Month: August 2017

Zeronsec, an international integrator becomes SOC Prime’s partner

London, UK – August 31, 2017 – SOC Prime, Inc. announces a new partnership with Zeronsec to assit in their goal of delivering architecture and services that support the most efficient and secure IT. Zeronsec joins our network as a successful multi-national integrator and we are excited about opportunities this partnership brings to both companies. […]

Read More
“Gazer” – a New Backdoor Used in Cyber espionage

LONDON, UK. – August 31, 2017 – Researchers from ESET reported on the advanced backdoor “Gazer” for cyber espionage, created by the infamous hacker group Turla. At the moment, four versions of this malware are detected in Europe, Asia and South America. The malicious campaign continues from 2016, and its primary targets are embassies, consulates, as well as international […]

Read More
Fileless Trojan JS_POMET and Cryptocurrency Miner TROJ64_COINMINER

LONDON, UK. – August 29, 2017 – Previously we wrote about the growing popularity of fileless attacks: the attack on the restaurant business in the United States and Sorebrect Ransomware. This month researchers from Trend Micro reported about completely fileless Trojan JS_POWMET.DE and a new cryptocurrency miner TROJ64_COINMINER.QO. These malware instances were designed to evade […]

Read More
SOC Prime’s CEO is invited to ArcSight Technical Advisory Board at HPE Protect 2017

LONDON, UK. –  August 25, 2017 – SOC Prime, Inc. announced that its CEO Andrii Bezverkhyi was invited to join ArcSight Technical Advisory Board this year at HPE Protect 2017. ArcSight Technical Advisory Board is comprised of security leaders and experts who have proved to have both knowledge and vision in the cybersecurity world. The […]

Read More
SOC Prime CEO Andrii Bezverkhyi and CCO Ruslan Mikhalov to speak at HPE Protect 2017

LONDON, UK. – August 23, 2017 – SOC Prime, Inc. announces that Andrii Bezverkhyi, CEO, will lead a session at HPE Protect 2017. Our executives Andrii Bezverkhyi and Ruslan Mikhalov were chosen as guest speakers to share their knowledge and experience during a session “ArcSight vs AI cyber weapons: A field report from the epicenter […]

Read More
SyncCrypt Ransomware is Delivered in JPG Files

London, UK – August 17, 2017 – Earlier this month, researchers from Kaspersky Lab noted that steganography was becoming an increasingly attractive technique for hackers and published a list of malware that used this technique. This week, a researcher from Emsisoft discovered a new Ransomware using steganography in the Delivery phase. The SyncCrypt virus is […]

Read More
PPSX files are used for malicious payload dropping

London, UK – August 15, 2017 – Adversaries continue to exploit CVE-2017-0199 vulnerability to deliver Trojans and rootkits. Recently, unknown hackers conducted a campaign against the financial sector, in which they used malformed RTF files.

Read More
volia

VOLIA is the leading national Ukrainian telecommunication provider that provides modern telecommunication services: analog, digital, HD and interactive TV “VOLIA Smart HD”, high-speed Internet access as well as the services of one of the largest data centers in Ukraine. VOLIA two consecutive years (2015 and 2016) was recognized as the best provider of digital entertainment […]

Read More
Assets and describing critical infrastructure objects

While implementing and using IBM QRadar, users often ask the following questions: what are Assets? What are they needed for? What can we do with them? How to automate the filling of the Assets model? ‘Assets’ is a model that describes infrastructure and allows IBM QRadar system to react differently to the events that are […]

Read More
Mamba Ransomware has been spotted in Saudi Arabia and Brazil

London, UK – August 10, 2017 – Mamba Ransomware appeared in 2016 and was one of the first viruses that encrypt not files, but whole hard drives. It uses a legitimate tool DiskCryptor for full disk encryption. Researchers from Kaspersky Lab report that creators of this Ransomware resumed attacks on corporations in August. Currently, this […]

Read More