June 28, 2022
AttackIQ has released two new fully featured attack graphs emulating the tactics, techniques, and procedures (TTPs) used by likely nation-state adversaries that continue exploiting the Log4Shell vulnerability in VMware Horizon Systems.
June 24, 2022
In response to US-CERT Alert AA22-174A, AttackIQ has released new malware transfer scenarios to the platform and recommends validating security controls using previously released scenarios addressing Log4Shell and the VMware CVE-2022-22954 vulnerability.
June 15, 2022
AttackIQ has released a new full-featured attack graph emulating the tactics, techniques, and procedures (TTPs) used by the Conti Ransomware Group. Despite the group’s recent dissolution, Conti’s successful post-compromise tactics, techniques, and procedures will live on. This attack graph will help defenders test their cyberdefense technologies against the full range of techniques and procedures that Conti used – and which Conti’s former members, now in other ransomware groups, will likely continue to use.
June 3, 2022
AttackIQ has released a new fully featured attack graph emulating the tactics, techniques, and procedures used by the Karakurt Data Extortion Group recently reported in US-CERT Alert AA22-152.
June 2, 2022
AttackIQ has released a new scenario to test your security controls against exploits used in the Follina 0-day. This new scenario helps security teams validate visibility, patching, security controls, and logging in their environments relative to this pervasive 0-day vulnerability. Elevate your security program performance using AttackIQ.
June 2, 2022
AttackIQ has released a new scenario and assessment in response to US-CERT Alert AA22-152A, Karakurt Data Extortion Group
May 31, 2022
It’s been seven years since the MITRE ATT&CK framework was first published. Here, we look at some of the major milestones in its development and examine how the framework has become a game-changer for enterprise cybersecurity.
May 26, 2022
We are immensely pleased to announce the first of AttackIQ’s “malware emulation attack graphs.” We broke down real-world malware into its logical steps to understand the adversary’s behavior. We then use our attack graph methodology to arrange the malware into its component tactics, techniques, and procedures. Using the malware emulation attack graph, defenders can emulate a specific strain of malware to test and validate their security controls. Take a look.
May 25, 2022
Why adopt purple teaming? This IDC analyst brief explains how blending red and blue mindsets helps you holistically prepare for cyberattacks.
May 23, 2022
It’s January 14, 2020. Patch Tuesday. Your CIO wants to know: “ How does that RDP vulnerability I saw in the news affect us? ” Well, which RDP vulnerability are you talking about, boss?” Never mind; it’s still a good question. You dig deeper.
May 23, 2022
With everyone working from home and IT teams struggling to scale up their infrastructure, how are you accounting for risk?
April 29, 2022
Uncover new attacks from a threat actor likely operating out of Belarus known as UNC1151 or Ghostwriter.
April 18, 2022
AttackIQ has released a new integration for use with network based scenarios. This blog describes use cases, scenarios one can utilize and what indicators we look for when determining a match.
April 11, 2022
The award-winning Purple Hats Conference is the industry destination for cybersecurity practitioners around the globe to collaborate, share ideas, and learn how to evolve cybersecurity strategies from a reactive to proactive threat-informed defense. We’re just days away from the best “cyberforum of the year” and you won’t want to miss it—and there’s still time to join. Here we’re breaking down for you five reasons you don’t want to miss Purple Hats.
April 1, 2022
AttackIQ has released a new attack graph for organizations to test and validate their cyberdefense effectiveness against the HAVEX strain of malware. This attack graph follows a pair of Department of Justice indictments of Russia-based threat actors and a new joint FBI-CISA Cybersecurity Advisory about HAVEX released last week. An enduring and dangerous threat, HAVEX targeted the energy and power sectors in 135 countries from 2012-2018, and the tactics and techniques within it continue to threaten organizations today.
March 29, 2022
Following an up-tick in the activity of Russia-based cyberthreat actors, this blog discusses the practical steps you can take to validate your network security controls against known Russian tactics, techniques, and procedures to improve your security readiness. It walks readers through Russia-specific emulations included in the AttackIQ Network Control Validation module.
March 18, 2022
AttackIQ has released a new attack graph to emulate Russia-based threat actors as they exploit multi-factor authentication protocols to disable MFA. This blog describes the scenarios we have included in the new attack graph to emulate the adversary and then, to inform a purple team construct for cyberdefense operations, it provides detection and mitigation recommendations that you can use to improve your security program effectiveness. Read on for more.
March 11, 2022
AttackIQ and the Center for Threat-Informed Defense are furthering the art of adversary emulation with the Center’s new Attack Flow project. Building on our deep research partnership with the Center, AttackIQ’s Attack Graphs emulate the adversary with specificity and realism to test advanced cyberdefense technologies against multi-stage attacks. Read on for more.
March 8, 2022
To prepare for a potential cyberattack from Russia-based actors, you can begin by testing your security controls against known adversary tactics. The vast majority of cyberattacks use tactics and techniques that have been employed in the past. This blog walks you through key known tactics and techniques, and highlights scenarios in the AttackIQ Security Optimization Platform that you can use today to test your defenses and improve your cybersecurity readiness.
February 24, 2022
In anticipation of escalating cyberattacks by the Russian government against U.S. and allied interests, AttackIQ has developed a new attack graph to help organizations test and validate their cyberdefenses against known Russian adversarial tactics, techniques, and procedures (TTPs).
February 9, 2022
The Center for Threat-Informed Defense is transforming the practice of cybersecurity and elevating security teams’ performance all over the world. This blog post looks at research highlights from Center’s retrospective 2021 Impact Report, explains why the Center is so important to us at AttackIQ, and shows security teams how to elevate their program performance using a range of free educational resources derived from the Center’s research.
February 8, 2022
How to design a Cyber Vulnerability Management program that maximizes the ROI of your team’s work to be compliant and maximize the reduction of business risk at the same time.
January 19, 2022
Ransomware is a vexing challenge and attacks have doubled since 2020, but there is a path out of the problem. In this new guide, Countering Ransomware with MITRE ATT&CK, AttackIQ outlines clear, practical steps to test and validate that your security program performs against ransomware. The trick is to prepare, and the path to follow is a threat-informed defense. Check it out and come join us for a technical demonstration of our ransomware capabilities on January 27.