August 23, 2024
In response to the recent CISA Advisory (AA24-234A) outlining best practices for event logging and threat detection, AttackIQ, in alignment with CISA’s guidance, strongly encourages organizations to engage in continuous testing against known, real-world adversary behaviors and TTPs through rigorous security control validation.
August 1, 2024
In the ultramodern, mercurial sphere of cybersecurity, somehow a 1700-year-old quote from Helena of Constantinople still deeply resonates. Even with seemingly robust defenses, the smallest vulnerability can be an open invitation for threats like AsyncRAT to infiltrate your system, underscoring the importance of continuous testing to ensure that your existing controls – your rat traps – are functioning effectively.
December 20, 2023
As we’ve seen time and time again in our cybersecurity landscape, the wicked prey on the weary and take no prisoners along the way. Rhysida, an emerging ransomware group, serves as a perfect example of this. While their activities span across a variety of sectors and regions around the world, they have taken a keen taste to vulnerabilities found within the realm of healthcare.
November 30, 2023
The landscape of global cybersecurity is undergoing a seismic shift, marked by a fervent departure from traditional compliance-based strategies towards a new era of performance-based fortification. Spearheaded by dynamic changes in the regulatory frameworks of powerhouse economies like the US and EU, this evolution aims not just for compliance checkboxes but tangible security outcomes that defy mounting threats and historical failures in defense mechanisms.
November 20, 2023
Though the band Soft Cell may be considered a one-hit wonder with their 1981 hit song “Tainted Love”, the same cannot be said for Gallium, a Chinese-based threat actor that has continued to wreak havoc in the Middle Eastern telecommunications sector for over a decade now. Their most recent cyberespionage campaign? Operation Tainted Love.
October 26, 2023
If you’ve at all followed the work of AttackIQ’s Adversary Research Team (ART) in recent years, you’re well aware of their relentless pursuit for actionable, incisive, quantitative, and cutting-edge insights into the art (no pun intended) of adversary emulation.
