News

MageCart Group Compromises Forbes Subscription Site

Delaware, USA – May 16, 2019 – The cybercriminals compromised the Forbes website and injected the card skimmer into a subscription page. Security researcher Troy Mursch uncovered obfuscated JavaScript on the website yesterday and immediately informed the organization about compromise. It took about 10 hours before the site admin took down the payment page, and […]

ThrAngryCats Vulnerability Affects Millions of Cisco Devices

Delaware, USA – May 15, 2019 – The discovered vulnerability allows attackers to inject persistent backdoor into millions of devices used all over the world. Vulnerability ThrAngryCats affects all devices with a Trust Anchor module, and this is more than 100 Cisco product families released by the company since 2013, including network switches, routers, and […]

Antivirus Vendors Breached by Fxmsp Hacker Group

Delaware, USA – May 14, 2019 – Three security solutions vendors became victims of the Fxmsp hacker group: Trend Micro, Symantec, and McAfee. Adversaries sneaked up into the internal networks of organizations, stole the source code of their solutions and then put them up for sale through trusted proxy resellers. In addition to source codes, […]

Electricfish Malware is Used in Lazarus’ Campaigns

Delaware, USA – May 13, 2019 – The new malware is used by adversaries to funnel traffic between two IP addresses covertly exfiltrating stolen information. The Federal Bureau of Investigation and the Department of Homeland Security published malware analysis report warning about a new tool used by the Lazarus group in recent attacks. Electricfish malware […]

Turla APT Uses LightNeuron Backdoor to Subdue Microsoft Exchange Servers

Delaware, USA – May 10, 2019 – Turla APT installs LightNeuron backdoor on MS Exchange servers at least from 2014. The uncovered malware acts as a mail transfer agent allowing adversaries to completely control traffic on the infected server including email interception, as well as sending, forwarding, blocking and editing correspondence. The ESET research confirms that […]

Elastic and SOC Prime Conduct a Cyber Security Analytics Seminar

Delaware, USA – May 8, 2019 – SOC Prime announces an opening to the series of events that will connect information security experts across finance, telecom, critical infrastructure, agriculture, public sector, IT software and services organizations. On May 21st and for the first time in Ukraine, Elastic and SOC Prime will conduct a Cyber Security analytics […]

QBot Trojan Becomes More Stealthy

Delaware, USA – May 7, 2019 – The authors of QBot trojan started to use new obfuscation techniques which significantly complicate the detection of the malware. Researchers at Cisco Talos analyzed the increased activity of malware in April and found a number of innovations that allow malware to maintain persistence and remain hidden from security […]

MegaCortex Ransomware Attacks Organizations in Europe and North America

Delaware, USA – May 6, 2019 – Since the beginning of the month, a new player on the ransomware scene has already conducted several dozen attacks on corporate networks. Sophos researchers continue the investigation and report that organizations in the United States, Italy, Canada, France, Ireland, and the Netherlands have become targets of MegaCortex ransomware […]

SOC Prime is Attending Workshop – EU ATT&CK Community

Delaware, USA – May 3, 2019 – SOC Prime team will be in Brussels next week where Workshop – EU ATT&CK Community will take place on Thursday-Friday 9-10 May. This is the third workshop of EU ATT&CK Community which is organized by practitioners and for practitioners with an interest in the use of the MITRE […]

A2 Hosting is Hit by GlobeImposter 2.0 Ransomware

Delaware, USA – May 2, 2019 – Ransomware attack on a US-based web hosting provider disabled the company’s Windows servers for eight days. As reported by A2 Hosting, the incident occurred on April 22, the security team detected the file encryption process on Windows hosting servers and shut down all of them to prevent the […]