Year: 2018

GandCrab V5 Exploits Recently Patched Zero-Day Vulnerability
GandCrab V5 Exploits Recently Patched Zero-Day Vulnerability

Delaware, USA – September 27, 2018 — GandCrab ransomware was discovered at the beginning of this year, malware authors promoted it on underground forums as Ransomware-as-a-Service and soon GandCrab became one of the most widespread ransomware strain. This week, researchers found the next version of this malware distributing in the malvertising campaign that redirected users […]

Read More
Viro Botnet Ransomware Targets the United States
Viro Botnet Ransomware Targets the United States

Delaware, USA – September 26, 2018 — The recently discovered XBash malware used by the Iron cybergang has acquired a follower – Viro Botnet Ransomware. This is a completely new ransomware strain discovered by researchers from Trend Micro. The first cases of infection occurred in the past Monday. After getting into the system, Viro botnet […]

Read More
Adwind RAT Abuses DDE to Avoid Detection
Adwind RAT Abuses DDE to Avoid Detection

Delaware, USA – September 25, 2018 — Researchers from Cisco Talos discovered a massive spam campaign that distributes the multi-platform Adwind RAT. Most targets of the attack are located in Turkey and Germany. Adversaries abuse the Dynamic Data Exchange feature in Microsoft Excel to successfully avoid detection by antivirus software. The campaign started on August […]

Read More
Cybercriminals Use Evil Clone Attack to Spread Cryptocurrency Miners
Cybercriminals Use Evil Clone Attack to Spread Cryptocurrency Miners

Delaware, USA – September 24, 2018 — Experts from Comodo discovered a new type of attack, which they called Evil Clone. To conduct this attack, adversaries created a “twin” of PDFescape software and added a malicious payload to the installer of the extended font package. In order not to cause user’s suspicion, undefined attackers created […]

Read More
SEMplicity and Perched Systems Become SOC Prime’s Partners
SEMplicity and Perched Systems Become SOC Prime’s Partners

Maryland, USA – September 21, 2018 – SOC Prime, Inc. announces a new partnership with SEMplicity, a USA-based leading managed security service provider, and Perched Systems, a consulting firm that offers development, education support and consulting services for Security workloads on the Elastic stack. SEMplicity is MSSP and consulting firm that specializes in large enterprise […]

Read More
Newegg Becomes New Victim of Magecart Operations
Newegg Becomes New Victim of Magecart Operations

Delaware, USA – September 20, 2018 — It became known about the next victim of the MageCart cybercrime group conducting high profile skimming operations. Researchers from RiskIQ and Volexity discovered skimmer on the website of the California retailer Newegg that transferred customer payment cards data to attackers’ server. Earlier this month, researchers discovered same successful […]

Read More
SOC Prime at Anomali Detect 2018
SOC Prime at Anomali Detect 2018

Delaware, USA – September 19, 2018 — SOC Prime team attends Anomali Detect 2018, Threat Hunting Event of the Year that is held at the Gaylord National Resort & Convention Center in National Harbor, Maryland. Anomali Detect gathers organizations and government agencies to come together under one roof to learn and discuss threat intelligence best […]

Read More
Xbash Malware Targets Windows and Linux Servers
Xbash Malware Targets Windows and Linux Servers

Delaware, USA – September 18, 2018 — Iron cybergang developed XBash malware with worm-like spreading mechanism. Malware attacks Windows and Linux servers and uses ransomware or coinminer module depending on the operating system. Researchers from Palo Alto Networks discovered XBash during the investigation of ransomware attacks, and further analysis of malware helped to link it […]

Read More
Fallout Exploit Kit Delivers SAVEfiles Ransomware
Fallout Exploit Kit Delivers SAVEfiles Ransomware

Delaware, USA – September 17, 2018 – Appeared in August 2018, Fallout Exploit Kit started spreading new ransomware strain through malvertising campaigns. Ransomware researcher Michael Gillespie detected the beginning of the campaign, and Kafeine discovered the way in which malware gets on the victims’ computers. Prior to the last week, Fallout Exploit Kit distributed GandCrab […]

Read More
PowerShell Obfuscation Technique Bypasses Most Antiviruses
PowerShell Obfuscation Technique Bypasses Most Antiviruses

Delaware, USA – September 14, 2018 — Adversaries are constantly improving their techniques and tools to remain undetected by common security solutions. Researchers from Cylance published the blog post about a new tactic used by adversaries to bypass antiviruses and infect users with well-known malware. In the newly discovered sample, adversaries leverage SecureString for PowerShell […]

Read More