Giovanni López

Author
Giovanni Lopez is Principal Security Engineer at AttackIQ, where he researches and creates new security control testing content to help customers evaluate their security defenses. He has a diverse experience in the information security field before security control testing, such as penetration tester and reverse engineer, which background helped to understand how to perform realistic and accurate attacks and convert them to AttackIQ content. You can find him enjoying reverse engineering and understanding the inner workings of any stuff that touches his hands inside and outside working hours.
Giovanni López

See other articles by Giovanni López

Attack Graph Response to CISA Advisory AA23-187A: Increased Truebot Activity Infects U.S. and Canada Based Networks
Adversary Emulation

Attack Graph Response to CISA Advisory AA23-187A: Increased Truebot Activity Infects U.S. and Canada Based Networks

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-187A) that seeks to emulate the activities carried out by the financially motivated and highly sophisticated criminal adversary known as TA505.
Read More
Attack Graph Response to CISA Advisory AA23-165A: Understanding Ransomware Threat Actors: LockBit
Adversary Emulation

Attack Graph Response to CISA Advisory AA23-165A: Understanding Ransomware Threat Actors: LockBit

On June 14, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) along with other US-based and international security organizations released a joint cybersecurity advisory (CSA) detailing the operations behind the LockBit ransomware attacks. AttackIQ has released a wide range of Attack Graphs emulating LockBit and other RaaS operators as part of CISA’s #StopRansomware campaign.
Read More
Response to CISA Advisory (AA23-144A): China State-Sponsored Actor Volt Typhoon Living off the Land to Evade Detection
Adversary Emulation

Response to CISA Advisory (AA23-144A): China State-Sponsored Actor Volt Typhoon Living off the Land to Evade Detection

AttackIQ has released two new assessments that emulate the techniques associated with a People’s Republic of China (PRC) state-sponsored cyber actor known as Volt Typhoon. Volt Typhoon makes extensive use of living off the land tools to remaining undetected for as long as possible while complete their espionage goals.
Read More
Attack Graph Response to CISA Advisory (AA23-061A): #StopRansomware: Royal Ransomware
Adversary Emulation

Attack Graph Response to CISA Advisory (AA23-061A): #StopRansomware: Royal Ransomware

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in cyberattacks involving Royal Ransomware.
Read More
Emulating the Cybercriminal Initial Access Broker TA551
Adversary Emulation

Emulating the Cybercriminal Initial Access Broker TA551

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) associated with a 2020 intrusion from the cybercriminal group TA551.
Read More
Attack Graph Response to US-CERT Alert (AA22-321A): #StopRansomware: Hive Ransomware
US-CERT Alert Response

Attack Graph Response to US-CERT Alert (AA22-321A): #StopRansomware: Hive Ransomware

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in attacks by cybercriminal groups to deploy their Hive ransomware.
Read More
Attack Graph Response to US-CERT Alert (AA22-320A): Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester
US-CERT Alert Response

Attack Graph Response to US-CERT Alert (AA22-320A): Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in an attack by Iranian-sponsored adversaries against a Federal Civilian Executive Branch (FCEB) organization in the U.S.
Read More
Attack Graph Response to US-CERT Alert (AA22-277A): Chinese Threat Actors Steal Sensitive Information from a Defense Industrial Base Organization
Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-277A): Chinese Threat Actors Steal Sensitive Information from a Defense Industrial Base Organization

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in an attack by Chinese-sponsored adversaries against a Defense Industrial Base organization in the U.S.
Read More
Attack Graph Response to US-CERT Alert (AA22-264A): Iranian State Actors Conduct Cyber Operations Against the Government of Albania
Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-264A): Iranian State Actors Conduct Cyber Operations Against the Government of Albania

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) used by Iranian nation-state adversaries against the government of Albania.
Read More
Attack Graph Response to US-CERT AA22-108A: North Korean Targeting of Blockchain Companies
Adversary Emulation

Attack Graph Response to US-CERT AA22-108A: North Korean Targeting of Blockchain Companies

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the…
Read More
Attack Graph Response to US-CERT AA22-011A & AA22-047A: Preparing for Russian State-Sponsored Cyberthreats
Adversary Emulation

Attack Graph Response to US-CERT AA22-011A & AA22-047A: Preparing for Russian State-Sponsored Cyberthreats

In anticipation of escalating cyberattacks by the Russian government against U.S. and allied interests, AttackIQ has developed a new attack graph to help organizations test and validate their cyberdefenses against known Russian adversarial tactics, techniques, and procedures (TTPs).
Read More
Component Object Model Hijacking
TTPs

Component Object Model Hijacking

Welcome to another blog post with information about the scenarios we write for our platform,…
Read More