AttackIQ has released a new attack graph that emulates the behaviors exhibited by Qilin ransomware, a threat that first appeared in July 2022 and remains one of the most active families today. Qilin primarily targets the healthcare, government, education, manufacturing, and finance sectors, and has evolved to operate across multiple ... Read More

AttackIQ presents the fourth volume of Ransom Tales, an initiative focused on emulating the Tactics, Techniques, and Procedures (TTPs) exhibited by sophisticated and prominent ransomware families with the objective of empowering defenders to rigorously challenge their security controls and enhance resilience against disruptive and extortive threats. In this release, AttackIQ ... Read More

AttackIQ has released two new assessment templates in response to the CISA Advisory (AA25-266A) published on September 23, 2025. The CSA highlights the lessons learned from an incident response engagement CISA conducted at a U.S. federal civilian executive branch (FCEB) agency to help effectively mitigate risk, prepare for, and respond ... Read More

In response to the CISA Advisory (AA25-239A), AttackIQ has updated the assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the Chinese adversary Salt Typhoon and released a new attack graph emulating the behaviors exhibited during the SparrowDoor and ShadowPad campaign in March 2025. The ... Read More

AttackIQ has released a new assessment template that contains a curated list of Tools and Malware samples associated with Scattered Spider to help defenders improve their security posture against this sophisticated and persistent threat. The post Emulating the Unyielding Scattered Spider appeared first on AttackIQ ... Read More

AttackIQ has released a new assessment template in response to the CISA Advisory (AA25-141A) published on May 21, 2025. The CSA highlights a cyber espionage-oriented campaign carried out by cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (Unit 26165), targeting Western ... Read More

AttackIQ has released a new attack graph emulating the behaviors exhibited by VanHelsing ransomware, a new and rapidly growing ransomware-as-a-service (RaaS) affiliate program that emerged in March 2025. This emulation enables defenders to test and validate their detection and response capabilities against this new threat. The post Emulating the Terrorizing ... Read More

AttackIQ has released three new attack graphs designed to emulate the Tactics, Techniques, and Procedures (TTPs) associated with StrelaStealer observed in its most recent activities, enabling defenders to test and validate their detection and response capabilities. The post Emulating the Stealthy StrelaStealer Malware appeared first on AttackIQ ... Read More

AttackIQ has released a new attack graph designed to emulate the Tactics, Techniques, and Procedures (TTPs) associated with CatB ransomware observed in its most recent activities, enabling defenders to test and validate their detection and response capabilities. The post Emulating the Misleading CatB Ransomware appeared first on AttackIQ ... Read More

AttackIQ recommends that customers take the following testing actions in alignment with the recently published CISA Advisory (AA25-093A) which highlights the ongoing and evolving threat of fast flux techniques. These techniques are increasingly being adopted by a growing number of adversaries, making it critical for organizations to take proactive steps ... Read More