CISA Advisory

In response to the recently published CISA Advisory (AA25-163A) which highlights ransomware actors exploiting unpatched SimpleHelp Remote Monitoring and Management (RMM) tool, AttackIQ has provided actionable recommendations to help organizations emulate such attacks. These recommendations enable organizations to emulate tactics and techniques, helping to assess and improve their defenses against similar adversarial behaviors.

AttackIQ has updated an existing assessment template in response to the CISA Advisory (AA25-141B) published on May 21, 2025, which disseminates Tactics, Techniques and Procedures (TTPs) and Indicators of Compromise (IOCs), associated with threat actors deploying the LummaC2 information stealer malware, identified through FBI investigations as recent as May 2025.

AttackIQ has released a new assessment template in response to the CISA Advisory (AA25-141A) published on May 21, 2025. The CSA highlights a cyber espionage-oriented campaign carried out by cyber actors affiliated with the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (Unit 26165), targeting Western logistics entities and technology companies.

AttackIQ recommends that customers take the following testing actions in alignment with the recently published CISA Advisory (AA25-093A) which highlights the ongoing and evolving threat of fast flux techniques. These techniques are increasingly being adopted by a growing number of adversaries, making it critical for organizations to take proactive steps in mitigating this persistent threat.