Resources & Utilities
Emulating the Sophisticated Russian Adversary Seashell Blizzard
AttackIQ has released a new assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the sabotage-motivated Russian adversary Seashell Blizzard. The post Emulating the Sophisticated Russian Adversary ...
Emulating the Financially Motivated Criminal Adversary FIN7 – Part 2
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the long-standing, financially motivated Russian criminal adversary known as FIN7 based on activities observed between 2022 and 2023. The ...
Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group
AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA23-136A) that disseminates known BianLian ransomware group Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) ...
Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group
AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA23-136A) that disseminates known BianLian ransomware group Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) ...
Emulating the Financially Motivated Criminal Adversary FIN7 – Part 1
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the long-standing, financially motivated criminal adversary known as FIN7 during its most recent activities in 2024. The post Emulating ...
Response to CISA Advisory (AA24-290A): Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-290A), published on October 16, 2024. The advisory highlights that since October 2023, Iranian cyber actors have used password ...
Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on July 25, 2024, that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea ...
Emulating the Sabotage-Focused Russian Adversary Sandworm
AttackIQ has released a new assessment template that emulates the various Post-Compromise Tactics, Techniques, and Procedures (TTPs) associated with the politically motivated Russian adversary Sandworm. The post Emulating the Sabotage-Focused Russian Adversary ...
Response to CISA Advisory (AA24-038A): PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-038A) which assesses that the People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position ...
