Blog - Page 7 of 15

Response to CISA Advisory (AA23-144A): China State-Sponsored Actor Volt Typhoon Living off the Land to Evade Detection

AttackIQ has released two new assessments that emulate the techniques associated with a People’s Republic of China (PRC) state-sponsored cyber actor known as Volt Typhoon. Volt Typhoon makes extensive use of living off the land tools to remaining undetected for as long as possible while complete their espionage goals.

Authors: Francis Guibernau Andrew Costis Giovanni López May 25, 2023 Read More

Adversary Emulation

Response to CISA Advisory AA23-131A: Malicious Actors Exploit PaperCut MF and NG

On May 11, 2023, the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) detailing ongoing exploitation of a vulnerability in PaperCut MF and NG by cyber criminals. AttackIQ has released four new scenarios that emulates the exploitation of CVE-2023-27350 to help customers validate their security controls and their ability to defend against this widely exploited vulnerability.

May 12, 2023 Read More

Adversary Emulation

Emulating Recent Activity from the Russian Adversary Nobelium / APT29

AttackIQ has released a new attack graph that emulates recent activities conducted by the adversary known as Nobelium against European Union (EU) governments. These attacks continue Russia's efforts to gather intelligence on countries supporting Ukraine in the ongoing Russia-Ukraine war.

May 4, 2023 Read More

Adversary Emulation

Emulating Kimsuky’s Espionage Operations: A Closer Look at North Korea’s Efforts to Infiltrate South Korea

AttackIQ has released four new attack graphs that emulate the espionage activities led by Kimsuky, a politically motivated North Korean adversary with links to the nation's intelligence operations.

April 26, 2023 Read More

Most Recent

Cybersecurity

Don’t treat cybersecurity hygiene like your car engine light

ESG has just released the key findings of its cybersecurity hygiene and posture management survey, and in a poll of 400 cybersecurity professionals in North American enterprises, the number one action respondents said would improve cybersecurity hygiene? You guessed it: continuous security control validation.

October 21, 2021 Read More

Cyberattack

What To Do in the Case of Brand Reputation Impersonation

Recently, AttackIQ was notified that an Iranian threat actor had created a fake domain and fraudulent website (attackiq[.]ir) impersonating AttackIQ and abusing the company brand. This blog is an account of what happened and how AttackIQ responded, and it aims to provide insights to help organizations prepare to deal with similar Brand Reputation Abuse situations.

October 15, 2021 Read More

Center for Threat-Informed Defense

Our message to cybersecurity teams: We’ve got your six.

The rapid growth in our company isn’t just because we have the best platform for breach and attack simulation (we do). It’s because no other company is as invested as we are in helping you build a threat-informed defense practice that delivers measurable results.

October 6, 2021 Read More

Adversary Emulation

“Zero Trust But Validate.” It’s not enough to deploy a zero trust architecture. You need to continuously validate that it works.

To echo a famous Russian proverb, "trust but verify," it's not enough to implement a zero trust architecture. Continuous testing is the only way to achieve real cybersecurity readiness.

October 4, 2021 Read More

Threat-informed defense

Meet AttackIQ Vanguard: Helping security teams identify control gaps before the adversary does.

As organizations react to constantly changing and challenging situations today, they need to be confident they can still meet their business objectives while controlling risk.

September 30, 2021 Read More

Ransomware

Ransomware and Targeted Attacks in the Healthcare Sector

Although ransomware can have devastating effects regardless of which industry vertical an organisation is part of, the healthcare industry has particularly paid a heavy price in recent times.

September 23, 2021 Read More

Center for Threat-Informed Defense

Cloud platforms can stop adversaries. Here’s how.

A landmark innovation from MITRE Engenuity's Center for Threat-Informed Defense maps cloud security controls in AWS and Azure to MITRE ATT&CK®, elevating cybersecurity effectiveness.

September 22, 2021 Read More

Cybersecurity

Is Your Healthcare Organization Following These Four Ransomware Best Practices?

Healthcare is the most targeted sector for data breaches, and ransomware attacks were responsible for almost 50 percent of all healthcare data breaches in 2020. How should healthcare companies proceed? Our guest blogger in this ransomware series is Tracy Cohen, a cybersecurity expert with over a decade of experience managing cybersecurity risk in the healthcare and biopharma sector. She is also a licensed skydiver,

August 24, 2021 Read More

Center for Threat-Informed Defense

20,000 Strong for AttackIQ Academy. And It’s Just the Beginning.

With over 20,000 students in AttackIQ Academy, our mission is strong as ever to provide a free education on how to build and implement a threat informed defense.

August 24, 2021 Read More

Ransomware

Azure Security Stack Mappings: The Top Native Security Controls for Ransomware

For the first time, organisations can visually see what Azure security controls can offer in terms of protection, detection and response. With 45 native Azure security control mappings, defenders can start focusing on not only TTPs in the context of Azure threats, but also how each native Azure security control might shield them from related TTPs in Azure.

August 23, 2021 Read More