March 23, 2023
AttackIQ has released two new attack graphs that emulate recent activities involving the banking trojan known as BokBot, which has been primarily focused on exfiltrating data and stealing credentials. This new release continues our focused research on emulating shared e-crime malware used in attacks by multiple adversaries.
March 17, 2023
AttackIQ has released a new fully featured attack graph that emulates the behaviors demonstrated by the latest version the LockBit ransomware family “LockBit 3.0”, also known as “LockBit Black.”
March 17, 2023
AttackIQ has released a new attack graph that emulates the Tactics, Techniques, and Procedures (TTPs) used by a cybercriminal-focused adversary who carried successfully exploited CVE-2019-18935 against an instance of Telerik UI at a federal civilian executive branch (FCEB) agency.
March 3, 2023
AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in cyberattacks involving Royal Ransomware.
March 3, 2023
AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) associated with a 2020 intrusion from the cybercriminal group TA551.
February 17, 2023
AttackIQ has released two new attack graphs emulating recent Emotet campaigns that resulted in data exfiltration and ransomware extortion. This release continues our focused research on shared e-crime malware used in attacks by multiple threat actors.
February 14, 2023
AttackIQ is democratiziing the practice of threat-informed defense and adversary emulation, including by funding research from the Center for Threat-Informed Defense on micro-emulation planning. Learn more out how we put adversary emulation into practice in the AttackIQ Security Optimization Platform.
February 3, 2023
AttackIQ has released two attack graphs that emulate the shared cybercrime malware loader known as BumbleBee. This release is a continuation of our cybercrime malware emulation initiative detailing how customers can protect themselves against a wide range of actors who share tooling.
January 25, 2023
AttackIQ has released three new attack graphs that emulate multiple infection chain variations involving the widely utilized cybercrime malware known as QakBot.
January 5, 2023
AttackIQ has released a bundle of content consisting of six new attack graphs that seek to emulate the campaigns and operations led by the infamous North Korean-sponsored adversary Lazarus Group against entities worldwide across multiple sectors.
December 22, 2022
AttackIQ has released a bundle of content that includes three new attack graphs that seek to emulate different cyberspace operations led by the North Korean-sponsored threat actor Andariel against multiple entities located in Asia, predominantly in South Korea, through the use of downloaders, backdoors, and custom ransomware.
December 19, 2022
AttackIQ has released a new attack graph that seeks to emulate the activity carried out by the politically motivated Pakistan-based adversary known as APT36 or Transparent Tribe. This newly released attack graph emulates the behaviors observed in attacks against victims working in Indian government organizations.
December 14, 2022
AttackIQ has released a bundle of content including four new attack graphs that seek to emulate two types of attacks conducted by the North Korean adversary BlueNoroff. The newly released graphs emulate the behaviors used in the attacks against the Society for Worldwide Interbank Financial Telecommunication (SWIFT) software and organizations involved in cryptocurrency.
December 13, 2022
OpenAI’s ChatGPT can tell you exactly how to use BAS to improve your cyberdefense effectiveness. But it won’t help you with the Russian military specifically, and that’s a very good thing. See below for why OpenAI deserves credit for this algorithmic limit.
December 12, 2022
We asked OpenAI’s ChaptGPT to write a 750-800 word blog post about breach and attack simulation (BAS) in the voice of Langston Hughes. It did great; see below. And well-done, team OpenAI.
October 6, 2022
AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) observed in an attack by Chinese-sponsored adversaries against a Defense Industrial Base organization in the U.S.
September 23, 2022
AttackIQ has released a new fully featured attack graph that emulates the tactics, techniques, and procedures (TTPs) used by Iranian nation-state adversaries against the government of Albania.
September 21, 2022
AttackIQ has released a content bundle including two new attack graphs covering two historical APT28 campaigns involving their SkinnyBoy and Zebrocy malware families and standalone scenarios emulating command-and-control traffic to test boundary controls.
September 16, 2022
AttackIQ has released a new attack graph emulating the techniques used by Iranian actors to compromise and encrypt systems — without the need for malware — to help customers defend against threats that try to operate while living solely off the land.
September 8, 2022
AttackIQ has released a new attack graph emulating a Vice Society attack to help customers validate their security controls and their ability to defend against this threat actor and others who utilize similar behaviors.
August 11, 2022
AttackIQ’s Adversary Research Team has released a new assessment to test endpoint and network controls’ ability to prevent Zeppelin Ransomware.
August 10, 2022
AttackIQ’s Adversary Research Team has released two new assessments to test endpoint and network controls’ ability to prevent widely utilized malware families.
August 2, 2022
AttackIQ’s Adversary Research Team has released a new Malware Emulation Attack Graph that emulates the Linux behaviors of the multi-platform backdoor known as SysJoker.
July 29, 2022
In this guest blog post, Bradley Schaufenbuel of Paychex writes about how security teams can leverage the MITRE ATT&CK framework to mount a “threat-informed” defense. This post originally appeared as an article in SC Magazine.