Author: AttackIQ Team

    Adversary Emulation, Breach and Attack Simulation, Cyberattack, US-CERT Alert, US-CERT Alert Response

    Attack Graph Response to US-CERT Alert (AA22-264A): Iranian State Actors Conduct Cyber Operations Against the Government of Albania

    September 23, 2022
    AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) used by Iranian nation-state adversaries against the government of Albania.
    Read More
    Emulating the Sophisticated Russian Adversary APT28 (Background))
    Adversary Emulation, Breach and Attack Simulation, Russia

    Emulating the Sophisticated Russian Adversary APT28

    September 21, 2022
    AttackIQ has released a content bundle including two new attack graphs covering two historical APT28 campaigns involving their SkinnyBoy and Zebrocy malware families and standalone scenarios emulating command-and-control traffic to test boundary controls.
    Read More
    Adversary Emulation, MITRE ATT&CK, US-CERT Alert Response

    Attack Graph Response to US-CERT Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Ransom Operations

    September 16, 2022
    AttackIQ has released a new attack graph emulating the techniques used by Iranian actors to compromise and encrypt systems — without the need for malware — to help customers defend against threats that try to operate while living solely off the land.
    Read More
    Adversary Emulation, Ransomware, US-CERT Alert Response

    Attack Graph Response to US-CERT Alert (AA22-249A): #StopRansomware Vice Society

    September 8, 2022
    AttackIQ has released a new attack graph emulating a Vice Society attack to help customers validate their security controls and their ability to defend against this threat actor and others who utilize similar behaviors.
    Read More
    Attack Graph for SysJoker’s Linux Variant (Cron)
    Adversary Emulation, Cyberattack, Cybercrime, Malware

    Malware Emulation Attack Graph for SysJoker’s Linux Variant

    August 2, 2022
    AttackIQ’s Adversary Research Team has released a new Malware Emulation Attack Graph that emulates the Linux behaviors of the multi-platform backdoor known as SysJoker.
    Read More
    Adversary Emulation, Breach and Attack Simulation, MITRE ATT&CK

    Leveraging the MITRE ATT&CK framework to build a threat-informed defense

    July 29, 2022
    In this guest blog post, Bradley Schaufenbuel of Paychex writes about how security teams can leverage the MITRE ATT&CK framework to mount a “threat-informed” defense. This post originally appeared as an article in SC Magazine.
    Read More
    Adversary Emulation, Breach and Attack Simulation, Command and Control, Security Controls

    OilRig Attack Graphs: Emulating the Iranian Threat Actor’s Global Campaigns

    July 11, 2022
    AttackIQ has released two new attack graphs that emulate different aspects of OilRig’s operations against multiple sectors around the globe. With these attack graphs, you can test and validate your defenses to improve cybersecurity readiness.
    Read More
    Adversary Emulation, Breach and Attack Simulation, US-CERT Alert Response

    Attack Graph Response to US-CERT Alert (AA22-174A): Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

    June 28, 2022
    AttackIQ has released two new fully featured attack graphs emulating the tactics, techniques, and procedures (TTPs) used by likely nation-state adversaries that continue exploiting the Log4Shell vulnerability in VMware Horizon Systems.
    Read More
    Adversary Emulation, MITRE ATT&CK, US-CERT Alert Response

    Response to US-CERT Alert (AA22-174A): Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems 

    June 24, 2022
    In response to US-CERT Alert AA22-174A, AttackIQ has released new malware transfer scenarios to the platform and recommends validating security controls using previously released scenarios addressing Log4Shell and the VMware CVE-2022-22954 vulnerability.  
    Read More