TTPs

For malicious actors, opportunity can be found in the mundane. As adversaries continue to refine their approach with newer and more sophisticated methods to perform malicious activity, it is critical for detection engineers to stay up to date in the latest threat intelligence and adversary behaviors to monitor.

AttackIQ has released a new scenario and assessment in response to US-CERT Alert AA22-152A, Karakurt Data Extortion Group 

AttackIQ has released a new attack graph to emulate Russia-based threat actors as they exploit multi-factor authentication protocols to disable MFA. This blog describes the scenarios we have included in the new attack graph to emulate the adversary and then, to inform a purple team construct for cyberdefense operations, it provides detection and mitigation recommendations that you can use to improve your security program effectiveness. Read on for more.

AttackIQ and the Center for Threat-Informed Defense are furthering the art of adversary emulation with the Center's new Attack Flow project. Building on our deep research partnership with the Center, AttackIQ's Attack Graphs emulate the adversary with specificity and realism to test advanced cyberdefense technologies against multi-stage attacks. Read on for more.

ESG has just released the key findings of its cybersecurity hygiene and posture management survey, and in a poll of 400 cybersecurity professionals in North American enterprises, the number one action respondents said would improve cybersecurity hygiene? You guessed it: continuous security control validation.

For years, users struggled to put MITRE ATT&CK into practice. With the release of ATT&CK Workbench today, defenders can far better ensure that their threat intelligence is continually aligned with the public ATT&CK knowledge base. See how and why.

There are a number of ways that the MITRE ATT&CK framework can be used in your cybersecurity practice. Here are 10 of the most important as laid out in the MITRE ATT&CK for Dummies eBook.

AttackIQ's new architecture upgrade makes it possible for customers to emulate comprehensive, multi-stage adversary cyberattack campaigns with realism and specificity, at every step in the kill chain. Check it out.

Defensive technologies can provide meaningful capabilities to isolate the adversary from compromised systems as defenders and threat hunters inspect their networks, preventing further reconnaissance and lateral movement, but only if their effectiveness is tested and validated.

Crises such as the COVID-19 pandemic bring out the worst—and the best— humankind. In cybersecurity,…

Ransomware is on the rise, particularly against city government and hospitals. In advance of the 2020 U.S. presidential election, how does the AttackIQ Security Optimization Platform help businesses to defend themselves?

This is the second post in the Purple Teaming Chronicles series (the second is here). In…