Year: 2018

Delaware, USA – December 11, 2018 – Cybersecurity experts from Anomali Labs spotted a new malware strain dubbed Rabbot targeting Linux servers and IoT devices. The first campaign started in August 2018, adversaries attacked Linux servers located in the US, South Korea, Russia and the United Kingdom with Linux Rabbit malware. The malware establishes a […]

Delaware, USA – December 10, 2018 – SOC Prime, Inc. is pleased to announce Nate Guagenti joins our team as Highload Elastic stack architectures and Threat Hunting Advisor. Nate is one of the most passionate experts in the Elastic stack with more than ten years of experience in deploying and engineering network and endpoint SIEMs […]

Delaware, USA – December 7, 2018 – At least eight banks in Eastern Europe became the victims of the new type of attack in the past two years, the total damage from the attacks is estimated in the tens of millions of dollars. In a recent publication, researchers from Kaspersky Lab shared the results of […]

Delaware, USA – December 6, 2018 – A week before the official Patch Tuesday, Adobe released the security update that closes two critical vulnerabilities, one of which is a Flash zero-day that actively exploited in the wild. CVE-2018-15982 is a use-after-free security flaw that allows adversaries to execute arbitrary code on the attacked computer and […]

Delaware, USA – December 5, 2018 – New ransomware strain emerged last Saturday and infected more than 100,000 PC in China for the moment. WeChat Ransom encrypts local files only and steals credentials for multiple Chinese online services. The ransomware demands just 110 yuan (~$16) to decrypt files, and a victim can pay them via […]

Delaware, USA – December 4, 2018 – Fractured Block campaign started in March 2018 and significantly intensified in recent months. Researchers at Palo Alto Networks’ Unit 42 division track it from the very beginning and shared their findings in the blog post. The campaign targets Southeast Asia, and the malware used allows suggesting that the […]

Delaware, USA – December 3, 2018 – Last week, researchers reported on two new campaigns by the APT28 group aimed at European government organizations and military institutions. APT28 also known as Sofacy, Pawn Storm, Sednit, Fancy Bear and Snakemackerel attacked government entities of NATO members and countries in Central Asia using malicious document pretended to […]

Delaware, USA – November 30, 2018 – KingMiner is a cryptocurrency mining malware that attacks mostly IIS\SQL Servers. It was discovered six months ago, and since that the malware authors continuously add new features and bypass methods to avoid emulation. Researchers from Check Point discovered a new campaign spreading KingMiner cryptojacker. The malware conducts brute […]

Delaware, USA – November 29, 2018 – NjRAT remote access trojan was created based on the leaked Njw0rm source code, and it has a wide range of backdoor capabilities. NjRAT remote access trojan was created based on the leaked Njw0rm source code, and it has a wide range of backdoor capabilities. Researchers from Trend Micro […]

Delaware, USA – November 28, 2018 — This month, researchers discovered attacks spreading a new ransomware family. Scroboscope ransomware was created using PHP Devel Studio 3.0 and is distributed as EXE files. It is assumed that the most likely distribution vector is malspam campaigns with malicious attachments, but it is also possible that attackers hack […]