March 27, 2024
Join us as we uncover DarkGate, a malevolent force that strikes fear into the hearts of organizations worldwide. DarkGate has morphed into a sophisticated adversary, utilizing Drive-by Downloads and DanaBot deployment to wreak havoc. But fear not! With AttackIQ Flex at your side, you’ll be equipped to wage war against these digital demons and emerge victorious in the fight for cybersecurity supremacy.
March 8, 2024
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits affecting ConnectWise’s ScreenConnect software. This assessment template comprises the various Tactics, Techniques, and Procedures (TTPs) exhibited by several adversaries observed exploiting these vulnerabilities to deploy different families of Ransomware.
March 7, 2024
AttackIQ has released an update to the BlackCat ransomware emulation in response to the recent revision of the CISA Advisory (AA23-353A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) identified through FBI investigations as recently as February 2024.
March 6, 2024
AttackIQ has released a new assessment template that emulates the various Post-Compromise Tactics, Techniques, and Procedures (TTPs) associated with the politically motivated Russian adversary Sandworm.
March 4, 2024
In response to the recently published CISA Advisory (AA24-060B) that disseminates observed threat actor activities, Indicators of Compromise (IOCs), and mitigations associated with ongoing incident response activities in connection with the recent Ivanti Connect Secure and Ivanti Policy Secure Gateway vulnerabilities CVE-2023-46805, CVE-2024-21887 and CVE-2024-21893, AttackIQ recommends that customers take the following testing actions in alignment with this recently observed activity.
March 1, 2024
AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA24-060A) which disseminates known Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IOCs) associated with the Phobos Ransomware variants observed as recently as February 2024.
February 27, 2024
AttackIQ recommends that customers take the following testing actions in alignment to the recently published CISA Advisory (AA24-057A) which details recent Tactics, Techniques, and Procedures (TTPs) exhibited by the Russian Foreign Intelligence Service (SVR) adversary known as APT29 during activities in which it sought to gain initial access to the cloud infrastructure of government entities and corporations.
February 16, 2024
In response to the recently published CISA Advisory (AA24-046A) that disseminates Tactics, Techniques, Procedures (TTPs) and mitigations associated with a recent incident response assessment of a state government organization’s network, AttackIQ recommends that customers take the following testing actions in alignment with this recently observed activity.
February 14, 2024
AttackIQ has released three new attack graphs that seek to emulate the Tactics, Techniques and Procedures (TTPs) associated with and exhibited by the infamous loader known as DarkGate during its activities in 2023.
February 9, 2024
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA24-038A) which assesses that the People’s Republic of China (PRC) state-sponsored cyber actors are seeking to pre-position themselves on IT networks for disruptive or destructive cyberattacks against U.S. critical infrastructure in the event of a major crisis or conflict with the United States.
February 7, 2024
QakBot, also recognized as Qbot, Quackbot, Pinkslipbot, and TA570, has etched its name among other cyber threats, leaving a trail of thousands of malware infections globally. Dive in as we explore QakBot’s genesis, its evolution, some specific tactics used and how you can test your defenses against them with AttackIQ Flex.
February 7, 2024
AttackIQ has released a new assessment template in response to the recent wave of zero-day vulnerability exploits targeting various appliances produced by software company Ivanti.
This assessment template emulates the different Tactics, Techniques, and Procedures (TTPs) exhibited by the UNC5221 adversary after successful exploitation of CVE-2023-46805 (authentication bypass) and CVE-2024-21887 (command injection).