AttackIQ has released a new assessment template designed to emulate the various post-compromise Tactics, Techniques, and Procedures (TTPs) associated with a recent intrusion targeting Ukrainian organizations that aligns with patterns previously associated with Sandworm. While attribution remains unconfirmed, this assessment helps defenders improve their security posture against similarly sophisticated and persistent threats.

The post Emulating the Destructive Sandworm Adversary appeared first on AttackIQ.

The post Emulating the Destructive Sandworm Adversary appeared first on Security Boulevard.

AttackIQ has released a new attack graph that emulates the behaviors exhibited by SideWinder, a threat actor with a long history of cyber espionage dating back to 2012. The group has primarily targeted government, military, and maritime sectors across South Asia and nearby regions through sophisticated spear-phishing campaigns, exploitation of Microsoft Office vulnerabilities, and the deployment of StealerBot, a memory-resident backdoor.

The post Emulating the Espionage-Oriented Group SideWinder appeared first on AttackIQ.

The post Emulating the Espionage-Oriented Group SideWinder appeared first on Security Boulevard.