Blog - Page 2 of 17

Regulatory Revolution: Redefining Global Cybersecurity through Performance-Driven Standards

The landscape of global cybersecurity is undergoing a seismic shift, marked by a fervent departure from traditional compliance-based strategies towards a new era of performance-based fortification. Spearheaded by dynamic changes in the regulatory frameworks of powerhouse economies like the US and EU, this evolution aims not just for compliance checkboxes but tangible security outcomes that defy mounting threats and historical failures in defense mechanisms.

Author: Nick Desler November 30, 2023 Read More

#StopRansomware

Response to CISA Advisory (AA23-325A): #StopRansomware: LockBit 3.0 Ransomware Affiliates Exploit CVE 2023-4966 Citrix Bleed Vulnerability

AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA23-325A) that disseminates Indicators of Compromise (IOCs), Tactics, Techniques and Procedures (TTPs), and detection methods associated with LockBit 3.0. This assessment template is based on an incident in which LockBit affiliates were observed exploiting CVE-2023-4966 to gain access to Boeing infrastructure.

November 27, 2023 Read More

Adversary Emulation

Response to CISA Advisory (AA23-320A): Scattered Spider

AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA23-320A) that disseminates known Scattered Spider’s Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs) identified through FBI investigations as recent as November 2023.

November 21, 2023 Read More

AttackIQ Flex

Tainted Defenses: Emulating Gallium’s Operation Tainted Love

Though the band Soft Cell may be considered a one-hit wonder with their 1981 hit song “Tainted Love”, the same cannot be said for Gallium, a Chinese-based threat actor that has continued to wreak havoc in the Middle Eastern telecommunications sector for over a decade now. Their most recent cyberespionage campaign? Operation Tainted Love.

November 20, 2023 Read More

Most Recent

Adversary Emulation

Emulating the Commodity Downloader GootLoader

AttackIQ has released three new attack graphs that aim to emulate the recent activities involving the commodity JavaScript-based downloader known as GootLoader.

October 9, 2023 Read More

Adversary Emulation

Attack Graph Response to CISA Advisory (AA23-263A): #StopRansomware: Snatch Ransomware

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-263A) that disseminates known Snatch ransomware threat actor’s techniques and indicators identified through FBI investigations as recent as June 2023. Snatch operators are known to conduct activities against a wide range of critical infrastructure sectors and carry out double-extortion tactics to improve their chances of successfully receiving a ransom payment.

October 4, 2023 Read More

AttackIQ Flex

Enhancing Cybersecurity Resilience

EDR testing is a critical component of maintaining a bulletproof defense posture, but it doesn’t have to be hard to do.

October 4, 2023 Read More

AttackIQ Flex

How Does Your Security Stack Up Against North Korean Hackers? Put Your Defenses to the Test!

AttackIQ has released a new Flex package designed to replicate the activities associated with the recent supply chain attack on 3CX software by Lazarus Group, a North Korean-based adversary.

September 27, 2023 Read More

Adversary Emulation

Attack Graph Response to CISA Advisory AA23-250A: Multiple Nation-State Threat Actors Exploit CVE-2022-47966 and CVE-2022-42475

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-250A) that seeks to emulate the activities carried out by multiple nation-state threat actors at an Aeronautical Sector organization as early as January 2023.

September 25, 2023 Read More

Ransomware

Emulating the Controversial and Intriguing Rhysida Ransomware

AttackIQ has released two new attack graphs that seek to emulate the various activities carried out by the controversial Ransomware-as-a-Service (RaaS) known as Rhysida against multiple targets worldwide since its discovery in May 2023.

September 20, 2023 Read More

AttackIQ

The Uncharted Waters of Cloud Security Optimization

Programmatic cloud testing can be your true north.

September 19, 2023 Read More

AttackIQ Flex

Securing Remote Networks with AttackIQ Flex

The rise of remote work, branch networks, and the entwining of IoT and OT systems have created vast network footprints, making identifying vulnerabilities more challenging than ever. Cyber threats loom large, and with the stakes higher than ever, ensuring your defenses are impervious is paramount.

September 7, 2023 Read More

AttackIQ Flex

Enhancing M&A Security Control Validation with AttackIQ Flex

In a world where time is a precious resource, AttackIQ Flex ensures your security controls are prepared for the challenges posed by M&A and remote network integrations.

August 31, 2023 Read More

AttackIQ Flex

How Does Your Security Stack Up Against Russian Spies?

The implications of not conducting security control testing are profound. Adversaries are relentless and will exploit vulnerabilities if given the chance. The potential impact includes data breaches, financial losses, damage to reputation, and regulatory penalties.

August 23, 2023 Read More

Adversary Emulation

Emulating the Iranian State-Sponsored Adversary APT35

AttackIQ has released a new attack graph that aims to emulate activities observed by the politically and military motivated state-sponsored Iranian-based adversary APT35, who is known to target multiple industries primarily in Europe, the Middle East, and North America.

August 18, 2023 Read More

Adversary Emulation

Testing for everyone

AttackIQ has helped hundreds of companies across the global 2000 to conduct automated testing at scale, powered by MITRE ATT&CK. Building on a decade of success, we are now making testing available for everyone. Here's what that means.

August 3, 2023 Read More