Response to CISA Advisory (AA23-144A): China State-Sponsored Actor Volt Typhoon Living off the Land to Evade Detection

AttackIQ has released two new assessments that emulate the techniques associated with a People’s Republic of China (PRC) state-sponsored cyber actor known as Volt Typhoon. Volt Typhoon makes extensive use of living off the land tools to remaining undetected for as long as possible while complete their espionage goals.

Authors: Francis Guibernau Andrew Costis Giovanni López Read More
Response to CISA Advisory AA23-131A: Malicious Actors Exploit PaperCut MF and NG
Adversary Emulation

Response to CISA Advisory AA23-131A: Malicious Actors Exploit PaperCut MF and NG

On May 11, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) detailing ongoing exploitation of a vulnerability in PaperCut MF and NG by cyber criminals. AttackIQ has released four new scenarios that emulates the exploitation of CVE-2023-27350 to help customers validate their security controls and their ability to defend against this widely exploited vulnerability.
Read More
Emulating Recent Activity from the Russian Adversary Nobelium / APT29
Adversary Emulation

Emulating Recent Activity from the Russian Adversary Nobelium / APT29

AttackIQ has released a new attack graph that emulates recent activities conducted by the adversary known as Nobelium against European Union (EU) governments. These attacks continue Russia's efforts to gather intelligence on countries supporting Ukraine in the ongoing Russia-Ukraine war.
Read More
Emulating Kimsuky’s Espionage Operations: A Closer Look at North Korea’s Efforts to Infiltrate South Korea
Adversary Emulation

Emulating Kimsuky’s Espionage Operations: A Closer Look at North Korea’s Efforts to Infiltrate South Korea

AttackIQ has released four new attack graphs that emulate the espionage activities led by Kimsuky, a politically motivated North Korean adversary with links to the nation's intelligence operations.
Read More

Most Recent