adversary emulation Archives

Emulating the Systematic LokiLocker Ransomware

Ayelen Torello | February 26, 2026 | adversary emulation, Broad-Based Attacks, LokiLocker, RaaS, Ransomware, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors of LokiLocker ransomware, a .NET based strain active since at least mid-August 2021. The malware combines defense evasion and impact techniques, ...

AttackIQ

Evergreen Phishing Defense: Automated Weekly Security Validation

Paul Reid | February 9, 2026 | adversary emulation, automated security control validation, email, Phishing, security validation, Threat Research

What if your phishing tests updated themselves every week? Learn how real phishing campaigns are automatically transformed into continuous email and endpoint validation—at scale. The post Evergreen Phishing Defense: Automated Weekly Security ...

AttackIQ

25 New Adversary Emulation Packages Covering Ransomware and Advisory-Driven Threats

Paul Reid | January 21, 2026 | adversary emulation, AttackIQ Flex, Product & Platform, Ransomware

Effective defense depends on understanding how adversaries operate across complete intrusion chains, not just whether individual controls trigger. The post 25 New Adversary Emulation Packages Covering Ransomware and Advisory-Driven Threats appeared first ...

AttackIQ

Emulating the Elegant BlackSuit Ransomware

Francis Guibernau | January 20, 2026 | adversary emulation, BlackSuit, Broad-Based Attacks, Phishing, Ransomware, Royal Ransomware, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackSuit ransomware, a ransomware strain that has been active since at least May 2023. It represents the evolution of ...

AttackIQ

React2Shell (CVE-2025-55182): Critical Remote Code Execution (RCE) in React Server Components

Francis Guibernau | December 18, 2025 | adversary emulation, Broad-Based Attacks

AttackIQ released a new assessment template that compiles the Tactics, Techniques, and Procedures (TTPs) associated with the exploitation of the critical CVE-2025-55182 (React2Shell) Remote Code Execution (RCE) vulnerability affecting React Server Components ...

AttackIQ

Ransom Tales: Volume VI — Throwback Edition! Emulating Ryuk, Conti, and BlackCat Ransomware

Francis Guibernau | December 11, 2025 | adversary emulation, Blackcat, Conti, Ransomware, Ryuk

On July 22, 2025, AttackIQ introduced Ransom Tales, an initiative focused on routinely emulating the Tactics, Techniques, and Procedures (TTPs) associated with the prolific ransomware families currently dominating the threat landscape. Each ...

AttackIQ

Revisiting the Versatile Qilin Ransomware

Francis Guibernau | November 19, 2025 | adversary emulation, Broad-Based Attacks, Qilin, Ransomware, ransomware as a service

AttackIQ has released an updated attack graph in response to emerging threat intelligence associated with the deployment of Qilin ransomware, a ransomware strain that first appeared in July 2022 and remains one ...

AttackIQ

Emulating the Destructive Sandworm Adversary

Ayelen Torello | November 14, 2025 | adversary emulation, APT44, government, Russia, Sandworm, Seashell Blizzard, Voodoo Bear

AttackIQ has released a new assessment template designed to emulate the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with a recent intrusion targeting Ukrainian organizations that aligns with patterns previously associated ...

AttackIQ

Emulating the Espionage-Oriented Group SideWinder

Ayelen Torello | November 13, 2025 | adversary emulation, asia, Espionage, government, Ransomware, SideWinder, transportation

AttackIQ has released a new attack graph that emulates the behaviors exhibited by SideWinder, a threat actor with a long history of cyber espionage dating back to 2012. The group has primarily ...

AttackIQ

Emulating the Prominent Global Group Ransomware

Ayelen Torello | October 16, 2025 | adversary emulation, Broad-Based Attacks, Global Group, healthcare, manufacturing, Professional Services, RaaS, Ransomware, ransomware as a service, Russia

AttackIQ has released a new attack graph that emulates the behaviors exhibited by Global Group ransomware, a threat that first appeared in June 2025 and quickly became notorious across the security landscape ...

AttackIQ

adversary emulation

Emulating the Systematic LokiLocker Ransomware

Evergreen Phishing Defense: Automated Weekly Security Validation

25 New Adversary Emulation Packages Covering Ransomware and Advisory-Driven Threats

Emulating the Elegant BlackSuit Ransomware

React2Shell (CVE-2025-55182): Critical Remote Code Execution (RCE) in React Server Components

Ransom Tales: Volume VI — Throwback Edition! Emulating Ryuk, Conti, and BlackCat Ransomware

Revisiting the Versatile Qilin Ransomware

Emulating the Destructive Sandworm Adversary

Emulating the Espionage-Oriented Group SideWinder

Emulating the Prominent Global Group Ransomware

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On