December 12, 2023
The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) recently released their top 10 list of common cybersecurity misconfigurations. Some of these include your standard slew of don’t use default software settings, don’t make weak passwords, and don’t practice poor MFA hygiene. No surprise there for most security teams, but apparently, it’s common enough that they all made the top 10 list of things people do anyway.
December 7, 2023
AttackIQ has released two new attack graphs and one new scenario in response to the recently published CISA Advisory (AA23-339A) that disseminates Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and detection methods associated with the exploitation of CVE-2023-26360 at a Federal Civilian Executive Branch (FCEB). These attack graphs are based on two separate incidents that compromised at least two public-facing servers at a FCEB between June and July 2023.
November 30, 2023
The landscape of global cybersecurity is undergoing a seismic shift, marked by a fervent departure from traditional compliance-based strategies towards a new era of performance-based fortification. Spearheaded by dynamic changes in the regulatory frameworks of powerhouse economies like the US and EU, this evolution aims not just for compliance checkboxes but tangible security outcomes that defy mounting threats and historical failures in defense mechanisms.
November 27, 2023
AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA23-325A) that disseminates Indicators of Compromise (IOCs), Tactics, Techniques and Procedures (TTPs), and detection methods associated with LockBit 3.0. This assessment template is based on an incident in which LockBit affiliates were observed exploiting CVE-2023-4966 to gain access to Boeing infrastructure.
November 21, 2023
AttackIQ has released a new assessment template in response to the recently published CISA Advisory (AA23-320A) that disseminates known Scattered Spider’s Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs) identified through FBI investigations as recent as November 2023.
November 20, 2023
Though the band Soft Cell may be considered a one-hit wonder with their 1981 hit song “Tainted Love”, the same cannot be said for Gallium, a Chinese-based threat actor that has continued to wreak havoc in the Middle Eastern telecommunications sector for over a decade now. Their most recent cyberespionage campaign? Operation Tainted Love.
November 20, 2023
On November 15, 2023, CISA published an Advisory (AA23-319A) that disseminates known Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and detection methods associated with Rhysida ransomware identified through FBI investigations. In September 2023, AttackIQ released two new attack graphs in response to recent reports of activities involving Rhysida ransomware.
November 8, 2023
As technology rapidly progresses, cyber threats are evolving at an alarming rate, making network security a growing challenge for organizations. Regular assessment of your network security posture is essential to stay ahead of potential cybersecurity risks.
November 7, 2023
We just made agentless, automated security control testing even easier, cheaper, and more powerful than ever before. Now there’s no excuse not to find those security gaps you’re missing.
November 2, 2023
In the covert realm of cyberspace, a formidable adversary has emerged – a state-sponsored, North Korean group known as Kimsuky. Their clandestine operations are not motivated by profit, but by the pursuit of state secrets and strategic intelligence for the Democratic People’s Republic of Korea (DPKR).
November 1, 2023
AttackIQ has released a new attack graph in response to the recently published CISA Advisory (AA23-284A) that disseminates known Indicators of Compromise (IOCs), Tactics, Techniques, and Procedures (TTPs), and detection methods associated with AvosLocker ransomware identified through FBI investigations as recent as May 2023. AvosLocker is known for conducting activities against organizations across multiple critical infrastructure sectors using legitimate software and open-source remote system administration tools.
October 26, 2023
If you’ve at all followed the work of AttackIQ’s Adversary Research Team (ART) in recent years, you’re well aware of their relentless pursuit for actionable, incisive, quantitative, and cutting-edge insights into the art (no pun intended) of adversary emulation.