July 31, 2024
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the North Korean state-sponsored adversary Andariel during Operation Blacksmith which affected manufacturing, agricultural and physical security companies in multiple regions.
July 26, 2024
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on July 25, 2024, that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea (DPRK)’s Reconnaissance General Bureau (RGB) 3rd Bureau based in Pyongyang and Sinuiju.
July 25, 2024
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the Cactus ransomware since the beginning of its activities in March 2023. Cactus has targeted a wide variety of organizations since its inception and has breached more than 140 entities as of July 2024.
July 15, 2024
AttackIQ has released two new assessment templates in response to the CISA Advisory (AA24-193A) published on July 11, 2024, that disseminates Tactics, Techniques and Procedures (TTPs), mitigation and detection methods associated with SILENTSHIELD red team assessment carried out by CISA against a Federal Civilian Executive Branch (FCEB) organization.
July 11, 2024
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the extortionist ransomware Nefilim during activities against multiple organizations, primarily based in North or South America, distributed in the financial, manufacturing, or transportation industries since its emergence in March 2020.
July 9, 2024
AttackIQ recently launched AttackIQ Mission Control, a powerful new feature within AttackIQ Enterprise designed to streamline security control testing for large organizations with decentralized teams. Effective security control testing empowers businesses to reduce risk, improve efficiency, and maximize the return on investment (ROI) of their cybersecurity programs.
July 3, 2024
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the highly sophisticated Russian adversary Sandworm during various destructive activities against targets in Ukraine and other countries in the region shortly before the launch of the Russian invasion on February 24, 2022.
June 25, 2024
Federal agencies need strong security controls and continuous compliance. The Cyber Operational Readiness Assessment (CORA) is a framework or methodology used to evaluate an agency’s cybersecurity posture and operational risks. It typically involves assessing various aspects of an organization’s cybersecurity practices. CORA assessments help agencies understand their current cybersecurity landscape, prioritize risks, and implement strategies to enhance their resilience against cyber threats.
June 20, 2024
AttackIQ has released three new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the stealthy and notorious Winnti Group during its activities in 2021 and 2022.
June 5, 2024
AttackIQ has released a new attack graph in response to the CISA Advisory (AA24-060A) published on February 29, 2024, which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the Phobos Ransomware variants observed as recently as February 2024.
May 29, 2024
Small and medium-sized businesses are increasingly targeted by sophisticated cyberattacks like QakBot and Black Basta ransomware. Discover how AttackIQ Flex’s latest package helps you test your defenses, uncover vulnerabilities, and stay ahead of these advanced threats. Enhance your security posture with real-world attack scenarios and actionable insights. Read on to learn more and register for free today!
May 24, 2024
AttackIQ has released two new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the open-source Remote Access Trojan AsyncRAT during its activities in 2023.
May 17, 2024
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-131A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated to Black Basta ransomware, a ransomware variant whose operators have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
May 3, 2024
As businesses continue to adopt container technologies such as Docker and Kubernetes for their deployment efficiency and scalability, they also face a growing challenge—securing these environments. Container security is still a developing field, with many organizations just beginning to understand the extent and effectiveness of necessary security controls.
May 1, 2024
In the vast landscape of Australia, the healthcare sector faces mounting challenges in the realm of cybersecurity. Threat actors are increasingly setting their sights on healthcare institutions, exploiting vulnerabilities with cunning precision. Join us as we uncover the recent cyberattack by Gootloader on the Australian healthcare sector and delve into the critical importance of robust cybersecurity defenses in safeguarding patient data and vital healthcare services.
April 22, 2024
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-109A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated to Akira ransomware, identified through FBI investigations and trusted third party reporting as recently as February 2024.
April 17, 2024
Operation Sharpshooter was a significant cyberattack by the Lazarus Group, targeting critical industries like finance, energy, and defense. Dive into the details of the attack and its implications and explore how AttackIQ Flex can assist in testing and strengthening your cybersecurity defenses.
April 16, 2024
AttackIQ has released four new attack graphs that seek to emulate the behaviors exhibited by the politically motivated Vietnamese adversary known as OceanLotus during its most recent and prevalent activities.
April 10, 2024
Operation In(ter)ception reveals Lazarus Group’s 2019 cyber campaign targeting military and aerospace organizations in Europe and the Middle East. Delve into the attacker’s tactics on LinkedIn, their covert infiltration methods, and the complexities of their persistence strategies. Discover how AttackIQ Flex can empower your organization to fortify their defenses against such sophisticated threats through the use of agentless emulation testing.
April 4, 2024
Discover the origin, tactics and future of Remote Access Trojan (RAT) dubbed MagicRAT and how leveraging AttackIQ Flex can help your organization simulate real-world attack scenarios, enabling you to assess and validate their security posture effectively.
March 28, 2024
As any seasoned security professional knows, many published security vulnerabilities and attacks are over-hyped. What makes something newsworthy is not always that it poses a significant risk to most organizations. If an attack doesn’t appear to be technically sophisticated, it will often be overlooked.
March 27, 2024
Join us as we uncover DarkGate, a malevolent force that strikes fear into the hearts of organizations worldwide. DarkGate has morphed into a sophisticated adversary, utilizing Drive-by Downloads and DanaBot deployment to wreak havoc. But fear not! With AttackIQ Flex at your side, you’ll be equipped to wage war against these digital demons and emerge victorious in the fight for cybersecurity supremacy.
March 8, 2024
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits affecting ConnectWise’s ScreenConnect software. This assessment template comprises the various Tactics, Techniques, and Procedures (TTPs) exhibited by several adversaries observed exploiting these vulnerabilities to deploy different families of Ransomware.
March 7, 2024
AttackIQ has released an update to the BlackCat ransomware emulation in response to the recent revision of the CISA Advisory (AA23-353A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) identified through FBI investigations as recently as February 2024.