July 11, 2024
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the extortionist ransomware Nefilim during activities against multiple organizations, primarily based in North or South America, distributed in the financial, manufacturing, or transportation industries since its emergence in March 2020.
July 3, 2024
AttackIQ has released two new attack graphs that emulate the behaviors exhibited by the highly sophisticated Russian adversary Sandworm during various destructive activities against targets in Ukraine and other countries in the region shortly before the launch of the Russian invasion on February 24, 2022.
June 5, 2024
AttackIQ has released a new attack graph in response to the CISA Advisory (AA24-060A) published on February 29, 2024, which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the Phobos Ransomware variants observed as recently as February 2024.
May 17, 2024
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-131A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated to Black Basta ransomware, a ransomware variant whose operators have encrypted and stolen data from at least 12 out of 16 critical infrastructure sectors, including the Healthcare and Public Health (HPH) Sector.
March 8, 2024
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits affecting ConnectWise’s ScreenConnect software. This assessment template comprises the various Tactics, Techniques, and Procedures (TTPs) exhibited by several adversaries observed exploiting these vulnerabilities to deploy different families of Ransomware.
March 7, 2024
AttackIQ has released an update to the BlackCat ransomware emulation in response to the recent revision of the CISA Advisory (AA23-353A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) identified through FBI investigations as recently as February 2024.
March 6, 2024
AttackIQ has released a new assessment template that emulates the various Post-Compromise Tactics, Techniques, and Procedures (TTPs) associated with the politically motivated Russian adversary Sandworm.
March 1, 2024
AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA24-060A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the Phobos Ransomware variants observed as recently as February 2024.
February 14, 2024
AttackIQ has released three new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the infamous loader known as DarkGate during its activities in 2023.
February 7, 2024
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits targeting various appliances produced by software company Ivanti.
This assessment template emulates the different Tactics, Techniques, and Procedures (TTPs) exhibited by the UNC5221 adversary after successful exploitation of CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (command injection).
January 19, 2024
AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA24-016A) which disseminates known Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with threat actors deploying Androxgh0st malware.
December 29, 2023
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-353A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with the ALPHV BlackCat Ransomware-as-a-Service (RaaS) identified through FBI investigations as recently as December 6, 2023.