What You Need to Know About HITRUST
Ensure HIPAA compliance with HITRUST’s standardized security framework, simplifying complex regulations and protecting patient data from costly penalties
3 Tips to Strengthen AWS Container Security
Enhance the security of your AWS container deployment for swift and reliable operations. Discover effective strategies to fortify AWS container security and ensure a robust deployment environment.
The Essential Steps of Cloud Migration Security
Unlock the full potential of your business with seamless cloud migration. Safeguard your transition with expert insights on ensuring the security of your new digital ecosystem. Explore the essentials of cloud migration security to empower your business transformation securely.
What is NIST Compliance?
Unlock the potential advantages of adhering to NIST standards for your business, irrespective of your involvement with federal agencies. Explore the impact of NIST compliance on organizational benefits in this insightful article.
Speed, Shakespeare Allow for Exploitation of Zero Days
This is a flavor of attackers who use remote code execution exploits (RCE) targeting Linux machines to upload crypto miners to vulnerable Linux systems.
APT Hides Among an Emerging Threat Land Grab
The ice cream blog series continues by documenting another activity cluster first observed in our dataset in 2019. This threat cluster has been well documented in the security community with, APT41, Lead, Wicked Panda, and Vanadinite demonstrating significant overlap in activity, making it likely that each represents activity involving the same threat group. We are grateful for the contributions of these and other threat researchers who have helped inform the security community’s understanding of this actor.
Explore Project Ice Cream Threat Activity Clusters
Human-led treat hunting is an integral part of our security analytics development, both to continuously improve coverage of the ever-expanding attack surface while also eliminating false positives. This approach enables us to catch the next occurrence as and when it happens. Over time we have developed a deep understanding of threat group activity clusters that have improved analysis time and informed comprehensive remediation plans.
Adversary Using Public Hosting Exploits Emerging Threats
Threat activity cluster, Strawberry, appears to favor two primary exploits for gaining entry onto a vulnerable machine, Apache Solr remote code execution (RCE) vulnerability (CVE-2019-17558) and a Confluence OGNL exploit (CVE-2021-26084).
Sophisticated Adversary Capitalizes on Citrix ADC Servers
The threat activity cluster, Mint with Sprinkles, exploits Windows machines following Mint’s earlier success in exploiting Linux machines running the Citrix Application Deliver Controller (ADC).
Cloud-Based Adversary Capitalizes on Confluence Servers
In the next edition of our ice cream activity cluster blog series, we’re shining the spotlight on another historic actor that undertook a significant remodeling of their tactics, techniques and procedures (TTPs) when they expanded their target scope to include Windows machines.
The Importance of Cloud Application Security for Your Business
Explore the imperative of cloud application security in today’s digital realm. Uncover the top 10 security challenges confronting organizations utilizing cloud applications.
Web App Security: Insights from the Frontline
What builds the most effective security posture for web application security? Expert Josh Davies shares his web app warning signs and best mitigation practices.