AttackIQ has released a new scenario to test your security controls against exploits used in the Follina 0-day. This new scenario helps security teams validate visibility, patching, security controls, and logging in their environments relative to this pervasive 0-day vulnerability. Elevate your security program performance using AttackIQ.

AttackIQ has released a new scenario and assessment in response to US-CERT Alert AA22-152A, Karakurt Data Extortion Group 

It’s been seven years since the MITRE ATT&CK framework was first published. Here, we look at some of the major milestones in its development and examine how the framework has become a game-changer for enterprise cybersecurity.

We are immensely pleased to announce the first of AttackIQ’s “malware emulation attack graphs.” We broke down real-world malware into its logical steps to understand the adversary’s behavior. We then use our attack graph methodology to arrange the malware into its component tactics, techniques, and procedures. Using the malware emulation attack graph, defenders can emulate a specific strain of malware to test and validate their security controls. Take a look.

Why adopt purple teaming? This IDC analyst brief explains how blending red and blue mindsets helps you holistically prepare for cyberattacks.

It’s January 14, 2020. Patch Tuesday.  Your CIO wants to know: “ How does that RDP vulnerability I saw in the news affect us? ” Well, which RDP vulnerability are you talking about, boss?”  Never mind; it’s still a good question. You dig deeper.

With everyone working from home and IT teams struggling to scale up their infrastructure, how are you accounting for risk?

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the…

Uncover new attacks from a threat actor likely operating out of Belarus known as UNC1151 or Ghostwriter.

AttackIQ has released a new integration for use with network based scenarios. This blog describes use cases, scenarios one can utilize and what indicators we look for when determining a match.

The award-winning Purple Hats Conference is the industry destination for cybersecurity practitioners around the globe to collaborate, share ideas, and learn how to evolve cybersecurity strategies from a reactive to proactive threat-informed defense. We’re just days away from the best “cyberforum of the year” and you won’t want to miss it—and there’s still time to join. Here we’re breaking down for you five reasons you don’t want to miss Purple Hats.

AttackIQ has released a new attack graph for organizations to test and validate their cyberdefense effectiveness against the HAVEX strain of malware. This attack graph follows a pair of Department of Justice indictments of Russia-based threat actors and a new joint FBI-CISA Cybersecurity Advisory about HAVEX released last week. An enduring and dangerous threat, HAVEX targeted the energy and power sectors in 135 countries from 2012-2018, and the tactics and techniques within it continue to threaten organizations today.