Regulatory Revolution: Redefining Global Cybersecurity through Performance-Driven Standards

The landscape of global cybersecurity is undergoing a seismic shift, marked by a fervent departure from traditional compliance-based strategies towards a new era of performance-based fortification. Spearheaded by dynamic changes in the regulatory frameworks of powerhouse economies like the US and EU, this evolution aims not just for compliance checkboxes but tangible security outcomes that defy mounting threats and historical failures in defense mechanisms.

Author: Nick Desler Read More
Response to CISA Advisory (AA23-325A): #StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability
#StopRansomware

Response to CISA Advisory (AA23-325A): #StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA23-325A) that disseminates Indicators of Compromise (IOCs), Tactics, Techniques and Procedures (TTPs), and detection methods associated with LockBit 3.0. This assessment template is based on an incident in which LockBit affiliates were observed exploiting CVE-2023-4966 to gain access to Boeing infrastructure.
Read More
Response to CISA Advisory (AA23-320A): Scattered Spider
Adversary Emulation

Response to CISA Advisory (AA23-320A): Scattered Spider

AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA23-320A) that disseminates known Scattered Spider’s Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs) identified through FBI investigations as recent as November 2023.
Read More
Tainted Defenses: Emulating Gallium’s Operation Tainted Love
AttackIQ Flex

Tainted Defenses: Emulating Gallium’s Operation Tainted Love

Though the band Soft Cell may be considered a one-hit wonder with their 1981 hit song “Tainted Love”, the same cannot be said for Gallium, a Chinese-based threat actor that has continued to wreak havoc in the Middle Eastern telecommunications sector for over a decade now. Their most recent cyberespionage campaign? Operation Tainted Love.
Read More

Most Recent