Month: August 2017

London, UK – August 31, 2017 – SOC Prime, Inc. announces a new partnership with Zeronsec to assit in their goal of delivering architecture and services that support the most efficient and secure IT. Zeronsec joins our network as a successful multi-national integrator and we are excited about opportunities this partnership brings to both companies. […]

LONDON, UK. – August 31, 2017 – Researchers from ESET reported on the advanced backdoor “Gazer” for cyber espionage, created by the infamous hacker group Turla. At the moment, four versions of this malware are detected in Europe, Asia and South America. The malicious campaign continues from 2016, and its primary targets are embassies, consulates, as well as international […]

LONDON, UK. – August 29, 2017 – Previously we wrote about the growing popularity of fileless attacks: the attack on the restaurant business in the United States and Sorebrect Ransomware. This month researchers from Trend Micro reported about completely fileless Trojan JS_POWMET.DE and a new cryptocurrency miner TROJ64_COINMINER.QO. These malware instances were designed to evade […]

LONDON, UK. –  August 25, 2017 – SOC Prime, Inc. announced that its CEO Andrii Bezverkhyi was invited to join ArcSight Technical Advisory Board this year at HPE Protect 2017. ArcSight Technical Advisory Board is comprised of security leaders and experts who have proved to have both knowledge and vision in the cybersecurity world. The […]

LONDON, UK. – August 23, 2017 – SOC Prime, Inc. announces that Andrii Bezverkhyi, CEO, will lead a session at HPE Protect 2017. Our executives Andrii Bezverkhyi and Ruslan Mikhalov were chosen as guest speakers to share their knowledge and experience during a session “ArcSight vs AI cyber weapons: A field report from the epicenter […]

London, UK – August 17, 2017 – Earlier this month, researchers from Kaspersky Lab noted that steganography was becoming an increasingly attractive technique for hackers and published a list of malware that used this technique. This week, a researcher from Emsisoft discovered a new Ransomware using steganography in the Delivery phase. The SyncCrypt virus is […]

London, UK – August 15, 2017 – Adversaries continue to exploit CVE-2017-0199 vulnerability to deliver Trojans and rootkits. Recently, unknown hackers conducted a campaign against the financial sector, in which they used malformed RTF files.

VOLIA is the leading national Ukrainian telecommunication provider that provides modern telecommunication services: analog, digital, HD and interactive TV “VOLIA Smart HD”, high-speed Internet access as well as the services of one of the largest data centers in Ukraine. VOLIA two consecutive years (2015 and 2016) was recognized as the best provider of digital entertainment […]

While implementing and using IBM QRadar, users often ask the following questions: what are Assets? What are they needed for? What can we do with them? How to automate the filling of the Assets model? ‘Assets’ is a model that describes infrastructure and allows IBM QRadar system to react differently to the events that are […]

London, UK – August 10, 2017 – Mamba Ransomware appeared in 2016 and was one of the first viruses that encrypt not files, but whole hard drives. It uses a legitimate tool DiskCryptor for full disk encryption. Researchers from Kaspersky Lab report that creators of this Ransomware resumed attacks on corporations in August. Currently, this […]