Financial Services

Response to CISA Advisory (AA24-241A): Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-241A) published on August 28, 2024. The advisory outlines espionage activity associated with a specific group of Iranian cyber actors that have conducted a high volume of intrusion attempts against US organizations since 2017 and as recently as August 2024

Emulating the Long-Term Extortionist Nefilim Ransomware

AttackIQ has released a new attack graph that emulates the behaviors exhibited by the extortionist ransomware Nefilim during activities against multiple organizations, primarily based in North or South America, distributed in the financial, manufacturing, or transportation industries since its emergence in March 2020.

Attack Graph Response to CISA Advisory (AA23-319A): #StopRansomware: Rhysida Ransomware

On November 15, 2023, CISA published an Advisory (AA23-319A) that disseminates known Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and detection methods associated with Rhysida ransomware identified through FBI investigations. In September 2023, AttackIQ released two new attack graphs in response to recent reports of activities involving Rhysida ransomware.