My account

Year: 2016

24.11.2016 SOC Prime, Inc hosted the first international conference on cyber security “Cyber For All” in Kyiv, Ukraine. SOC Prime staff and business partners made presentations and several customers shared their real success stories of their usage of SOC Prime products. Conference was attended mainly by representatives of the telecom and finance business community of Ukraine. Kyiv […]

Mirai botnet digest: threat overview, analytics and remediation

781

A quote of a famous professor “Good news everyone!” would be best fit to the recent events when the Internet of sheit Things has set the hell loose in the whole digital world, with Mirai botnet being one of its infamous minions. In before broken sarcasm-detectors: the situation is indeed tense, reputable researchers in the […]

Hello everyone! Today we will focus on the fresh example of the simple phishing from the actual practice as always. Let’s analyze the following letter:

Infrastructure infiltration via RTF

505

Let’s proceed to studying a stage of attack called “Delivery” from Lockheed Martin Cyber Kill Chain. Much can be said about this stage, but today I’ll just share parsing of one sample which I have recently received for analysis. The sample attracted my attention because of its simplicity on one hand and its sophistication on […]

Attack on domain controller database (NTDS.DIT)

1,138

So, as I have promised, we start the process of analyzing separate Cyber Kill Chain stages of the previously described attack. Today we will review one of the attack vectors on the Company infrastructure, which we can count as two stages: «Actions on Objectives» and «Reconnaissance». Our goals are: