Clik here to view.
Kimsuky APT New Campaign Detection: North Korean Hackers Leverage Microsoft...
Hard on the heels of the DEEP#GOSU offensive campaign associated with the North Korean hacking collective Kimsuky APT, the group comes to the spotlight once again by shifting their adversary TTPs....
View ArticleClik here to view.
SOC Prime Introduces Digital Badge Recognition for Threat Bounty Content Authors
As part of our ongoing commitment to cybersecurity excellence and community engagement, SOC Prime is thrilled to introduce the launch of a new digital badge initiative backed by Credly by Pearson....
View ArticleClik here to view.
New Supply Chain Attack Detection: Hackers Apply Multiple Tactics to Target...
Hackers employ diverse TTPs in a multi-stage software supply-chain campaign going after GitHub users, including members of the widely recognized Top.gg community, with over 170,000+ users falling prey...
View ArticleClik here to view.
CVE-2023-42931 Detection: Critical macOS Vulnerability Enabling Easy...
Security researchers warn of a critical privilege escalation vulnerability in multiple macOS versions that enables unauthorized users, including those with guest rights, to gain full root access to...
View ArticleClik here to view.
CVE-2024-3094 Analysis: Multi-layer Supply Chain Attack Using XZ Utils...
Cybersecurity experts remain vigilant amidst an ongoing supply chain attack that has cast a shadow over the most widely-used Linux distributions. With its scale and sophistication reminiscent of...
View ArticleClik here to view.
Recognition Badges for Threat Bounty Members
As it was announced earlier, SOC Prime introduced digital badge recognition for Threat Bounty members. As the first stage of the initiative, the badges were issued to Threat Bounty Program members...
View ArticleClik here to view.
VenomRAT Detection: A New Multi-Stage Attack Using ScrubCrypt to Deploy the...
Cybersecurity researchers have unveiled a novel sophisticated multi-stage attack, in which adversaries take advantage of the ScrubCrypt anti-malware evasion tool to drop VenomRAT along with multiple...
View ArticleClik here to view.
russian state-sponsored Hive0051 (aka UAC-0010, Gamaredon) Attack Detection:...
The state-sponsored russia-linked Gamaredon (aka Hive0051, UAC-0010, Armageddon APT) hacking collective comes to the spotlight launching a new wave of cyber attacks. Adversaries have been observed...
View ArticleClik here to view.
SOC Prime Threat Bounty Digest — March 2024 Results
Threat Bounty Publications In March 2024, 40 threat detection rules were successfully published to SOC Prime’s Platform via the Threat Bounty Program after the review of our Content Team. Although we...
View ArticleClik here to view.
CVE-2024-24576 Detection: Hackers Exploit a Maxim Severity “BatBadBut” Rust...
A new maximum severity vulnerability has been discovered in the Rust standard library. This vulnerability poses a serious threat to Windows users by enabling potential command injection attacks. The...
View ArticleClik here to view.
CVE-2024-3400 Detection: A Maximum Severity Command Injection PAN-OS Zero-Day...
A novel command injection zero-day vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software hits the headlines. The highly critical flaw, identified as CVE-2024-3400, has been...
View ArticleClik here to view.
UAC-0184 Abuses Messengers and Dating Websites to Proceed with Attacks...
The UAC-0184 hacking collective is back, once again setting its eyes on the Armed Forces of Ukraine. Adversaries attempt to gain access to the targeted computers to steal files and messaging data,...
View ArticleClik here to view.
Akira Ransomware Detection: Joint Cybersecurity Advisory (CSA) AA24-109A...
FBI and CISA, in conjunction with the U.S. and leading international cybersecurity agencies, have recently issued a joint advisory AA24-109A warning defenders of a surge in cyber attacks leveraging...
View ArticleClik here to view.
UAC-0149 Attacks Ukrainian Defense Forces Using Signal, CVE-2023-38831...
The UAC-0149 threat actor repeatedly targets Ukrainian governments and military organizations using COOKBOX malware. The latest research by CERT-UA details the new attack leveraging phishing Signal...
View ArticleClik here to view.
UAC-0133 (Sandworm) Attack Detection: russia-Linked Hackers Aim to Cripple...
For over a decade, the nefarious russia-backed Sandworm APT group (aka UAC-0133, UAC-0002, APT44, or FROZENBARENTS) has been consistently targeting Ukrainian organizations with a prime focus on the...
View ArticleClik here to view.
AI SIEM Migration: Simplify, Optimize, Innovate
Breaking Down Complexities for Smooth Adoption of Your Next-Scale SIEM According to Gartner, “cloud is the enabler of digital business”, which drives mission-critical organizations to consider cloud...
View ArticleClik here to view.
Forest Blizzard aka Fancy Bear Attack Detection: russian-backed Hackers Apply...
The nefarious cyber-espionage hacking collective tracked as Forest Blizzard (aka Fancy Bear, STRONTIUM, or APT28) has been experimenting with a novel custom tool dubbed GooseEgg malware to weaponize...
View ArticleClik here to view.
CVE-2024-21111 Detection: A New Critical Local Privilege Escalation...
A new vulnerability assigned CVE-2024-21111 was recently discovered in Oracle Virtualbox, a widespread open-source virtualization software. The uncovered critical Oracle VirtualBox vulnerability...
View ArticleClik here to view.
CVE-2024-4040 Detection: A Critical CrushFTP Zero-Day Vulnerability Exploited...
While CVE-2024-21111 exploitation risks have been a serious concern for organizations leveraging Oracle Virtualbox software, another critical vulnerability has been hitting the headlines. CrushFTP has...
View ArticleClik here to view.
SOC Prime’s Integration Highlights with Amazon Security Lake
Insights into Proactive Threat Detection & Automated Threat Hunting in the Era of Security Data Lakes On May 30, 2023, SOC Prime, provider of the foremost platform for collective cyber defense,...
View Article