupt...
Cybersecurity Awareness Month!
Cyber Tip: Segment your administrative network and separate privileged access.
Keep domain controllers, jump servers, and management systems separate from user workstations.
Isolation limits lateral movement and protects privileged credentials.
Cyber Tip: Segment your administrative network and separate privileged access.
Keep domain controllers, jump servers, and management systems separate from user workstations.
Isolation limits lateral movement and protects privileged credentials.
October 27, 2025 at 10:35 PM
Cybersecurity Awareness Month!
Cyber Tip: Segment your administrative network and separate privileged access.
Keep domain controllers, jump servers, and management systems separate from user workstations.
Isolation limits lateral movement and protects privileged credentials.
Cyber Tip: Segment your administrative network and separate privileged access.
Keep domain controllers, jump servers, and management systems separate from user workstations.
Isolation limits lateral movement and protects privileged credentials.
Cybersecurity Awareness Month!
Cyber Tip: Patch your third-party software.
Attackers don’t always need zero-days, just an old plug-in or unpatched tool.
Centralize patching, remove legacy apps, and stay current.
Every unpatched tool is a potential entry point.
Cyber Tip: Patch your third-party software.
Attackers don’t always need zero-days, just an old plug-in or unpatched tool.
Centralize patching, remove legacy apps, and stay current.
Every unpatched tool is a potential entry point.
October 23, 2025 at 2:02 AM
Cybersecurity Awareness Month!
Cyber Tip: Patch your third-party software.
Attackers don’t always need zero-days, just an old plug-in or unpatched tool.
Centralize patching, remove legacy apps, and stay current.
Every unpatched tool is a potential entry point.
Cyber Tip: Patch your third-party software.
Attackers don’t always need zero-days, just an old plug-in or unpatched tool.
Centralize patching, remove legacy apps, and stay current.
Every unpatched tool is a potential entry point.
Cybersecurity Awareness Month!!
Cyber Tip: Rotate service account passwords often. These high-privilege accounts are prime targets for attackers. Regular rotation limits damage and reduces risk.
Cyber Tip: Rotate service account passwords often. These high-privilege accounts are prime targets for attackers. Regular rotation limits damage and reduces risk.
October 20, 2025 at 7:10 PM
Cybersecurity Awareness Month!!
Cyber Tip: Rotate service account passwords often. These high-privilege accounts are prime targets for attackers. Regular rotation limits damage and reduces risk.
Cyber Tip: Rotate service account passwords often. These high-privilege accounts are prime targets for attackers. Regular rotation limits damage and reduces risk.
Cybersecurity Awareness Month!
Cyber Tip: Microsoft has officially ended support for Windows 10. Without ongoing security updates, these systems are now vulnerable to new exploits and malware. If you’re still running Windows 10, upgrade as soon as possible to stay secure and compliant.
Cyber Tip: Microsoft has officially ended support for Windows 10. Without ongoing security updates, these systems are now vulnerable to new exploits and malware. If you’re still running Windows 10, upgrade as soon as possible to stay secure and compliant.
October 15, 2025 at 5:31 PM
Cybersecurity Awareness Month!
Cyber Tip: Microsoft has officially ended support for Windows 10. Without ongoing security updates, these systems are now vulnerable to new exploits and malware. If you’re still running Windows 10, upgrade as soon as possible to stay secure and compliant.
Cyber Tip: Microsoft has officially ended support for Windows 10. Without ongoing security updates, these systems are now vulnerable to new exploits and malware. If you’re still running Windows 10, upgrade as soon as possible to stay secure and compliant.
Cybersecurity Awareness Month!!!
Cyber Tip: Close what you don’t use. Unused ports and services expand your attack surface and invite scanning or exploitation. Disabling them keeps your network lean, secure, and harder to breach.
#Cyberaware #CybersecurityAwarenessMonth #Cybersecurity
Cyber Tip: Close what you don’t use. Unused ports and services expand your attack surface and invite scanning or exploitation. Disabling them keeps your network lean, secure, and harder to breach.
