The infamous China-linked Earth Preta (aka Mustang Panda, Bronze President, TA416) APT group has been attributed to a wave of spear-phishing attacks against global organizations in multiple industry sectors, including government institutions, primarily in Asia Pacific regions. Cybersecurity researchers have observed that threat actors abused fake Google accounts to spread different strains of malware, including […]
We are thrilled to announce our Cyber Monday promotion to help our committed SOC Prime users enhance their cyber defense capabilities. As part of this special offer, each SOC Prime user who purchases our On Demand subscription gains a brilliant opportunity to receive an exclusive Cyber Monday offer for 20% more premium detection content on […]
Since the outbreak of the global cyber war, cyber attacks against Ukraine and its allies leveraging info-stealers and malicious payloads have been causing a stir in the cyber threat arena. In the latest cyber attack on the Ukrainian organization, threat actors have applied a diverse offensive toolkit, including the Vidar info-stealer and the notorious Cobalt […]
October ā22 Publications In October, the members of Threat Bounty Program actively contributed detections for critical emerging threats. After the SOC Prime validation, 256 detections were successfully released on the Platform and thus were included into monetization based on the clientās activities. Read Blog Explore Detections However, 375 rules were rejected to be published. SOC […]
The russia-linked Armageddon APT aka Gamaredon or UAC-0010 has been launching a series of cyber attacks on Ukraine since the outbreak of the global cyber war. On November 8, 2022, CERT-UA released the latest alert detailing the ongoing spearphishing campaign of this russia-backed cyber-espionage hacking collective, in which adversaries massively distribute spoofed emails masquerading as […]
The Black Basta ransomware group emerged in the cyber threat arena in April 2022. Although the hacking collective can be considered relatively new to the cyber offensive domain, they have already gained a notorious reputation for rapidly evolving its adversary toolkit and adapting more sophisticated tools. Cybersecurity researchers tie the latest activity of Black Basta […]
Due to a constantly evolving number of vulnerabilities affecting open-source software products, proactive detection of vulnerability exploitation remains one of the most common security use cases according to the latest SOC Primeās Detection as Code Innovation report. At the turn of November 2022, a couple of new vulnerabilities in the OpenSSL software library identified as […]
Another day, another exploit emerges in the wild to cause a headache for security practitioners. VMware warns of a public exploit code available for a recently-patched critical remote code execution (RCE) vulnerability (CVE-2021-39144) in VMware Cloud Foundation and NSX Manager. Leveraging this flaw, unauthenticated threat actors might execute the malicious code with the highest system […]
With crypto mining attacks significantly increasing over the past couple of years, increasing awareness of cryptojacking is of paramount importance. Cybersecurity researchers have recently uncovered a massive cryptojacking campaign abusing free CI/CD service providers, with over 30 GitHub, 2,000 Heroku, and 900 Buddy accounts compromised. Dubbed PURPLEURCHIN, the malicious operation applies sophisticated obfuscation techniques and […]
Independent Audit Once Again Verifies SOC Primeās Compliance with the SOC 2Ā® Requirements We are thrilled to announce that SOC Prime has once again successfully completed the SOC 2 Type II audit conducted by I.S. Partners, LLC, one of the industry-leading internal controls attestation firms certified by the PCI Council as a Qualified Security Assessor. […]