Year: 2019

Delaware, USA – December 30, 2019 – Financial and telecommunications companies in Eastern Europe and Central Asia were breached by the undefined threat actor in a series of cyberattacks. According to Kaspersky Lab, the cybercriminals are interested in huge sums, they attempted to steal several million dollars from each financial organization, and in the networks […]

Delaware, USA – December 26, 2019 – Over the past few months, Entercom has become the second time the target of a cyberattack: in September, the radio network suffered a ransomware attack and attackers demanded $500,000 for decrypting the files. As a result of that attack, the radio network lost about $1.4 million and spent […]

Delaware, USA – December 23, 2019 – Chinese state-sponsored cyberespionage group resurfaced with new operations targeted at multiple industries, Managed Service Providers, and government entities. Fox-IT experts discovered the APT20 group’s activity during the investigation of a data breach in one of the attacked organization and dubbed the campaign “Operation Wocao.” The group has been […]

Delaware, USA – December 18, 2019 – We are excited to announce that 10 of the most active developers submitting content to SOC Prime’s Threat Bounty Program (https://my.socprime.com/en/tdm-developers) will receive special gifts for 2019 Holiday Season! Together with our partner Elastic, we are giving 10 certificates to attend online training course of Elastic Machine Learning […]

Delaware, USA – December 12, 2019 – TrickBot operators offer access to high-profile targets not only to other cybercriminals but also to state-sponsored threat actors. In October, NTT Security published a report on the appearance of a new and much more advanced version of the TrickBot – Anchor project. Researchers believe that attackers evaluate the […]

Delaware, USA – December 11, 2019 – Waterbear modular malware is a development of cyberespionage group BlackTech and is often used in attacks on technology companies and government agencies in East Asia. Last year the group made the headlines distributing Plead backdoor signed with legitimate code-signing certificates previously stolen from Taiwanese companies: D-LINK and Changing […]

Delaware, USA – December 10, 2019 – The relatively new ransomware strain is used in targeted attacks on organizations, and its authors are looking for affiliates with access to corporate networks. During an investigation of the ransomware outbreak in one of the customers, researchers at Sophos drew attention to Snatch ransomware, which appeared about a […]

We continue our series of interviews with participants of the Developer Program (https://my.socprime.com/en/tdm-developers), threat hunters and cybersecurity enthusiasts to introduce you to these wonderful people who are searching the web for relevant threats and create unique content for their detection. Meet SOC Prime’s Senior Threat Hunting Engineer – Adam Swan. Adam, tell us a bit […]

Delaware, USA – December 9, 2019 – Since at least the spring of 2019, the Vietnamese APT group has had access to the networks of the German manufacturer BMW – Bayerischer Rundfunk reports. The fact of compromise became known when the security team discovered the Cobalt Strike penetration testing tool on the company’s computers, which has […]

Delaware, USA – December 6, 2019 – One of the biggest data center providers in the United States confirmed the cybersecurity incident affected customers primarily serviced by CyrusOne’s New York Data Center. CyrusOne does not disclose the details of the attack and conducts an investigation. At the same time, ZDNet has evidence indicating that Sodinokibi […]