#Cyberaware #CybersecurityAwarenessMonth #Cybersecurity
October 13, 2025 at 8:51 PM
Cybersecurity Awareness Month!!!
Cyber Tip: Close what you don’t use. Unused ports and services expand your attack surface and invite scanning or exploitation. Disabling them keeps your network lean, secure, and harder to breach.
#Cyberaware #CybersecurityAwarenessMonth #Cybersecurity
Cyber Tip: Close what you don’t use. Unused ports and services expand your attack surface and invite scanning or exploitation. Disabling them keeps your network lean, secure, and harder to breach.
#Cyberaware #CybersecurityAwarenessMonth #Cybersecurity
Cybersecurity Awareness Month!
Cyber Tip: Keep an eye on outbound traffic. Attackers often use it to exfiltrate data or maintain control of compromised systems. Reviewing outbound connections helps you detect and contain threats before sensitive data leaves your network.
Cyber Tip: Keep an eye on outbound traffic. Attackers often use it to exfiltrate data or maintain control of compromised systems. Reviewing outbound connections helps you detect and contain threats before sensitive data leaves your network.
October 10, 2025 at 9:00 PM
Cybersecurity Awareness Month!
Cyber Tip: Keep an eye on outbound traffic. Attackers often use it to exfiltrate data or maintain control of compromised systems. Reviewing outbound connections helps you detect and contain threats before sensitive data leaves your network.
Cyber Tip: Keep an eye on outbound traffic. Attackers often use it to exfiltrate data or maintain control of compromised systems. Reviewing outbound connections helps you detect and contain threats before sensitive data leaves your network.
Cybersecurity Awareness Month!!!
Cyber Tip: Review your PowerShell logs regularly. Attackers often abuse built-in tools like PowerShell to run commands, move laterally, and hide activity. Detailed logging helps spot unusual scripts or commands that may signal an intrusion before it spreads.
Cyber Tip: Review your PowerShell logs regularly. Attackers often abuse built-in tools like PowerShell to run commands, move laterally, and hide activity. Detailed logging helps spot unusual scripts or commands that may signal an intrusion before it spreads.
October 9, 2025 at 9:00 PM
Cybersecurity Awareness Month!!!
Cyber Tip: Review your PowerShell logs regularly. Attackers often abuse built-in tools like PowerShell to run commands, move laterally, and hide activity. Detailed logging helps spot unusual scripts or commands that may signal an intrusion before it spreads.
Cyber Tip: Review your PowerShell logs regularly. Attackers often abuse built-in tools like PowerShell to run commands, move laterally, and hide activity. Detailed logging helps spot unusual scripts or commands that may signal an intrusion before it spreads.
Cybersecurity Awareness Month!!!
Cyber Tip: Check file hashes before installing or running downloads. Verifying the SHA256 or MD5 ensures the file hasn’t been tampered with and matches the official source. This quick step helps prevent malware from slipping in through fake or modified installers.
Cyber Tip: Check file hashes before installing or running downloads. Verifying the SHA256 or MD5 ensures the file hasn’t been tampered with and matches the official source. This quick step helps prevent malware from slipping in through fake or modified installers.
October 8, 2025 at 5:00 PM
Cybersecurity Awareness Month!!!
Cyber Tip: Check file hashes before installing or running downloads. Verifying the SHA256 or MD5 ensures the file hasn’t been tampered with and matches the official source. This quick step helps prevent malware from slipping in through fake or modified installers.
Cyber Tip: Check file hashes before installing or running downloads. Verifying the SHA256 or MD5 ensures the file hasn’t been tampered with and matches the official source. This quick step helps prevent malware from slipping in through fake or modified installers.
Cybersecurity Awareness Month!!!
Cyber Tip: Use DNS filtering to block malicious domains before they reach your network. Even if someone clicks a bad link, DNS filters can stop the connection, prevent data theft, and reduce overall risk.
