Blog - AttackIQ

Attack Graph Response to US-CERT Alert (AA22-321A): #StopRansomware: Hive Ransomware

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in attacks by cybercriminal groups to deploy their Hive ransomware.

Authors: Ken Towne Francis Guibernau Giovanni López Jackson Wells November 18, 2022 Read More

US-CERT Alert Response

Attack Graph Response to US-CERT Alert (AA22-320A): Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in an attack by Iranian-sponsored adversaries against a Federal Civilian Executive Branch (FCEB) organization in the U.S.

November 17, 2022 Read More

Security Control Validation

Customizing AttackIQ Scenarios to Validate Text4Shell Protections

What is the correct way to validate your controls against a Text4Shell or similar library vulnerability? You need an adjustable, open systems testing platform to test the specific aspects of your implementation to accurately assess if your security controls are correctly configured to stop attacks that leverage it.

November 3, 2022 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-277A): Chinese Threat Actors Steal Sensitive Information from a Defense Industrial Base Organization

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in an attack by Chinese-sponsored adversaries against a Defense Industrial Base organization in the U.S.

October 6, 2022 Read More

Most Recent

US-CERT Alert Response

Attack Graph Response to US-CERT Alert (AA22-321A): #StopRansomware: Hive Ransomware

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in attacks by cybercriminal groups to deploy their Hive ransomware.

November 18, 2022 Read More

US-CERT Alert Response

Attack Graph Response to US-CERT Alert (AA22-320A): Iranian Government-Sponsored APT Actors Compromise Federal Network, Deploy Crypto Miner, Credential Harvester

November 17, 2022 Read More

Security Control Validation

Customizing AttackIQ Scenarios to Validate Text4Shell Protections

November 3, 2022 Read More

Defense Department

The Lessons Ash Carter Taught Me

One of Ash Carter's former speechwriters and special assistants reflects on the lessons the Secretary of Defense leaves behind.

October 31, 2022 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-277A): Chinese Threat Actors Steal Sensitive Information from a Defense Industrial Base Organization

October 6, 2022 Read More

AttackIQ

Purple Hats 2022 Customer Awards

As we look forward to our next Purple Hats Conference, the industry destination for all cybersecurity professionals, we want to remember and celebrate the winners of our inaugural customer awards program.

September 27, 2022 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-264A): Iranian State Actors Conduct Cyber Operations Against the Government of Albania

AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) used by Iranian nation-state adversaries against the government of Albania.

September 23, 2022 Read More

Adversary Emulation

Emulating the Sophisticated Russian Adversary APT28

AttackIQ has released a content bundle including two new attack graphs covering two historical APT28 campaigns involving their SkinnyBoy and Zebrocy malware families and standalone scenarios emulating command-and-control traffic to test boundary controls.

September 21, 2022 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Ransom Operations

AttackIQ has released a new attack graph emulating the techniques used by Iranian actors to compromise and encrypt systems — without the need for malware — to help customers defend against threats that try to operate while living solely off the land.

September 16, 2022 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-249A): #StopRansomware Vice Society

AttackIQ has released a new attack graph emulating a Vice Society attack to help customers validate their security controls and their ability to defend against this threat actor and others who utilize similar behaviors.

September 8, 2022 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-223A): Testing Security Controls against Zeppelin Ransomware

AttackIQ’s Adversary Research Team has released a new assessment to test endpoint and network controls’ ability to prevent Zeppelin Ransomware.

August 11, 2022 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-216A): Testing Security Controls against 2021’s Top Malware Strains

AttackIQ’s Adversary Research Team has released two new assessments to test endpoint and network controls’ ability to prevent widely utilized malware families.

August 10, 2022 Read More

Center for Threat-Informed Defense

How to Test Your Defenses Against Personalized Top 10 MITRE ATT&CK Techniques

The Center for Threat-Informed Defense recently published a methodology and calculator so that you can identify the top MITRE ATT&CK techniques that impact your sector.

August 4, 2022 Read More

Adversary Emulation

Malware Emulation Attack Graph for SysJoker’s Linux Variant

AttackIQ’s Adversary Research Team has released a new Malware Emulation Attack Graph that emulates the Linux behaviors of the multi-platform backdoor known as SysJoker.

August 2, 2022 Read More