AttackIQ https://www.attackiq.com/ Proactively Manage Threat Exposure with CTEM + AEV Tue, 10 Mar 2026 13:12:07 +0000 en-US hourly 1 https://wordpress.org/?v=6.9.4 https://www.attackiq.com/wp-content/uploads/2025/03/attackiq-favicon.png AttackIQ https://www.attackiq.com/ 32 32 What Does MITRE ATT&CK Coverage Really Mean? https://www.attackiq.com/2026/03/10/what-does-mitre-attack-coverage-really-mean/ Tue, 10 Mar 2026 13:11:49 +0000 https://www.attackiq.com/?p=37771 Coverage claims without context are one of the most persistent sources of confusion in security tooling. This post breaks down four myths behind ATT&CK coverage claims and offers a more useful framework for thinking about ATT&CK coverage in practice.

The post What Does MITRE ATT&CK Coverage Really Mean? appeared first on AttackIQ.

]]> Defending Against Iranian Cyber Threats in the Wake of Operation Epic Fury  https://www.attackiq.com/2026/03/05/operation-epic-fury/ Thu, 05 Mar 2026 21:30:49 +0000 https://www.attackiq.com/?p=37641 On February 28, 2026, the United States and Israel launched Operation Epic Fury (U.S.) and Operation Roaring Lion (Israel), a coordinated military and cyber campaign targeting Iranian military installations, IRGC leadership, and government infrastructure. U.S. Cyber Command was designated the "first mover," with cyber operations beginning before any kinetic weapons were deployed. In the first 48 hours, U.S. and allied forces struck more than 1,250 targets across Iran, while Israel conducted what has been described as the largest cyberattack in history, collapsing Iran's internet connectivity to 1-4% of normal levels through multi-layered attacks on BGP routing, DNS infrastructure, and SCADA/ICS systems.

The post Defending Against Iranian Cyber Threats in the Wake of Operation Epic Fury  appeared first on AttackIQ.

]]> Finally, CTEM and MITRE INFORM Without the Jargon https://www.attackiq.com/2026/03/03/ctem-guide/ Tue, 03 Mar 2026 13:56:07 +0000 https://www.attackiq.com/?p=37517 Drowning in security data? This practical guide shows how CTEM and MITRE INFORM cut noise, validate defenses, and prove what matters.

The post Finally, CTEM and MITRE INFORM Without the Jargon appeared first on AttackIQ.

]]> Emulating the Systematic LokiLocker Ransomware https://www.attackiq.com/2026/02/26/emulating-lokilocker-ransomware/ Thu, 26 Feb 2026 18:26:58 +0000 https://www.attackiq.com/?p=37524 AttackIQ has released a new attack graph that emulates the behaviors of LokiLocker ransomware, a .NET based strain active since at least mid-August 2021. The malware combines defense evasion and impact techniques, including disabling Task Manager and Windows Firewall, as well as deleting Volume Shadow Copies to hinder detection and prevent restoration.

The post Emulating the Systematic LokiLocker Ransomware appeared first on AttackIQ.

]]> The “Analog Panic Button”: What The Pitt Gets Right (and Wrong) About Hospital Cyber Resilience https://www.attackiq.com/2026/02/26/the-analog-panic-button/ Thu, 26 Feb 2026 14:12:41 +0000 https://www.attackiq.com/?p=37561 When ransomware hits a hospital, shutting everything down isn’t resilience. Learn how healthcare CISOs prevent hospital-wide outages with identity security, network segmentation validation, and CTEM.

The post The “Analog Panic Button”: What The Pitt Gets Right (and Wrong) About Hospital Cyber Resilience appeared first on AttackIQ.

]]> Emulating the Mutative BlackByte Ransomware https://www.attackiq.com/2026/02/25/emulating-blackbyte-ransomware/ Wed, 25 Feb 2026 18:17:01 +0000 https://www.attackiq.com/?p=37398 AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated under the Ransomware-as-a-Service (RaaS) model that emerged in July 2021. Since its emergence, BlackByte has targeted organizations worldwide, including entities within U.S. critical infrastructure sectors such as Government, Financial Services, Manufacturing, and Energy.

The post Emulating the Mutative BlackByte Ransomware appeared first on AttackIQ.

]]> From Exposure to Assurance: How CTEM and MITRE INFORM Enable Modern Cyber Defense https://www.attackiq.com/2026/02/24/from-exposure-to-assurance-how-ctem-and-mitre-inform-enable-modern-cyber-defense/ Tue, 24 Feb 2026 14:32:08 +0000 https://www.attackiq.com/?p=37400 What if you could prove—right now—that your defenses actually work? See how CTEM and MITRE INFORM turn exposure data into real, board-level confidence.

The post From Exposure to Assurance: How CTEM and MITRE INFORM Enable Modern Cyber Defense appeared first on AttackIQ.

]]> Why I Chose to Join AttackIQ as a Senior Advisor https://www.attackiq.com/2026/02/18/why-i-chose-to-join-attackiq/ Wed, 18 Feb 2026 13:55:00 +0000 https://www.attackiq.com/?p=37257 After 30 years in cyber defense and research, I joined AttackIQ to bring clarity and prioritize what truly matters in security.

The post Why I Chose to Join AttackIQ as a Senior Advisor appeared first on AttackIQ.

]]> Evergreen Phishing Defense: Automated Weekly Security Validation https://www.attackiq.com/2026/02/09/evergreen-phishing-defense/ Mon, 09 Feb 2026 16:00:00 +0000 https://www.attackiq.com/?p=37198 What if your phishing tests updated themselves every week? Learn how real phishing campaigns are automatically transformed into continuous email and endpoint validation—at scale.

The post Evergreen Phishing Defense: Automated Weekly Security Validation appeared first on AttackIQ.

]]> Emulating the Elusive Cephalus Ransomware https://www.attackiq.com/2026/02/05/emulating-cephalus-ransomware/ Thu, 05 Feb 2026 18:36:30 +0000 https://www.attackiq.com/?p=37206 AttackIQ has released a new attack graph that emulates the behaviors of Cephalus ransomware, a Go-based strain active since June 2025 that combines defense-evasion and anti-analysis techniques, such as secure memory handling and tampering with Windows Defender, to enable stealthy targeted operations prior to encryption and extortion.

The post Emulating the Elusive Cephalus Ransomware appeared first on AttackIQ.

]]>