Explore Project Ice Cream Threat Activity Clusters
Human-led treat hunting is an integral part of our security analytics development, both to continuously improve coverage of the ever-expanding attack surface while also eliminating false positives. This approach enables us to catch the next occurrence as and when it happens. Over time we have developed a deep understanding of threat group activity clusters that have improved analysis time and informed comprehensive remediation plans.
Adversary Using Public Hosting Exploits Emerging Threats
Threat activity cluster, Strawberry, appears to favor two primary exploits for gaining entry onto a vulnerable machine, Apache Solr remote code execution (RCE) vulnerability (CVE-2019-17558) and a Confluence OGNL exploit (CVE-2021-26084).
Sophisticated Adversary Capitalizes on Citrix ADC Servers
The threat activity cluster, Mint with Sprinkles, exploits Windows machines following Mint’s earlier success in exploiting Linux machines running the Citrix Application Deliver Controller (ADC).
Cloud-Based Adversary Capitalizes on Confluence Servers
In the next edition of our ice cream activity cluster blog series, we’re shining the spotlight on another historic actor that undertook a significant remodeling of their tactics, techniques and procedures (TTPs) when they expanded their target scope to include Windows machines.
The Importance of Cloud Application Security for Your Business
Explore the imperative of cloud application security in today’s digital realm. Uncover the top 10 security challenges confronting organizations utilizing cloud applications.
Web App Security: Insights from the Frontline
What builds the most effective security posture for web application security? Expert Josh Davies shares his web app warning signs and best mitigation practices.
What Is Cloud Transformation and Why Is It Important?
Companies of all sizes are undergoing cloud transformation to keep up with the speed of modern business. Cloud services make it easier to efficiently deliver services, engage with customers, and manage other business operations, so it makes sense that cloud migration is a top priority for most companies around the world.
A Day in the Life of a SOC Team
Ever wondered how Fortra’s Alert Logic MDR protects your network with human hands at the wheel? Our SOC team discussion is a must-read.
What is SOC 2 Compliance?
SOC 2 compliance is voluntary, but it helps boost customers’ confidence in your organization’s ability to keep their private data safe and secure.
ChatGPT – Security Risk or Security Enabler?
How can we be more creative for the good, especially for cybersecurity challenges, with ChatGPT and other AI?
The Top 5 Cloud Vulnerabilities to Watch Out for
Let’s explore five cloud vulnerabilities to watch out for and how to create a cybersecurity strategy to protect your data while safely reaping the rewards of cloud computing.
Webinar Series Gives View Inside Alert Logic’s Security Operations Center
Explore Alert Logic’s SOC in our webinar series for an inside look at creating outcome-focused MDR solutions to cybersecurity challenges.