Broad-Based Attacks Archives

Emulating the Gentlemen Ransomware

Ayelen Torello | May 22, 2026 | Broad-Based Attacks, Ransomware, Threat Research

AttackIQ has released two new assessments that emulate the behaviors of The Gentlemen ransomware, a cross-platform threat that emerged around July 2025. The group employs a double-extortion model, combining file encryption with ...

AttackIQ

Emulating the Persuasive NightSpire Ransomware

Ayelen Torello | April 14, 2026 | Broad-Based Attacks, NightSpire, Ransomware, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors of NightSpire Ransomware, a financially motivated ransomware and data extortion group that emerged in early 2025 and quickly evolved into a ...

AttackIQ

Emulating the Concealed Sinobi Ransomware

Ayelen Torello | April 2, 2026 | Broad-Based Attacks, RaaS, Ransomware, ransomware as a service, Sinobi, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors of Sinobi ransomware, a ransomware strain that has been active since mid 2025. Sinobi is suspected to be a rebrand of ...

AttackIQ

Defenseless Defenders: Exploring Endpoint Detection and Response (EDR) Inhibitors

Francis Guibernau | March 23, 2026 | Breach & Attack Simulation, Broad-Based Attacks, Cybersecurity, EDR, endpoint, endpoint detection and response, Ransomware, Threat Research

Learn how adversaries are shifting from evasion to systematically dismantling endpoint defenses to eliminate visibility, enforcement, and response. Explore how modern EDR inhibition techniques abuse legitimate system features and vulnerable drivers to ...

AttackIQ

Emulating the Systematic LokiLocker Ransomware

Ayelen Torello | February 26, 2026 | adversary emulation, Broad-Based Attacks, LokiLocker, RaaS, Ransomware, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors of LokiLocker ransomware, a .NET based strain active since at least mid-August 2021. The malware combines defense evasion and impact techniques, ...

AttackIQ

The “Analog Panic Button”: What The Pitt Gets Right (and Wrong) About Hospital Cyber Resilience

Carlos Koteich | February 26, 2026 | Broad-Based Attacks, Cybersecurity, healthcare, Healthcare & Life Sciences, Insights & Perspectives, technology

When ransomware hits a hospital, shutting everything down isn’t resilience. Learn how healthcare CISOs prevent hospital-wide outages with identity security, network segmentation validation, and CTEM. The post The “Analog Panic Button”: What ...

AttackIQ

Emulating the Mutative BlackByte Ransomware

Francis Guibernau | February 25, 2026 | BlackByte, Broad-Based Attacks, Critical Infrastructure, Energy, Financial Services, government, manufacturing, RaaS, Ransomware, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated under the Ransomware-as-a-Service (RaaS) model that emerged in July 2021. Since its emergence, BlackByte ...

AttackIQ

Emulating the Elusive Cephalus Ransomware

Ayelen Torello | February 5, 2026 | Broad-Based Attacks, Cephalus, Ransomware, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors of Cephalus ransomware, a Go-based strain active since June 2025 that combines defense-evasion and anti-analysis techniques, such as secure memory handling ...

AttackIQ

Emulating the Elegant BlackSuit Ransomware

Francis Guibernau | January 20, 2026 | adversary emulation, BlackSuit, Broad-Based Attacks, Phishing, Ransomware, Royal Ransomware, Threat Research

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackSuit ransomware, a ransomware strain that has been active since at least May 2023. It represents the evolution of ...

AttackIQ

React2Shell (CVE-2025-55182): Critical Remote Code Execution (RCE) in React Server Components

Francis Guibernau | December 18, 2025 | adversary emulation, Broad-Based Attacks

AttackIQ released a new assessment template that compiles the Tactics, Techniques, and Procedures (TTPs) associated with the exploitation of the critical CVE-2025-55182 (React2Shell) Remote Code Execution (RCE) vulnerability affecting React Server Components ...

AttackIQ

Broad-Based Attacks

Emulating the Gentlemen Ransomware

Emulating the Persuasive NightSpire Ransomware

Emulating the Concealed Sinobi Ransomware

Defenseless Defenders: Exploring Endpoint Detection and Response (EDR) Inhibitors

Emulating the Systematic LokiLocker Ransomware

The “Analog Panic Button”: What The Pitt Gets Right (and Wrong) About Hospital Cyber Resilience

Emulating the Mutative BlackByte Ransomware

Emulating the Elusive Cephalus Ransomware

Emulating the Elegant BlackSuit Ransomware

React2Shell (CVE-2025-55182): Critical Remote Code Execution (RCE) in React Server Components

Senator Sanders Wants to Own AI Companies — and Hand America’s Adversaries the Keys

NIST’s Nine: The PQC Signature Race Moves to Round Three

The Quantum Arms Race: Why Washington Just Wrote a $2 Billion Check to Nine Companies

Beyond Moore’s Law: The Hyper-Acceleration of Autonomous AI Cyber Capabilities

The Exception Economy: When Security Teams Stop Protecting and Start Negotiating

GoPlus’s Latest Report Highlights How Blockchain Communities Are Leveraging Critical API Security Data To Mitigate Web3 Threats

C2A Security’s EVSec Risk Management and Automation Platform Gains Traction in Automotive Industry as Companies Seek to Efficiently Meet Regulatory Requirements

Zama Raises $73M in Series A Lead by Multicoin Capital and Protocol Labs to Commercialize Fully Homomorphic Encryption

RSM US Deploys Stellar Cyber Open XDR Platform to Secure Clients

ThreatHunter.ai Halts Hundreds of Attacks in the past 48 hours: Combating Ransomware and Nation-State Cyber Threats Head-On