AttackIQ

Crypto heists are increasing and this year’s numbers will make your jaw drop. AttackIQ’s Andrew Costis ("AC") breaks down what’s driving the surge and what defenders can learn from it. 👉 Read the article on CPO Magazine: https://lnkd.in/eyWdPcCz #Lazarus #Malware #Bybit

Can you spot the difference? 👀 One desk screams “compliant and confident.” The other... let’s just say sticky notes aren’t zero trust. 😅 These exposures are obvious. But the real risks? They’re buried deep in your defenses—misconfigured tools, missing detections, and controls that don’t actually work when attackers strike. That’s where AttackIQ comes in. We help you test, measure, and prove your security program works, using real adversary behaviors mapped to MITRE ATT&CK®. ⚡ Start testing instantly with AttackIQ Flex: https://lnkd.in/eh-VMeEF

Global Group emerged in June of this year, marketing itself as an affiliate-friendly Ransomware-as-a-Service platform offering: 🤑AI-assisted negotiation bots 🤑Custom payload builders 🤑Mobile admin panels and high revenue shares Our Adversary Research Team found strong overlaps with the Mamona and BlackLock ransomware families, suggesting Global Group is likely an evolutionary rebrand rather than a new operation. Explore how our team emulated this campaign to help defenders validate security controls and strengthen ransomware resilience. 📘 Research by @Ayelen T. 🔗 https://lnkd.in/gkFCuqbN #AdversaryResearch #ThreatInformedDefense #ThinkBadDoGood

Surf’s up… and so is our security game! 🏄♂️ Team AttackIQ is heading to TechNet Indo-Pacific in Hawaii 🌺 Swing by to chat about how Adversarial Exposure Validation keeps your defenses ready for anything. Come find Kathy Hsu, Jim Mason, CISSP & Paul Craft at booth #1344 and say aloha 👋 AFCEA International

Spanish fashion giant Mango is the latest retailer to be caught in the crossfire of a third-party security breach—this time through a compromised marketing services provider that exposed customer data. The incident underscores a growing problem for global brands: even the best-defended companies remain exposed through their digital supply chains. Peter Luban, Field CISO at AttackIQ, called Mango’s rapid response “reassuring,” noting that its segregation of financial data likely prevented a far worse outcome. “It’s difficult to prevent any data theft once an attacker has entered, but keeping banking information, credit card data, and account credentials unaffected is a sign that Mango had effective security defenses in place, likely learning from the previous attacks on prominent retail chains like Harrods and Co-op,” said Luban. “That being said, impacted individuals should not let their guards down. Attackers can still extort victims further by conducting phishing attacks using the stolen names, email addresses, and phone numbers. We’re currently seeing examples of the damage these ‘second-wave’ phishing attacks can reap in the aftermath of ShinyHunters’ widespread attacks on Salesforce.” Read more: https://lnkd.in/gwiiG7Fr

At ATT&CKcon 6.0, our own Rajesh Sharma took the stage to tackle one of the toughest challenges in modern defense—detection engineering. His talk introduced a practical framework for reducing noise, improving precision, and proving defensive coverage that actually matters. Now, we’ve turned those ideas into an AttackIQ Academy course: 🎓 Detection Management: From Entropy to Evidence In this course, you’ll learn how to: 👉 Cut through alert fatigue and validate what truly matters 👉 Apply the 4D score (Resilience, Impact, Readiness, Relevance) to govern detection decisions 👉 Map rules to MITRE ATT&CK and D3FEND for measurable, defensible outcomes 👉 Run a weekly validation board that shows evidence-backed coverage Whether you’re a SOC analyst, detection engineer, or security leader, this course will help you move beyond “more rules = more security” and build a system your team can trust. 🧠 Learn from the same principles shared at ATT&CKcon—now available on demand. 👉 Enroll for free: https://lnkd.in/eHi92AaG

The adversary doesn’t care about your audit. For years, compliance frameworks have guided how agencies measure security but they were never designed to keep pace with modern threats. Today’s landscape demands more than documentation. It demands proof. Kathy Hsu argues for a new model—one grounded in automation, agility, and real-world validation. Because readiness isn’t a checkbox. It’s a mindset. Read the full piece in Federal News Network → https://lnkd.in/efjb9tzQ #PublicSector #Federal #Cybersecurity

🔥 Big news! Jonathan Baker has joined AttackIQ as our new Vice President of Threat Informed Defense. A 23-year veteran of MITRE and Co-Founder of the Center for Threat-Informed Defense (CTID), Jon has been instrumental in defining the field of threat-informed defense—bridging research, intelligence, and operational practice to improve security outcomes worldwide. At AttackIQ, Jon will lead our efforts to accelerate adoption of threat-informed defense through integrated services and technology that help organizations continuously measure, manage, and strengthen their security posture. To kick things off, Jon shares his perspective on what drives him: Mission. Impact. Opportunity. Read his full piece here: https://lnkd.in/eNvEbFrp

🚨 Vulnerability management got us here...but it won’t get us where we need to go. Tomorrow, join CISOs Peter Luban and Ben Lim as they discuss why exposure management is redefining modern cybersecurity. Learn how to: ⚡ Expose real risks, not just vulnerabilities ⚡ Validate controls with adversarial testing ⚡ Build a CTEM-aligned program that proves outcomes Don’t get left behind. 🔗 Last chance to register: https://lnkd.in/exXwgy9y