January 19, 2022
Ransomware is a vexing challenge and attacks have doubled since 2020, but there is a path out of the problem. In this new guide, Countering Ransomware with MITRE ATT&CK, AttackIQ outlines clear, practical steps to test and validate that your security program performs against ransomware. The trick is to prepare, and the path to follow is a threat-informed defense. Check it out and come join us for a technical demonstration of our ransomware capabilities on January 27.
January 13, 2022
Attacks like Log4j, SolarWinds and Colonial Pipeline have board rooms across the nation questioning their preparedness in combating cybersecurity risks. What can boards do now to be more effective for the next big attack?
December 15, 2021
We’re excited to announce the general availability of DeepSurface Risk Analyzer v2.7! There are a ton of changes under the hood, but we wanted to let you know about a few key improvements.
December 13, 2021
This article focuses on helping organizations to assess the effectiveness of their compensating controls, enable a threat-informed defense with breach and attack simulation plus the MITRE ATT&CK framework, and interdict the adversary post-breach to drive down risk.
November 29, 2021
Now that the dust has settled around CVE-2021-34527, also known as PrintNightmare, we thought we’d use it as an example of how DeepSurface can reprioritize even the highest priority vulnerabilities, saving you and your patch team hours of effort. For this blog post, you don’t need to know anything about PrintNightmare other than it was nearly ubiquitous, there are dozens of exploits in the wild, and that it’s fairly easy to remediate.
November 16, 2021
We’re excited to announce the general availability of DeepSurface Risk Analyzer v2.6! There are a ton of changes under the hood, but we wanted to let you know about a few key improvements.
October 27, 2021
We’re familiar with red teaming and blue teaming, but have you heard about purple teaming? This blog dives into facts you may not be aware of around this new team construct meant to foster collaboration between red and blue teams for a stronger cybersecurity practice.
October 21, 2021
ESG has just released the key findings of its cybersecurity hygiene and posture management survey, and in a poll of 400 cybersecurity professionals in North American enterprises, the number one action respondents said would improve cybersecurity hygiene? You guessed it: continuous security control validation.
October 15, 2021
Recently, AttackIQ was notified that an Iranian threat actor had created a fake domain and fraudulent website (attackiq[.]ir) impersonating AttackIQ and abusing the company brand. This blog is an account of what happened and how AttackIQ responded, and it aims to provide insights to help organizations prepare to deal with similar Brand Reputation Abuse situations.
October 6, 2021
The rapid growth in our company isn’t just because we have the best platform for breach and attack simulation (we do). It’s because no other company is as invested as we are in helping you build a threat-informed defense practice that delivers measurable results.
October 4, 2021
To echo a famous Russian proverb, “trust but verify,” it’s not enough to implement a zero trust architecture. Continuous testing is the only way to achieve real cybersecurity readiness.
September 30, 2021
As organizations react to constantly changing and challenging situations today, they need to be confident they can still meet their business objectives while controlling risk.
September 28, 2021
Firefox is vulnerable to local privilege escalation (LPE) attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Firefox users using the same Windows system. Through our responsible disclosure program Mozilla was contacted, and full technical details were provided, but has ultimately chosen not to fix this vulnerability.
September 23, 2021
Although ransomware can have devastating effects regardless of which industry vertical an organisation is part of, the healthcare industry has particularly paid a heavy price in recent times.
September 22, 2021
A landmark innovation from MITRE Engenuity’s Center for Threat-Informed Defense maps cloud security controls in AWS and Azure to MITRE ATT&CK®, elevating cybersecurity effectiveness.
September 16, 2021
Older versions of Adobe Acrobat Reader are vulnerable to local privilege escalation (LPE) attacks under certain conditions on Windows platforms. This would allow an attacker to perform a local privilege escalation attack against Acrobat Reader users using the same Windows system. Through our responsible disclosure program Adobe was contacted and provided a fix for this issue. Adobe also issued CVE-2021-35982 to track the vulnerability.
August 24, 2021
Healthcare is the most targeted sector for data breaches, and ransomware attacks were responsible for almost 50 percent of all healthcare data breaches in 2020. How should healthcare companies proceed? Our guest blogger in this ransomware series is Tracy Cohen, a cybersecurity expert with over a decade of experience managing cybersecurity risk in the healthcare and biopharma sector. She is also a licensed skydiver,
August 24, 2021
With over 20,000 students in AttackIQ Academy, our mission is strong as ever to provide a free education on how to build and implement a threat informed defense.
August 23, 2021
For the first time, organisations can visually see what Azure security controls can offer in terms of protection, detection and response. With 45 native Azure security control mappings, defenders can start focusing on not only TTPs in the context of Azure threats, but also how each native Azure security control might shield them from related TTPs in Azure.
August 13, 2021
Why I’m Particularly Proud AttackIQ Made the 2021 Fortune Great Place to Work List
August 13, 2021
We’re excited to announce our latest version of the DeepSurface product – DeepSurface 2.4. The latest version of our vulnerability management platform expands our reporting capabilities to enable exportable reports to XLSX and PDF to make reporting your vulnerable hosts and missing patches even easier, added support for Thycotic Secret Server PAM, easier setup/administration including emailing of generated reports, and enhancements of our windows agent.