adversary emulation
Response to CISA Advisory (AA24-326A): Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
In response to the recently published CISA Advisory (AA24-326A) which highlights the CISA Red Team's simulation of real-world malicious cyber operations, AttackIQ has provided actionable recommendations to help organizations emulate these attacks ...
Response to CISA Advisory (AA24-317A): 2023 Top Routinely Exploited Vulnerabilities
In response to the recently published CISA Advisory (AA24-317A) that disseminates the top routinely exploited vulnerabilities from 2023, AttackIQ has proposed a multitude of recommendations that customers can take to emulate these ...
Emulating the Destructive WhisperGate Malware
AttackIQ has released a new attack graph that seeks to emulate the Tactics, Techniques and Procedures (TTPs) associated with the destructive WhisperGate malware. The post Emulating the Destructive WhisperGate Malware appeared first ...
Response to CISA Advisory (AA24-290A): Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-290A), published on October 16, 2024. The advisory highlights that since October 2023, Iranian cyber actors have used password ...
Emulating the Opportunistic and Lightweight Lumma Stealer
AttackIQ has released a new assessment template that addresses the numerous post-compromise Tactics, Techniques, and Procedures (TTPs) associated with the subscription-based information stealer known as Lumma Stealer. The post Emulating the Opportunistic ...
Emulating the Surging Hadooken Malware
AttackIQ has released a new attack graph that emulates the behaviors exhibited by the Hadooken malware during intrusions that abused misconfigurations and critical Remote Code Execution (RCE) vulnerabilities on public-facing Oracle Weblogic ...
Emulating the Petrifying Medusa Ransomware
AttackIQ has released a new attack graph that emulates the behaviors exhibited by Medusa ransomware since the beginning of its activities in June 2021. Medusa is predominantly propagated through the exploitation of ...
Emulating the Persistent and Stealthy Ebury Linux Malware
AttackIQ has released a new attack graph that seeks to emulate the Tactics, Techniques and Procedures (TTPs) associated with Ebury Linux malware. Despite previous arrests and actions against key perpetrators, Ebury continues ...
Response to CISA Advisory (AA24-249A): Russian Military Cyber Actors Target US and Global Critical Infrastructure
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-249A) published on September 5, 2024, that assesses cyber actors affiliated with the Russian General Staff Main Intelligence Directorate ...
Response to CISA Advisory (AA24-242A): #StopRansomware: RansomHub Ransomware
AttackIQ has released a new assessment template in response to the CISA Advisory (AA24-207A) published on August 29, 2024, that disseminates known RansomHub ransomware IOCs and TTPs that have been identified through ...
