Emulating the Extortionist Mallox Ransomware
Francis Guibernau | | adversary emulation, Broad-Based Attacks, FARGO, Mallox, MS-SQL, Ransomware, TargetCompany, Tohnichi
AttackIQ has released a new attack graph that emulates the behaviors exhibited by Mallox ransomware since the beginning of its activities in June 2021. Mallox primarily gains access to victim networks through ...
Response to CISA Advisory (AA24-241A): Iran-based Cyber Actors Enabling Ransomware Attacks on US Organizations
Ayelen Torello | | adversary emulation, CISA Alert, Defense Industrial Base, education, Financial Services, Fox Kitten, government, Healthcare & Life Sciences, Iran, Lemon Sandstorm, Parisite, Pioneer Kitten, RUBIDIUM, UNC757
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-241A) published on August 28, 2024. The advisory outlines espionage activity associated with a specific group of Iranian cyber ...
Response to CISA Advisory (AA24-234A): Strengthening Defenses Through Effective Event Logging and Threat Detection
In response to the recent CISA Advisory (AA24-234A) outlining best practices for event logging and threat detection, AttackIQ, in alignment with CISA’s guidance, strongly encourages organizations to engage in continuous testing against ...
AttackIQ’s New NIST CSF Assessment: A Game-Changer for Cybersecurity
The cybersecurity landscape is constantly evolving, with threats becoming increasingly sophisticated. Organizations are under immense pressure to protect their sensitive data and systems from cyberattacks. To address this challenge, many are turning ...
Navigating the DORA Landscape with AttackIQ’s Automated Assessment
Andrew Habibi Parker | | AttackIQ, AttackIQ Flex, Automated Testing, Breach & Attack Simulation, DORA, MITRE ATT&CK
The financial services and insurance industries have always been in the center of targeted waves of cyberattacks. The escalating sophistication of cyberattacks has necessitated a shift towards continuous, automated security testing. Regulators ...
Emulating Sandworm’s Prestige Ransomware
Francis Guibernau | | adversary emulation, Broad-Based Attacks, living off the land, Microsoft, Microsoft Threat Intelligence Center (MSTIC), Poland, Prestige, Ransomware, Russia, Sandworm, Ukraine
AttackIQ has released a new attack graph that emulates the behaviors exhibited by Prestige ransomware since the beginning of its activities in October 2022. Prestige has been observed targeting organizations in the ...
Democratizing Defense: AttackIQ Flex 2.0 Empowers Every Organization
Revolutionizing security testing with continuous security validation. The post Democratizing Defense: AttackIQ Flex 2.0 Empowers Every Organization appeared first on AttackIQ ...
Rat Traps: Emulating AsyncRAT with AttackIQ Flex
In the ultramodern, mercurial sphere of cybersecurity, somehow a 1700-year-old quote from Helena of Constantinople still deeply resonates. Even with seemingly robust defenses, the smallest vulnerability can be an open invitation for ...
Emulating the Politically Motivated North Korean Adversary Andariel – Part 2
Francis Guibernau | | adversary emulation, Agricultural, Andariel, Lazarus Group, manufacturing, North Korea, Operation Blacksmith, Professional Services
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the North Korean state-sponsored adversary Andariel during Operation Blacksmith which affected manufacturing, agricultural and physical security companies in multiple ...
Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
Francis Guibernau | | adversary emulation, CISA Alert, Defense Industrial Base, Energy, North Korea, Professional Services, Resources & Utilities, transportation
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on July 25, 2024, that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea ...