Delaware, USA – December 13, 2018 – ‘Operation Sharpshooter’ cyber espionage campaign has been active for two months targeting at least 87 organizations in 24 countries. It is still unknown who is the threat actor behind this campaign. Attackers use techniques, tactics and procedures of the Lazarus group, but researchers from McAfee assume that all […]
Delaware, USA – December 12, 2018 – A newly discovered Novidade exploit kit attacks home and SOHO routers compromising endpoints and mobile devices connected to them. Researchers from Trend Micro described in the blog post that the exploit kit uses cross-site request forgery to change DNS settings allowing adversaries to conduct a pharming attack redirecting […]
Delaware, USA – December 11, 2018 – Cybersecurity experts from Anomali Labs spotted a new malware strain dubbed Rabbot targeting Linux servers and IoT devices. The first campaign started in August 2018, adversaries attacked Linux servers located in the US, South Korea, Russia and the United Kingdom with Linux Rabbit malware. The malware establishes a […]
Delaware, USA – December 10, 2018 – SOC Prime, Inc. is pleased to announce Nate Guagenti joins our team as Highload Elastic stack architectures and Threat Hunting Advisor. Nate is one of the most passionate experts in the Elastic stack with more than ten years of experience in deploying and engineering network and endpoint SIEMs […]
Delaware, USA – December 7, 2018 – At least eight banks in Eastern Europe became the victims of the new type of attack in the past two years, the total damage from the attacks is estimated in the tens of millions of dollars. In a recent publication, researchers from Kaspersky Lab shared the results of […]
Delaware, USA – December 6, 2018 – A week before the official Patch Tuesday, Adobe released the security update that closes two critical vulnerabilities, one of which is a Flash zero-day that actively exploited in the wild. CVE-2018-15982 is a use-after-free security flaw that allows adversaries to execute arbitrary code on the attacked computer and […]
Delaware, USA – December 5, 2018 – New ransomware strain emerged last Saturday and infected more than 100,000 PC in China for the moment. WeChat Ransom encrypts local files only and steals credentials for multiple Chinese online services. The ransomware demands just 110 yuan (~$16) to decrypt files, and a victim can pay them via […]
Delaware, USA – December 4, 2018 – Fractured Block campaign started in March 2018 and significantly intensified in recent months. Researchers at Palo Alto Networks’ Unit 42 division track it from the very beginning and shared their findings in the blog post. The campaign targets Southeast Asia, and the malware used allows suggesting that the […]
Delaware, USA – December 3, 2018 – Last week, researchers reported on two new campaigns by the APT28 group aimed at European government organizations and military institutions. APT28 also known as Sofacy, Pawn Storm, Sednit, Fancy Bear and Snakemackerel attacked government entities of NATO members and countries in Central Asia using malicious document pretended to […]
Delaware, USA – November 30, 2018 – KingMiner is a cryptocurrency mining malware that attacks mostly IIS\SQL Servers. It was discovered six months ago, and since that the malware authors continuously add new features and bypass methods to avoid emulation. Researchers from Check Point discovered a new campaign spreading KingMiner cryptojacker. The malware conducts brute […]