News

Saudi Arabia Government entities were hit by cyberespionage attack

Delaware, USA – October 3, 2017 – Researchers from Malwarebytes Lab reported a malicious campaign against Governmental entities in Saudi Arabia. Over the past year, Saudi Arabia has become the target of several large-scale cyber attacks: according to researchers from Kaspersky Lab, about 60 percent of organizations in this country were attacked by various malware. […]

KSK key update for DNSSEC protocol is postponed to the next year

Delaware, USA – October 2, 2017 – ICANN has postponed the date of the KSK key update to the beginning of 2018. The main reason for the delay is that some providers did not implement the KSK key in the infrastructure, which could lead to the impossibility of sending DNS queries to about 60 million […]

The increase in credential theft attacks

Delaware, USA – October 2, 2017 – Researchers from WatchGuard report that recently hackers have significantly shifted their priorities to credential theft. Almost half of the malware that they use for this purpose exploits zero-day vulnerabilities or is modified so that antivirus solutions cannot detect it. In addition, more than a third of attacks to […]

Retefe Trojan can leverage EternalBlue exploit

Delaware, USA – September 26, 2017 – Researchers from Proofpoint discovered that banking Trojan Retefe leveraged EternalBlue exploit. The last Retefe campaign targeted banks in Switzerland. Adversaries use this malware since 2013 in attacks against financial institutions in Central Europe, Britain and Japan. The Trojan redirects users to proxy servers hidden in the Tor network […]

SOC Prime team at Anomali Detect’17

Delaware, USA – September 22, 2017 – SOC Prime, Inc. announces that its team attends Anomali Detect’17. Andrii Bezverkhyi and Ruslan Mikhalov visit the Anomali’s threat intelligence event of the year that is held at the Gaylord National Resort & Convention Center, September 20 – 22, 2017 in National Harbor, Maryland. This year Anomali Detect […]

Recent Locky Ransomware Campaigns

Delaware, USA – September 21, 2017 – This year, Locky is the most commonly used Ransomware in the world. Almost every week researchers report mass spam campaigns (about 20 million emails per day) targeting residents of dozens of countries. Constant modifications and advanced methods of social engineering allow this virus to be very effective. Particularly […]

Detection of RDP Hijacking

Delaware, USA – September 19, 2017 – The possibility of RDP session hijacking in Microsoft Windows is known since 2011. In March of this year researcher Alexander Korznikov described detailed methods of hijacking in his blog. At the moment there are about 2.5 million open RDP servers in the world, and, according to the research, […]

Predictive Maintenance Update

Delaware, USA – September 14, 2017 – SOC Prime announces the release of the update for Predictive Maintenance platform for HPE ArcSight. Predictive Maintenance 3.4.6 has become even more convenient for large companies with a distributed network. Now you can deploy several PMs and forward data to Primary PM so you can have a full […]

Use Case Cloud is released!

Delaware, USA – September 11, 2017 — SOC Prime announces the release of Use Case Cloud. UCC platform has undergone significant changes and acquired many new features that will help improve the efficiency of your SIEM and greatly facilitate SOC operations. Make your SIEM smarter. Now SIEM content is integrated with MITRE ATT&CK. This will […]

Our Team at Protect 2017

London, UK – September 11, 2017 – SOC Prime reports that our team has already arrived at the conference and prepares for a session. The session “ArcSight vs AI cyber weapons: A field report from the epicenter of cyberwar” Session ID: T37837 (https://software-events.ext.hpe.com/protectsessionshome) will take place in a few hours, today at 14:45 PM in […]