A community-driven approach based on Detection-as-Code principles and cutting-edge technology leveraging Sigma language and MITRE ATT&CKĀ® enables intelligent-driven threat detection, cost-efficient and cross-platform threat investigation, and instant access to detections for critical threats. SOC Primeās platform aggregates over 200,000 pieces of detection content easily convertible to 25+ SIEM, EDR, and XDR formats and aligned with […]
BlackByte ransomware reemerges in the cyber threat arena exploiting a security flaw in legitimate drivers to disable EDR products on compromised devices. Cybersecurity researchers have revealed that ransomware operators apply an advanced adversary technique dubbed āBring Your Own Driverā enabling them to bypass security products and spread infection on vulnerable machines. Detect BlackByte Ransomware Used […]
Stay on alert! Cybersecurity researchers have recently revealed new Microsoft Exchange zero-day vulnerabilities aka ProxyNotShell tracked as CVE-2022-41040 and CVE-2022-41082 that are currently actively exploited in the wild. The newly uncovered bugs in Microsoft Exchange Server can be paired together in the exploit chain to spread Chinese Chopper web shells on the targeted servers. According […]
Some things never grow old. In the world of security providers, there will always be a lack of professionals, time, and real-deal vendors, while you will always face an abundance of risks, complexity, and cost pressure. However, there are some less obvious challenges that impede the growth and scalability of your MSSP or MDR. Letās […]
What Is Initial Access? MITRE ATT&CKĀ® Initial Access Tactic | TA0001 Some MITRE ATT&CK tactics require special attention from security experts, and Initial Access is one of them. Because if attackers donāt break in, they wonāt be able to take their kill chain to another level.Ā Earlier this year, Microsoft paid $13.7 million in bug […]
The process of stealing data from a corporate system is also known as exfiltration. MITRE ATT&CKĀ® has dedicated an entire tactic to illegal copying, downloading, and transferring of organizationsā internal data with significant levels of sensitivity. Data exfiltration examples can be quite obvious, like copying files to a thumb drive; and quite stealthy, like DNS […]
The malware called OriginLogger is advertised as a compelling RAT with a user-friendly web panel, smart logger, and a powerful keyboard hook. OriginLogger malware description also details the multiple language support feature. The malware strain is designed to run on Windows-based operating systems. The OriginLogger RAT was recommended as a substitution for another infamous keystroke […]
A China-backed crime ring tagged Bronze President launched a campaign targeting government officials in Europe, the Middle East, and South America leveraging PlugX malware ā the backdoor popular among Chinese hacker gangs. According to the researchers, the major objective of the threat group is espionage. Detect PlugX Malware SOC Prime delivers Threat Hunting & Cyber […]
The method of a secure cryptographic key exchange was introduced by Whitfield Diffie and Martin Hellman in 1976. Cool thing about the public and private key pair is that the decryption key cannot be deciphered in any way from an encryption key.Ā This feature is exactly whatās exploited by ransomware actors who encrypt data and […]
Lazarus Group, also known as APT38, Dark Seoul, Hidden Cobra, and Zinc, has garnered a reputation as a highly-qualified and well-funded state-sponsored cluster of criminal hackers, wreaking havoc since 2009. In the most recent campaign, Lazarus deployed novel MagicRAT malware after exploiting vulnerabilities in VMWare Horizon platforms, such as a high-profile Log4j flaw. The notorious […]