November 3, 2022
What is the correct way to validate your controls against a Text4Shell or similar library vulnerability? You need an adjustable, open systems testing platform to test the specific aspects of your implementation to accurately assess if your security controls are correctly configured to stop attacks that leverage it.
August 11, 2022
AttackIQ’s Adversary Research Team has released a new assessment to test endpoint and network controls’ ability to prevent Zeppelin Ransomware.
August 10, 2022
AttackIQ’s Adversary Research Team has released two new assessments to test endpoint and network controls’ ability to prevent widely utilized malware families.
April 1, 2022
AttackIQ has released a new attack graph for organizations to test and validate their cyberdefense effectiveness against the HAVEX strain of malware. This attack graph follows a pair of Department of Justice indictments of Russia-based threat actors and a new joint FBI-CISA Cybersecurity Advisory about HAVEX released last week. An enduring and dangerous threat, HAVEX targeted the energy and power sectors in 135 countries from 2012-2018, and the tactics and techniques within it continue to threaten organizations today.
March 29, 2022
Following an up-tick in the activity of Russia-based cyberthreat actors, this blog discusses the practical steps you can take to validate your network security controls against known Russian tactics, techniques, and procedures to improve your security readiness. It walks readers through Russia-specific emulations included in the AttackIQ Network Control Validation module.
March 18, 2022
AttackIQ has released a new attack graph to emulate Russia-based threat actors as they exploit multi-factor authentication protocols to disable MFA. This blog describes the scenarios we have included in the new attack graph to emulate the adversary and then, to inform a purple team construct for cyberdefense operations, it provides detection and mitigation recommendations that you can use to improve your security program effectiveness. Read on for more.
March 8, 2022
To prepare for a potential cyberattack from Russia-based actors, you can begin by testing your security controls against known adversary tactics. The vast majority of cyberattacks use tactics and techniques that have been employed in the past. This blog walks you through key known tactics and techniques, and highlights scenarios in the AttackIQ Security Optimization Platform that you can use today to test your defenses and improve your cybersecurity readiness.