In response to the recently published CISA Advisory (AA24-046A) that disseminates Tactics, Techniques, Procedures (TTPs) and mitigations associated with a recent incident response assessment of a state government organization’s network, AttackIQ recommends that customers take the following testing actions in alignment with this recently observed activity.

AttackIQ has released three new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the infamous loader known as DarkGate during its activities in 2023.

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-038A) which assesses that the People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.

QakBot, also recognized as Qbot, Quackbot, Pinkslipbot, and TA570, has etched its name among other cyber threats, leaving a trail of thousands of malware infections globally. Dive in as we explore QakBot’s genesis, its evolution, some specific tactics used and how you can test your defenses against them with AttackIQ Flex.

AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits targeting various appliances produced by software company Ivanti. This assessment template emulates the different Tactics, Techniques, and Procedures (TTPs) exhibited by the UNC5221 adversary after successful exploitation of CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (command injection).

In the summer of 2020, ClearSky, a venture capital and growth equity firm investing in innovative companies in the cybersecurity and sustainable energy sectors, investigated into a campaign dubbed "Dream Job," highly likely attributed to North Korea's Lazarus Group.

A mischievous threat actor known as Mustang Panda prowls silently through the cyber underbrush, orchestrating sophisticated spear-phishing campaigns.

AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA24-016A) which disseminates known Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with threat actors deploying Androxgh0st malware.

GootLoader, a stealthy JavaScript-based downloader, has posed a persistent threat to Windows-based systems since 2020. In this article, we'll delve into who Gootloader is and how organizations can effectively emulate and test against this threat using AttackIQ Flex, a powerful agentless breach and attack simulation tool. The exciting part? You can sign up for AttackIQ Flex for free, providing you with an opportunity to outsmart this digital menace.

AttackIQs Engineering Team recently took another innovative step forward in cybersecurity, mapping our content to Sigma Rules and deploying a library to convert rules to product queries to improve detection efficacy through enhanced mitigation recommendations. Dubbed SigmAIQ, this is the first opensource repository of its kind, and yet another tool AttackIQ has added to our already vast testing and detection arsenal.

As 2023 draws to a close, AttackIQ is proud to present a comprehensive recap of a transformative year marked by groundbreaking achievements and advancements in the realm of cybersecurity. This year has seen us reach new heights in innovation, collaboration, and commitment to fortifying global defenses against evolving cyber threats.

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-353A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with the ALPHV BlackCat Ransomware-as-a-Service (RaaS) identified through FBI investigations as recently as December 6, 2023.