Most Recent

Attack Graph Emulating the Conti Ransomware Team’s Behaviors

AttackIQ has released a new full-featured attack graph emulating the tactics, techniques, and procedures (TTPs) used by the Conti Ransomware Group. Despite the group's recent dissolution, Conti’s successful post-compromise tactics, techniques, and procedures will live on. This attack graph will help defenders test their cyberdefense technologies against the full range of techniques and procedures that Conti used – and which Conti’s former members, now in other ransomware groups, will likely continue to use.

Announcing AttackIQ’s Malware Emulation Attack Graphs

We are immensely pleased to announce the first of AttackIQ’s “malware emulation attack graphs.” We broke down real-world malware into its logical steps to understand the adversary’s behavior. We then use our attack graph methodology to arrange the malware into its component tactics, techniques, and procedures. Using the malware emulation attack graph, defenders can emulate a specific strain of malware to test and validate their security controls. Take a look.

Integrations – Vectra

AttackIQ has released a new integration for use with network based scenarios. This blog describes use cases, scenarios one can utilize and what indicators we look for when determining a match.

5 Reasons You Don’t Want to Miss Purple Hats Conference 2022

The award-winning Purple Hats Conference is the industry destination for cybersecurity practitioners around the globe to collaborate, share ideas, and learn how to evolve cybersecurity strategies from a reactive to proactive threat-informed defense. We’re just days away from the best “cyberforum of the year” and you won’t want to miss it—and there’s still time to join. Here we’re breaking down for you five reasons you don’t want to miss Purple Hats.

Attack Graph Response to US-CERT AA22-083A: Historical Russia-based Actors Targeting the Energy Sector 

AttackIQ has released a new attack graph for organizations to test and validate their cyberdefense effectiveness against the HAVEX strain of malware. This attack graph follows a pair of Department of Justice indictments of Russia-based threat actors and a new joint FBI-CISA Cybersecurity Advisory about HAVEX released last week. An enduring and dangerous threat, HAVEX targeted the energy and power sectors in 135 countries from 2012-2018, and the tactics and techniques within it continue to threaten organizations today.

Testing Network Security Controls against Russian Malware 

Following an up-tick in the activity of Russia-based cyberthreat actors, this blog discusses the practical steps you can take to validate your network security controls against known Russian tactics, techniques, and procedures to improve your security readiness. It walks readers through Russia-specific emulations included in the AttackIQ Network Control Validation module.