January 31, 2024
In the summer of 2020, ClearSky, a venture capital and growth equity firm investing in innovative companies in the cybersecurity and sustainable energy sectors, investigated into a campaign dubbed “Dream Job,” highly likely attributed to North Korea’s Lazarus Group.
January 24, 2024
A mischievous threat actor known as Mustang Panda prowls silently through the cyber underbrush, orchestrating sophisticated spear-phishing campaigns.
January 19, 2024
AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA24-016A) which disseminates known Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with threat actors deploying Androxgh0st malware.
January 17, 2024
GootLoader, a stealthy JavaScript-based downloader, has posed a persistent threat to Windows-based systems since 2020. In this article, we’ll delve into who Gootloader is and how organizations can effectively emulate and test against this threat using AttackIQ Flex, a powerful agentless breach and attack simulation tool. The exciting part? You can sign up for AttackIQ Flex for free, providing you with an opportunity to outsmart this digital menace.
January 10, 2024
AttackIQs Engineering Team recently took another innovative step forward in cybersecurity, mapping our content to Sigma Rules and deploying a library to convert rules to product queries to improve detection efficacy through enhanced mitigation recommendations. Dubbed SigmAIQ, this is the first opensource repository of its kind, and yet another tool AttackIQ has added to our already vast testing and detection arsenal.
January 4, 2024
As 2023 draws to a close, AttackIQ is proud to present a comprehensive recap of a transformative year marked by groundbreaking achievements and advancements in the realm of cybersecurity. This year has seen us reach new heights in innovation, collaboration, and commitment to fortifying global defenses against evolving cyber threats.
December 29, 2023
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-353A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with the ALPHV BlackCat Ransomware-as-a-Service (RaaS) identified through FBI investigations as recently as December 6, 2023.
December 27, 2023
We’ve got you covered this holiday season. AttackIQ Flex now includes adversary emulation for Nobelium’s cyber threats to TeamCity servers.
December 23, 2023
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-352A) which disseminates Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs) associated with the Play Ransomware group, identified through FBI investigations as recently as October 2023.
December 22, 2023
In response to the recently published CISA Advisory (AA23-349A) that disseminates Tactics, Techniques and Procedures (TTPs), mitigation and detection methods associated with a Risk and Vulnerability Assessment (RVA) carried out by CISA as requested by a Healthcare and Public Health (HPH) sector organization, AttackIQ recommends that customers take the following testing actions in alignment with the RVA.
December 21, 2023
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-347A) which assesses that cyber actors from the Russian Foreign Intelligence Service (SVR) have been observed targeting servers hosting JetBrains TeamCity software by exploiting vulnerability CVE-2023-42793 on a large scale, since September 2023.
December 20, 2023
As we’ve seen time and time again in our cybersecurity landscape, the wicked prey on the weary and take no prisoners along the way. Rhysida, an emerging ransomware group, serves as a perfect example of this. While their activities span across a variety of sectors and regions around the world, they have taken a keen taste to vulnerabilities found within the realm of healthcare.