TTPs

Attack Graph Response to CISA Advisory (AA23-284A): #StopRansomware: AvosLocker Ransomware

AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-284A) that disseminates known Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and detection methods associated with AvosLocker ransomware identified through FBI investigations as recent as May 2023. AvosLocker is known for conducting activities against organizations across multiple critical infrastructure sectors using legitimate software and open-source remote system administration tools.

Attack Graph Response to US CERT AA22-074A: Russia-based actors disabling multi-factor authentication (MFA)  

AttackIQ has released a new attack graph to emulate Russia-based threat actors as they exploit multi-factor authentication protocols to disable MFA. This blog describes the scenarios we have included in the new attack graph to emulate the adversary and then, to inform a purple team construct for cyberdefense operations, it provides detection and mitigation recommendations that you can use to improve your security program effectiveness. Read on for more.

Testing with Realism: Attack Flows and AttackIQ Attack Graphs  

AttackIQ and the Center for Threat-Informed Defense are furthering the art of adversary emulation with the Center's new Attack Flow project. Building on our deep research partnership with the Center, AttackIQ's Attack Graphs emulate the adversary with specificity and realism to test advanced cyberdefense technologies against multi-stage attacks. Read on for more.
1 / 2