Jackson Wells is a Customer Solutions Engineer at AttackIQ with a strict focus on helping customers optimise the AttackIQ Platform, strategically execute goals, and assist with any technical needs from a security or platform perspective. As a US Navy Veteran, Jackson was able to utilize his military training and experience with cyber defense to pivot and work as a Senior Security Analyst for a well distinguished MDR, Critical Start. After several years of working Blue Team and seeing a variety of threat actor techniques with various security controls, Jackson obtained his Offensive Security Certified Professional (OSCP) certification which ultimately lead him to his next position as a Lead Detection Engineer. This role required Jackson to be up to date with evolving threats, stay ahead of the curve by helping customers modify policies for best protection, and create custom detections per platform to best detect and prevent attacks at an early stage. The continuous creation of detections in response to malicious actors opened Jackson’s eyes to the necessity of a Breach and Attack Simulation product such as AttackIQ. Since working at AttackIQ, his goal has always been to help validate security control and threat emulation for customers to ensure they have the best grip possible on their defense structure.
Attack Graph Response to US-CERT AA22-083A: Historical Russia-based Actors Targeting the Energy Sector
AttackIQ has released a new attack graph for organizations to test and validate their cyberdefense effectiveness against the HAVEX strain of malware. This attack graph follows a pair of Department of Justice indictments of Russia-based threat actors and a new joint FBI-CISA Cybersecurity Advisory about HAVEX released last week. An enduring and dangerous threat, HAVEX targeted the energy and power sectors in 135 countries from 2012-2018, and the tactics and techniques within it continue to threaten organizations today.
Attack Graph Response to US CERT AA22-074A: Russia-based actors disabling multi-factor authentication (MFA)
AttackIQ has released a new attack graph to emulate Russia-based threat actors as they exploit multi-factor authentication protocols to disable MFA. This blog describes the scenarios we have included in the new attack graph to emulate the adversary and then, to inform a purple team construct for cyberdefense operations, it provides detection and mitigation recommendations that you can use to improve your security program effectiveness. Read on for more.