News

Fileless Attacks are on the Rise

London, UK – June 23, 2017 – This year, the number of sophisticated attacks that use fileless malware increased by 33%. Such attacks become more popular among cybercriminals due to the fact that they easily bypass antivirus systems and application whitelisting, and it is harder to investigate them by usual methods. One of the latest […]

QakBot Trojan Detector for ArcSight is released

London, UK – June 20, 2017 – Our team created a threat-centric turn-key SIEM use case for QakBot / Pinkslipbot Trojan detection. It is one of SOC Prime’s free use cases targeted at immediately uncovering the most recent threats, such as Industroyer, EternalRocks or WannaCry. You can download QakBot Trojan Detector after logging or registering […]

New QakBot Modification

London, UK – June 15, 2017 – A wave of Active Directory (AD) lockouts due to malware activity occurred in June. Researchers from IBM X-Force determined during the investigation that the culprit is the famous banking trojan QakBot (aka PinkSlip). Due to actions of this malware, hundreds of thousands of Active Directory users were suddenly […]

SIEM Use case for Industroyer detection

London, UK – June 13, 2017 – Researchers at ESET have discovered and analyzed samples of malware Win32 / Industroyer. Industroyer seems to be designed to attacks power grids. It is very dangerous, because this malware is able to control circuit breakers directly via industrial communication protocols used throughout the world in critical infrastructures (such […]

Ransomware Now

London, UK – June 9, 2017 – Infosecurity Europe 2017, the largest event in the Eastern Hemisphere, finished yesterday. This year it was the 21st exhibition. A lot of excellent solutions were demonstrated there; and well-known IS experts presented plenty of reports. It was great to spend three days in a good company among thousands […]

SOC Prime at Infosecurity Europe 2017

London, UK – June 6, 2017 – SOC Prime, Inc. is participating in Infosecurity Europe 2017! Andrii Bezverkhyi and Ruslan Mikhalev are waiting for you at Satisnet’s stand and they are ready to communicate with you and show the most current versions of our products.

Visit us at the Satisnet booth (D245) at Infosecurity Europe on 06-08 June 2017!

London, UK – May 30, 2017 – SOC Prime, Inc. reports that you can find us and our partner, Satisnet, at Infosecurity Europe at booth D245. Visit us and talk with our ArcSight and QRadar experts to learn how to increase the efficiency of your SOC. Ask any questions and get acquainted with our products. […]

EternalRocks Worm Detector SIEM Use Case

London, UK – May 25, 2017 – SOC Prime, Inc. reports on public availability of SIEM use cases for EternalRocks detection. Based on the information gathered by Miroslav Stampar, expert of the Croatian Government CERT, we created EternalRocks Worm Detector for HPE ArcSight, IBM QRadar and Splunk. EternalRocks is the more sophisticated successor to the […]

Predictive Maintenance 3.4.1 is released!

London, UK – May 11, 2017 – SOC Prime, Inc. announces a release of the new version of Predictive Maintenance (https://socprime.com/en/predictive-maintenance/) platform for HPE ArcSight. We are constantly working on making our platform as functional as possible and providing information security experts with all the necessary tools. In Predictive Maintenance 3.4.1, we have added the […]

SOC Prime reveals Security Management Assistance Cloud

London, UK – May 5, 2017 – As we explore benefits of interconnected digital world every organization faces more and more cyber security risks. Many of us invested into solid security technologies such as SIEM, Vulnerability Management, Threat Intelligence and built Security Operation Centers. A question that remains is how do we use them to […]