adversary emulation
Response to CISA Advisory (AA24-109A): #StopRansomware: Akira Ransomware
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-109A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated to Akira ...
Emulating the Southeast Asian Adversary OceanLotus
AttackIQ has released four new attack graphs that seek to emulate the behaviors exhibited by the politically motivated Vietnamese adversary known as OceanLotus during its most recent and prevalent activities. The post ...
Response to ScreenConnect’s Recent Zero-day Vulnerability Exploitation
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits affecting ConnectWise’s ScreenConnect software. This assessment template comprises the various Tactics, Techniques, and Procedures (TTPs) ...
Response to the Revised CISA Advisory (AA23-353A): #StopRansomware: ALPHV BlackCat
AttackIQ has released an update to the BlackCat ransomware emulation in response to the recent revision of the CISA Advisory (AA23-353A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures ...
Emulating the Sabotage-Focused Russian Adversary Sandworm
AttackIQ has released a new assessment template that emulates the various Post-Compromise Tactics, Techniques, and Procedures (TTPs) associated with the politically motivated Russian adversary Sandworm. The post Emulating the Sabotage-Focused Russian Adversary ...
Response to CISA Advisory (AA24-060B): Threat Actors Exploit Multiple Vulnerabilities in Ivanti Connect Secure and Policy Secure Gateways
In response to the recently published CISA Advisory (AA24-060B) that disseminates observed threat actor activities, Indicators of Compromise (IOCs), and mitigations associated with ongoing incident response activities in connection with the recent ...
Response to CISA Advisory (AA24-060A): #StopRansomware: Phobos Ransomware
AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA24-060A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the ...
Response to CISA Advisory (AA24-057A): SVR Cyber Actors Adapt Tactics for Initial Cloud Access
AttackIQ recommends that customers take the following testing actions in alignment to the recently published CISA Advisory (AA24-057A) which details recent Tactics, Techniques, and Procedures (TTPs) exhibited by the Russian Foreign Intelligence ...
Emulating the Ever-Evolving Loader DarkGate
AttackIQ has released three new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the infamous loader known as DarkGate during its activities in ...
Response to CISA Advisory (AA24-038A): PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-038A) which assesses that the People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position ...