#Cybersecurity
Cyber Tip: Use DNS filtering to block malicious domains before they reach your network. Even if someone clicks a bad link, DNS filters can stop the connection, prevent data theft, and reduce overall risk.
#Cybersecurity
October 6, 2025 at 9:05 PM
Cybersecurity Awareness Month!!!
Cyber Tip: Use DNS filtering to block malicious domains before they reach your network. Even if someone clicks a bad link, DNS filters can stop the connection, prevent data theft, and reduce overall risk.
#Cybersecurity
Cyber Tip: Use DNS filtering to block malicious domains before they reach your network. Even if someone clicks a bad link, DNS filters can stop the connection, prevent data theft, and reduce overall risk.
#Cybersecurity
Cybersecurity Awareness Month!
Cyber Tip: Never enable macros on documents from unknown or untrusted sources. Attackers often send Word/Excel files that trick you into clicking “Enable Content” to launch malware. If you weren’t expecting the file, don’t trust it.
Cyber Tip: Never enable macros on documents from unknown or untrusted sources. Attackers often send Word/Excel files that trick you into clicking “Enable Content” to launch malware. If you weren’t expecting the file, don’t trust it.
October 2, 2025 at 4:58 PM
Cybersecurity Awareness Month!
Cyber Tip: Never enable macros on documents from unknown or untrusted sources. Attackers often send Word/Excel files that trick you into clicking “Enable Content” to launch malware. If you weren’t expecting the file, don’t trust it.
Cyber Tip: Never enable macros on documents from unknown or untrusted sources. Attackers often send Word/Excel files that trick you into clicking “Enable Content” to launch malware. If you weren’t expecting the file, don’t trust it.
Happy Cybersecurity Awareness Month!!
We believe awareness is the first line of defense. This month, we’ll share tips and insights from our experts to help protect what matters most.
Tip: Scammers use urgent language to create panic. Don’t rush, pause & verify before acting.
We believe awareness is the first line of defense. This month, we’ll share tips and insights from our experts to help protect what matters most.
Tip: Scammers use urgent language to create panic. Don’t rush, pause & verify before acting.
October 1, 2025 at 8:56 PM
Happy Cybersecurity Awareness Month!!
We believe awareness is the first line of defense. This month, we’ll share tips and insights from our experts to help protect what matters most.
Tip: Scammers use urgent language to create panic. Don’t rush, pause & verify before acting.
We believe awareness is the first line of defense. This month, we’ll share tips and insights from our experts to help protect what matters most.
Tip: Scammers use urgent language to create panic. Don’t rush, pause & verify before acting.
One of our Black Hat instructors analyzes a real phishing email, how it works, the red flags, and how to stay safe.
youtu.be/IFy_96Dg__E?...
#Phishing #SecurityAwareness #Infosec
youtu.be/IFy_96Dg__E?...
#Phishing #SecurityAwareness #Infosec
Did I Just Fall for a Phishing Attempt?
In this video, I walk through a scam email notifying me that someone attempted to log into my Twitter account and I needed to authenticate to ensure I hadn't been compromised.
youtu.be
September 30, 2025 at 5:00 PM
One of our Black Hat instructors analyzes a real phishing email, how it works, the red flags, and how to stay safe.
youtu.be/IFy_96Dg__E?...
#Phishing #SecurityAwareness #Infosec
youtu.be/IFy_96Dg__E?...
#Phishing #SecurityAwareness #Infosec
PyPI is warning about a new phishing scam hitting package maintainers. Fake “account verification” emails are floating around, pointing to pypi-mirror[.]org, a fake site built to steal your login.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
PyPI urges users to reset credentials after new phishing attacks
The Python Software Foundation has warned victims of a new wave of phishing attacks using a fake Python Package Index (PyPI) website to reset credentials.
www.bleepingcomputer.com
September 24, 2025 at 6:00 PM
PyPI is warning about a new phishing scam hitting package maintainers. Fake “account verification” emails are floating around, pointing to pypi-mirror[.]org, a fake site built to steal your login.
www.bleepingcomputer.com/news/securit...
www.bleepingcomputer.com/news/securit...
