Adversary Emulation Emulating the Destructive Sandworm Adversary ByAyelen Torello November 14, 2025November 14, 2025
Adversary Emulation Emulating the Espionage-Oriented Group SideWinder ByAyelen Torello November 13, 2025November 13, 2025
Adversary Emulation Emulating the Versatile Qilin Ransomware ByAyelen Torello October 2, 2025October 2, 2025
CISA Advisory Response to CISA Advisory (AA25-239A): Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System ByAyelen Torello September 4, 2025September 4, 2025
Adversary Emulation Response to CISA Advisory (AA25-141A): Russian GRU Targeting Western Logistics Entities and Technology Companies ByAyelen Torello May 21, 2025July 29, 2025
Adversary Emulation Emulating the Sophisticated Russian Adversary Seashell Blizzard ByAyelen Torello April 2, 2025July 21, 2025
Adversary Emulation Emulating the Sophisticated Chinese Adversary Salt Typhoon ByFrancis Guibernau March 19, 2025July 31, 2025
Adversary Emulation | Iran Response to CISA Advisory (AA24-290A): Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations ByFrancis Guibernau October 17, 2024July 31, 2025
Adversary Emulation Response to CISA Advisory (AA24-241A): Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations ByAyelen Torello August 29, 2024July 31, 2025
Adversary Emulation Emulating the Sabotage-Focused Russian Adversary Sandworm– Part 2 ByFrancis Guibernau July 3, 2024July 31, 2025
Adversary Emulation Emulating the Notorious Chinese State-Sponsored Winnti Group ByAyelen Torello June 20, 2024July 31, 2025
Adversary Emulation Emulating the Sabotage-Focused Russian Adversary Sandworm-Part 1 ByFrancis Guibernau March 6, 2024July 31, 2025
Adversary Emulation Response to CISA Advisory (AA24-057A): SVR Cyber Actors Adapt Tactics for Initial Cloud Access ByAttackIQ Team February 27, 2024July 21, 2025
AttackIQ Flex In the Cyber Jungle, the Mighty Mustang Panda Phishes Tonight ByMadison Steel January 24, 2024July 31, 2025
Adversary Emulation Response to CISA Advisory (AA23-339A): Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers ByFrancis Guibernau December 7, 2023July 31, 2025
#StopRansomware | Ransomware Attack Graph Response to CISA Advisory (AA23-319A): #StopRansomware: Rhysida Ransomware ByAttackIQ Team November 20, 2023July 21, 2025
Ransomware Emulating the Controversial and Intriguing Rhysida Ransomware ByFrancis Guibernau September 20, 2023July 31, 2025
Adversary Emulation | Iran | TTPs Emulating the Iranian State-Sponsored Adversary APT35 ByAttackIQ Team August 18, 2023July 21, 2025
Adversary Emulation | China Response to CISA Advisory (AA23-144A): China State-Sponsored Actor Volt Typhoon Living off the Land to Evade Detection ByAttackIQ Team May 25, 2023July 21, 2025
Adversary Emulation | Russia Emulating Recent Activity from the Russian Adversary Nobelium / APT29 ByAttackIQ Team May 4, 2023July 21, 2025
Adversary Emulation | AttackIQ Flex Attack Graph Response to CISA Advisory (AA23-074A): Threat Actors Exploit Progress Telerik Vulnerability in U.S. Government IIS Server ByAttackIQ Team March 17, 2023
Adversary Emulation Emulating the Cybercriminal Initial Access Broker TA551 ByAttackIQ Team March 3, 2023July 21, 2025
Adversary Emulation | North Korea Emulating the Highly Sophisticated North Korean Adversary Lazarus Group – Part 1 ByAttackIQ Team January 5, 2023July 21, 2025
