Emulating the Politically Motivated Chinese APT Mustang Panda

AttackIQ has released two new attack graphs that emulate recent activities conducted by the Chinese adversary known as Mustang Panda. The actor leveraged a historical family of malware known as PlugX, which is shared between multiple groups of Chinese origin known, and a new previously unknown backdoor exclusive to this actor.

Authors: Francis Guibernau Ken Towne Read More
Emulating the Infamous Modular Banking Trojan BokBot
Adversary Emulation

Emulating the Infamous Modular Banking Trojan BokBot

AttackIQ has released two new attack graphs that emulate recent activities involving the banking trojan known as BokBot, which has been primarily focused on exfiltrating data and stealing credentials. This new release continues our focused research on emulating shared e-crime malware used in attacks by multiple adversaries.
Read More
Attack Graph Response to CISA Advisory (AA23-075A): #StopRansomware: LockBit 3.0
Adversary Emulation

Attack Graph Response to CISA Advisory (AA23-075A): #StopRansomware: LockBit 3.0

AttackIQ has released a new fully featured attack graph that emulates the behaviors demonstrated by the latest version the LockBit ransomware family “LockBit 3.0”, also known as “LockBit Black.”
Read More
Attack Graph Response to CISA Advisory (AA23-074A): Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server
Adversary Emulation

Attack Graph Response to CISA Advisory (AA23-074A): Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server

AttackIQ has released a new attack graph that emulates the Tactics, Techniques, and Procedures (TTPs) used by a cybercriminal-focused adversary who carried successfully exploited CVE-2019-18935 against an instance of Telerik UI at a federal civilian executive branch (FCEB) agency.
Read More

Most Recent