Stories from the SOC – Web Server Attack

Executive Summary
Stories from the SOC is a blog series that describes recent real-world security incident investigations conducted and reported by the AT&T SOC analyst team for AT&T Managed Threat Detection and Response customers.
During the Investigation of a Web Server Attack alarm for a large multinational enterprise Customer, we conducted an Investigation that inevitably led to the customer isolating the system entirely. The sophistication of the Correlation Rules developed by the AT&T Alien Labs™ team recognized patterns that indicated an attack on the web server. Armed with the information presented by the alarm itself, we then expounded on those details which lead to the customer being informed that a public-facing server was actively vulnerable. While personally interfacing with the Customer, they conveyed they were unaware of this system being open and hastily took corrective measures; thus, resulting in the isolation of the…

Posted by: Leo Garcia

Read full post

      

The post Stories from the SOC – Web Server Attack appeared first on Cybersecurity Insiders.

April 28, 2020 at 09:08AM

Posted in: Cyber Security, Cybersecurity Insiders, Hacking, Hacking Articles, Hacking News, Security