News

New content for IBM QRadar in Use Case Cloud

Delaware, USA – December 12, 2017 – New content for IBM QRadar is added to Use Case Cloud. These are DNS Security Check Advanced and External Top Domains Baseline Basic SIEM use cases. DNS Security Check is one of the most high-demand use cases, and the Advanced version of this package will allow organizations to […]

Ursnif v3 Attacks Business and Corporate Banking Users in Australia

Delaware, USA – November 30, 2017 – Researchers from IBM X-Force discovered a new version of Ursnif banking trojan (also known as Gozi). This version is although created on the basis of the code that was leaked in 2010 and it significantly differs from the other trojans of this family, which allows suggesting that there […]

Necurs Botnet Started to Spread Scarab Ransomware

Delaware, USA – November 28, 2017 – The infamous botnet Necurs has recently begun to distribute new Scarab Ransomware. In the first wave of a spam campaign, the botnet sent over 12 million malicious emails. Attackers used the tactic that was tested in Locky campaigns: the subject of phishing emails was “Scanned from [Lexmark, Canon, […]

DNS Security Check Advanced for Arcsight is available in UCC

Delaware, USA – November 27, 2017 – DNS Security Check Advanced for ArcSight was released. Basic version of this use case is one of the most popular turn-key content in Use Case Cloud as it helps provide a basis for DNS protocol monitoring. It visualizes and automatically notifies the SIEM administrator about all discovered misconfigurations […]

Shadow IT Framework is released

Delaware, USA – November 24, 2017 – Shadow IT Framework for ArcSight and Splunk is available in Use Case Cloud. Any company has a lot of systems to meet the needs of information interaction between employees or business tasks, but sometimes employees decide to accelerate the process and make innovations bypassing IT and security by […]

Hackers from Cobalt group changed their tactic

Delaware, USA – November 23, 2017 – Attackers from the infamous Cobalt hacker group have changed their primary targets and techniques to install malicious payload on victims’ systems. The campaign against organizations in the CIS countries began this summer, adversaries used RTF which exploited CVE-2017-0199 to attack small and medium business. Researchers from Trend Micro […]

Terdot banking trojan has become a tool for cyber espionage

Delaware, USA – November 22, 2017 – Terdot banking trojan appeared about a year ago; it was created on the basis of Zeus trojan code and targeted Canadian banks. Recently, researchers from Bitdefender found that threat actors behind this trojan had significantly modified it and added several features. A new version of malware monitors almost […]

SOC Prime team is heading to SHIELD 2017!

Delaware, USA – November 20, 2017 – SOC Prime, Inc. announces that Andrii Bezverkhyi, Ruslan Mikhalov and Sergii Tyshchenko are now preparing to meet you at the annual cybersecurity event in Istanbul – SHIELD 2017! Come by our booth G6, talk to experts, try our products and experience their effectiveness for yourself.   SHIELD 2017 […]

Numbered Panda Uses CPL Files in Cyberespionage Campaign

Delaware, USA – November 15, 2017 – Attackers extremely rarely use CPL files to disguise malware, and usually, such attacks are performed by the notorious cybergangs. Using this file format allows them to bypass Windows AppLocker and causes less suspicion when cybersecurity officers investigate suspicious activity on a compromised system. The Palo Alto Networks unit […]

IcedID targets the U.S. and Canadian banks

Delaware, USA – November 14, 2017 – Cybercriminals’ arsenal is expanded with banking Trojan IcedID. It was discovered by researchers from IBM X-Force, and they argue that this is not a modification of any of the existing malware, but an entirely new one. IcedID targeted North American banks, and it is distributed via botnet associated […]