Year: 2016

Our free solution to automate management of SSL/TLS encryption certificates SSL Framework has been updated to Version 1.5.2 for Splunk users and is now available at the Splunkbase. New features: Added Proxy Configuration to Setup page. Now proxy credentials are stored in secure storage. Splunkbase is a dynamic app and add-on sharing gallery along with a […]

Hello everyone! Today we will focus on the fresh example of the simple phishing from the actual practice as always. Let’s analyze the following letter:

Kyiv, Ukraine, May 30, 2016 – SOC Prime conducted an expert master class on HPE ArcSight administration, SIEM best practices and SOC automation via Predictive Maintenance on Friday, 27th of May. Warmly welcomed by HPE Ukraine, 18 security professionals worked intensely with SOC Prime team for the whole day, collaborating on practical aspects of SIEM […]

Let’s proceed to studying a stage of attack called “Delivery” from Lockheed Martin Cyber Kill Chain. Much can be said about this stage, but today I’ll just share parsing of one sample which I have recently received for analysis. The sample attracted my attention because of its simplicity on one hand and its sophistication on […]

So, as I have promised, we start the process of analyzing separate Cyber Kill Chain stages of the previously described attack. Today we will review one of the attack vectors on the Company infrastructure, which we can count as two stages: «Actions on Objectives» and «Reconnaissance». Our goals are:

SOC Prime is proud to announce our newest MSSP and reselling partner: Motiv, a Netherlands-based provider of IT security solutions and services for prevention of cybercrime, data theft and data loss working with the public and private sectors.

Abordage  – the act of boarding an enemy ship as part of an attack. In today’s post, I will describe a part of investigation of one cyber security incident that has eventually evolved into a global investigation connected with an attack based on BlackEnergy that has hit a number of industries in Ukraine. As we progressed […]

SOC Prime welcomes our newest member – Alex Verbniak. He joins us to ensure that our platform and infrastructure work together in the most efficient way.

SOC Prime is pleased to welcome our latest partner: Betta Security – a team of international experts in the information security field. Betta Security has been successfully selling and implementing the best security solutions for the largest Ukrainian companies for the last 10 years. They are always ready to assist their customers discover the latest […]

First, let me thank everyone for the feedback and comments on the previous article. It was quite thrilling to see how the theory holds up in practice.