“When ‘working as intended’ means leaking sensitive data”
Our analyst Andrew, discovered unauthenticated access to thousands of files and faced roadblocks trying to report it. His blog breaks down what happened and why design flaws matter as much as exploits.
bc-security.org/when-intende...
Our analyst Andrew, discovered unauthenticated access to thousands of files and faced roadblocks trying to report it. His blog breaks down what happened and why design flaws matter as much as exploits.
bc-security.org/when-intende...
September 9, 2025 at 2:13 PM
“When ‘working as intended’ means leaking sensitive data”
Our analyst Andrew, discovered unauthenticated access to thousands of files and faced roadblocks trying to report it. His blog breaks down what happened and why design flaws matter as much as exploits.
bc-security.org/when-intende...
Our analyst Andrew, discovered unauthenticated access to thousands of files and faced roadblocks trying to report it. His blog breaks down what happened and why design flaws matter as much as exploits.
bc-security.org/when-intende...
Hot dogs, cold drinks, and… popping shells? This Labor Day, we’re serving up a special Empire Ops 1 Discount. Attackers don’t take holidays, and neither should your defenses.
training.bc-security.org/courses/empi...
#Cybersecurity #RedTeam
training.bc-security.org/courses/empi...
#Cybersecurity #RedTeam
September 1, 2025 at 5:38 PM
Hot dogs, cold drinks, and… popping shells? This Labor Day, we’re serving up a special Empire Ops 1 Discount. Attackers don’t take holidays, and neither should your defenses.
training.bc-security.org/courses/empi...
#Cybersecurity #RedTeam
training.bc-security.org/courses/empi...
#Cybersecurity #RedTeam
@Micrososft highlights top PRC tactics: cloud account abuse (impossible travel, new principals), LOTL lateral movement with psexec/WMI/remote PowerShell, and persistence via web shells on IIS, SharePoint, VPNs, and firewalls. Defenses: MFA, block legacy protocols, hardened configs.
August 27, 2025 at 9:28 PM
@Micrososft highlights top PRC tactics: cloud account abuse (impossible travel, new principals), LOTL lateral movement with psexec/WMI/remote PowerShell, and persistence via web shells on IIS, SharePoint, VPNs, and firewalls. Defenses: MFA, block legacy protocols, hardened configs.
We are honored to be at #DAFITC this year and catch the keynote from Huntress’ CEO. A powerful discussion on how cybercriminals are abusing tools like ScreenConnect and why defenders must stay vigilant. Great insights for everyone in cyber defense. #CyberSecurity
August 25, 2025 at 3:16 PM
We are honored to be at #DAFITC this year and catch the keynote from Huntress’ CEO. A powerful discussion on how cybercriminals are abusing tools like ScreenConnect and why defenders must stay vigilant. Great insights for everyone in cyber defense. #CyberSecurity
AMA starts in a few hours!
Jake Krasnov (BC Security) is hosting a LIVE AMA on r/SolarDIY at 12 PM ET — only a few hours from now!
Bring your cyber questions here: reddit.com/r/SolarDIY
Jake Krasnov (BC Security) is hosting a LIVE AMA on r/SolarDIY at 12 PM ET — only a few hours from now!
Bring your cyber questions here: reddit.com/r/SolarDIY
August 22, 2025 at 2:24 PM
AMA starts in a few hours!
Jake Krasnov (BC Security) is hosting a LIVE AMA on r/SolarDIY at 12 PM ET — only a few hours from now!
Bring your cyber questions here: reddit.com/r/SolarDIY
Jake Krasnov (BC Security) is hosting a LIVE AMA on r/SolarDIY at 12 PM ET — only a few hours from now!
Bring your cyber questions here: reddit.com/r/SolarDIY