London, UK – July 4, 2017 – Researchers from Trend Micro reported a new threat created to attack large enterprises. Sorebrect is a fileless Ransomware that injects malicious code into svchost.exe process. This virus gets delivered into a system through the malicious use of the PsExec utility, which allows system administrators to run files or […]
London, UK – June 27, 2017 – We created a SIEM use case that detects the new version of infamous Petya ransomware . Petya A / PetrWrap Ransomware detector for ArcSight, QRadar and Splunk is available free of charge for all organizations after registration in the S.M.A. Cloud. Currently, we are working on finding and […]
London, UK – June 23, 2017 – This year, the number of sophisticated attacks that use fileless malware increased by 33%. Such attacks become more popular among cybercriminals due to the fact that they easily bypass antivirus systems and application whitelisting, and it is harder to investigate them by usual methods. One of the latest […]
London, UK – June 20, 2017 – Our team created a threat-centric turn-key SIEM use case for QakBot / Pinkslipbot Trojan detection. It is one of SOC Prime’s free use cases targeted at immediately uncovering the most recent threats, such as Industroyer, EternalRocks or WannaCry. You can download QakBot Trojan Detector after logging or registering […]
London, UK – June 15, 2017 – A wave of Active Directory (AD) lockouts due to malware activity occurred in June. Researchers from IBM X-Force determined during the investigation that the culprit is the famous banking trojan QakBot (aka PinkSlip). Due to actions of this malware, hundreds of thousands of Active Directory users were suddenly […]
London, UK – June 13, 2017 – Researchers at ESET have discovered and analyzed samples of malware Win32 / Industroyer. Industroyer seems to be designed to attacks power grids. It is very dangerous, because this malware is able to control circuit breakers directly via industrial communication protocols used throughout the world in critical infrastructures (such […]
London, UK – June 9, 2017 – Infosecurity Europe 2017, the largest event in the Eastern Hemisphere, finished yesterday. This year it was the 21st exhibition. A lot of excellent solutions were demonstrated there; and well-known IS experts presented plenty of reports. It was great to spend three days in a good company among thousands […]
London, UK – June 6, 2017 – SOC Prime, Inc. is participating in Infosecurity Europe 2017! Andrii Bezverkhyi and Ruslan Mikhalev are waiting for you at Satisnet’s stand and they are ready to communicate with you and show the most current versions of our products.
London, UK – May 30, 2017 – SOC Prime, Inc. reports that you can find us and our partner, Satisnet, at Infosecurity Europe at booth D245. Visit us and talk with our ArcSight and QRadar experts to learn how to increase the efficiency of your SOC. Ask any questions and get acquainted with our products. […]
London, UK – May 25, 2017 – SOC Prime, Inc. reports on public availability of SIEM use cases for EternalRocks detection. Based on the information gathered by Miroslav Stampar, expert of the Croatian Government CERT, we created EternalRocks Worm Detector for HPE ArcSight, IBM QRadar and Splunk. EternalRocks is the more sophisticated successor to the […]