Iran Archives

Response to CISA Advisory (AA24-290A): Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-290A), published on October 16, 2024. The advisory highlights that since October 2023, Iranian cyber actors have used password spraying and multifactor authentication (MFA) ‘push bombing’ to compromise user accounts and gain access to organizations across various critical infrastructure sectors.

October 17, 2024 Read More

Adversary Emulation

Response to CISA Advisory (AA24-241A): Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-241A) published on August 28, 2024. The advisory outlines espionage activity associated with a specific group of Iranian cyber actors that have conducted a high volume of intrusion attempts against US organizations since 2017 and as recently as August 2024

August 29, 2024 Read More

Adversary Emulation

Attack Graph Response to US-CERT Alert (AA22-257A): Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Ransom Operations

AttackIQ has released a new attack graph emulating the techniques used by Iranian actors to compromise and encrypt systems — without the need for malware — to help customers defend against threats that try to operate while living solely off the land.

September 16, 2022 Read More

Adversary Emulation

OilRig Attack Graphs: Emulating the Iranian Threat Actor’s Global Campaigns

AttackIQ has released two new attack graphs that emulate different aspects of OilRig’s operations against multiple sectors around the globe. With these attack graphs, you can test and validate your defenses to improve cybersecurity readiness.

July 11, 2022 Read More