Ayelen Torello, Author at Security Boulevard

Hot Topics

Introducing Goffloader: A Pure Go Implementation of an In-Memory COFFLoader and PE Loader
The Role of Digital Adoption in Email Deliverability & Security
Demystifying SOC 2 Compliance for Startups: A Simple Guide
Happy Canada Labour Day! / Bonne Fête du Travail Canadienne!
Happy United States Labor Day 2024 / Feliz Fin de Semana del Día del Trabajo de Estados Unidos 2024 / Joyeux Fin de Semaine de la Fête du Travail aux États-Unis 2024

Response to CISA Advisory (AA24-241A): Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations

Ayelen Torello | August 29, 2024 | adversary emulation, CISA Alert, Defense Industrial Base, education, Financial Services, Fox Kitten, government, Healthcare & Life Sciences, Iran, Lemon Sandstorm, Parisite, Pioneer Kitten, RUBIDIUM, UNC757

AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-241A) published on August 28, 2024. The advisory outlines espionage activity associated with a specific group of Iranian cyber actors that have conducted a high volume of intrusion attempts against US organizations since 2017 and as recently ... Read More

AttackIQ

Response to CISA Advisory (AA24-193A): CISA Red Team’s Operations Against a Federal Civilian Executive Branch Organization Highlights the Necessity of Defense-in-Depth

Ayelen Torello | July 15, 2024 | adversary emulation

AttackIQ has released two new assessment templates in response to the CISA Advisory (AA24-193A) published on July 11, 2024, that disseminates Tactics, Techniques and Procedures (TTPs), mitigation and detection methods associated with SILENTSHIELD red team assessment carried out by CISA against a Federal Civilian Executive Branch (FCEB) organization. The post ... Read More

AttackIQ

Emulating the Notorious Chinese State-Sponsored Winnti Group

Ayelen Torello | June 20, 2024 | adversary emulation, government, manufacturing, technology, TTPs, Winnti

AttackIQ has released three new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the stealthy and notorious Winnti Group during its activities in 2021 and 2022. The post Emulating the Notorious Chinese State-Sponsored Winnti Group appeared first on AttackIQ ... Read More

AttackIQ

Emulating the Open-Source Remote Access Trojan (RAT) AsyncRAT

Ayelen Torello | May 24, 2024 | adversary emulation, AsyncRAT, Broad-Based Attacks, GitHub, open source, remote-access Trojan, TTPs

AttackIQ has released two new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the open-source Remote Access Trojan AsyncRAT during its activities in 2023. The post Emulating the Open-Source Remote Access Trojan (RAT) AsyncRAT appeared first on AttackIQ ... Read More

AttackIQ

Emulating the Southeast Asian Adversary OceanLotus

Ayelen Torello | April 16, 2024 | adversary emulation, APT32, Civilian Institutions, Financial Services, Media & Entertainment, Ocean Buffalo, OceanLotus, Operation OceanStorm, Operation Typhoon, SeaLotus

AttackIQ has released four new attack graphs that seek to emulate the behaviors exhibited by the politically motivated Vietnamese adversary known as OceanLotus during its most recent and prevalent activities. The post Emulating the Southeast Asian Adversary OceanLotus appeared first on AttackIQ ... Read More

AttackIQ