Resources & Utilities

Response to CISA Advisory (AA25-343A): Pro-Russia Hacktivists Conduct Opportunistic Attacks Against US and Global Critical Infrastructure

| | CISA Advisory, Critical Infrastructure, Energy, hacktivism, manufacturing, Resources & Utilities, Russia
AttackIQ has issued recommendations in response to the Cybersecurity Advisory (CSA) released by the Cybersecurity and Infrastructure Security Agency (CISA) on December 9, 2025, which details the ongoing targeting of critical infrastructure ...
AttackIQ

Emulating the Sophisticated Russian Adversary Seashell Blizzard

| | adversary emulation, APT44, Energy, government, manufacturing, Resources & Utilities, Russia, Sandworm, Seashell Blizzard, telecommunications, transportation, Voodoo Bear
AttackIQ has released a new assessment template that emulates the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the sabotage-motivated Russian adversary Seashell Blizzard. The post Emulating the Sophisticated Russian Adversary ...
AttackIQ

Emulating the Financially Motivated Criminal Adversary FIN7 – Part 2

| | adversary emulation, BlackMatter, Carbon Spider, Darkside, Energy, FIN7, Financial Services, Healthcare & Life Sciences, hospitality, manufacturing, Media & Entertainment, Professional Services, Resources & Utilities, retail, rEvil, Russia, technology, transportation
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the long-standing, financially motivated Russian criminal adversary known as FIN7 based on activities observed between 2022 and 2023. The ...
AttackIQ

Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group

| | #StopRansomware, adversary emulation, BianLian, CISA Alert, Construction, Energy, Professional Services, Ransomware, Resources & Utilities
AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA23-136A) that disseminates known BianLian ransomware group Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) ...
AttackIQ

Updated Response to CISA Advisory (AA23-136A): #StopRansomware: BianLian Ransomware Group

| | #StopRansomware, adversary emulation, BianLian, CISA Alert, Construction, Energy, Professional Services, Ransomware, Resources & Utilities
AttackIQ has released an updated attack graph in response to the recently revised CISA Advisory (AA23-136A) that disseminates known BianLian ransomware group Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) ...
AttackIQ

Emulating the Financially Motivated Criminal Adversary FIN7 – Part 1

| | adversary emulation, BlackMatter, Carbon Spider, Darkside, Energy, FIN7, Financial Services, Healthcare & Life Sciences, hospitality, manufacturing, Media & Entertainment, Professional Services, Resources & Utilities, retail, rEvil, Russia, technology, transportation
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the long-standing, financially motivated criminal adversary known as FIN7 during its most recent activities in 2024. The post Emulating ...
AttackIQ

Response to CISA Advisory (AA24-290A): Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations

| | adversary emulation, cisa, Energy, government, Healthcare & Life Sciences, Iran, MFA, Professional Services, Resources & Utilities, technology
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-290A), published on October 16, 2024. The advisory highlights that since October 2023, Iranian cyber actors have used password ...
AttackIQ

Response to CISA Advisory (AA24-207A): North Korea Cyber Group Conducts Global Espionage Campaign to Advance Regime’s Military and Nuclear Programs

| | adversary emulation, CISA Alert, Defense Industrial Base, Energy, North Korea, Professional Services, Resources & Utilities, transportation
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on July 25, 2024, that highlights cyber espionage activity associated with the Democratic People’s Republic of Korea ...
AttackIQ

Emulating the Sabotage-Focused Russian Adversary Sandworm

| | adversary emulation, Energy, government, Media, Media & Entertainment, Resources & Utilities, Russia, Sandworm
AttackIQ has released a new assessment template that emulates the various Post-Compromise Tactics, Techniques, and Procedures (TTPs) associated with the politically motivated Russian adversary Sandworm. The post Emulating the Sabotage-Focused Russian Adversary ...
AttackIQ

Response to CISA Advisory (AA24-038A): PRC State-Sponsored Actors Compromise and Maintain Persistent Access to U.S. Critical Infrastructure

| | adversary emulation, china, CISA Alert, Energy, Resources & Utilities, telecommunications, transportation
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-038A) which assesses that the People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position ...
AttackIQ