Ransomware is a number one threat posing a significant menace to security defenders worldwide, with the attack trend constantly growing throughout 2021-2022. Recently, security experts revealed a massive QakBot malware campaign increasingly targeting U.S.-based vendors to deliver Black Basta ransomware. During the last decade of November 2022, at least 10 businesses in the United States […]
Security experts warn of the notorious stealthy malware dubbed BatLoader, which has been increasingly infecting instances worldwide over the last few months. The notorious threat acts as a malware downloader dropping a variety of malicious payloads on the victims’ systems. During the latest campaigns, BatLoader has been observed delivering banking Trojans, ransomware samples, information stealers, […]
The infamous China-linked Earth Preta (aka Mustang Panda, Bronze President, TA416) APT group has been attributed to a wave of spear-phishing attacks against global organizations in multiple industry sectors, including government institutions, primarily in Asia Pacific regions. Cybersecurity researchers have observed that threat actors abused fake Google accounts to spread different strains of malware, including […]
We are thrilled to announce our Cyber Monday promotion to help our committed SOC Prime users enhance their cyber defense capabilities. As part of this special offer, each SOC Prime user who purchases our On Demand subscription gains a brilliant opportunity to receive an exclusive Cyber Monday offer for 20% more premium detection content on […]
Since the outbreak of the global cyber war, cyber attacks against Ukraine and its allies leveraging info-stealers and malicious payloads have been causing a stir in the cyber threat arena. In the latest cyber attack on the Ukrainian organization, threat actors have applied a diverse offensive toolkit, including the Vidar info-stealer and the notorious Cobalt […]
October ‘22 Publications In October, the members of Threat Bounty Program actively contributed detections for critical emerging threats. After the SOC Prime validation, 256 detections were successfully released on the Platform and thus were included into monetization based on the client’s activities. Read Blog Explore Detections However, 375 rules were rejected to be published. SOC […]
The russia-linked Armageddon APT aka Gamaredon or UAC-0010 has been launching a series of cyber attacks on Ukraine since the outbreak of the global cyber war. On November 8, 2022, CERT-UA released the latest alert detailing the ongoing spearphishing campaign of this russia-backed cyber-espionage hacking collective, in which adversaries massively distribute spoofed emails masquerading as […]
The Black Basta ransomware group emerged in the cyber threat arena in April 2022. Although the hacking collective can be considered relatively new to the cyber offensive domain, they have already gained a notorious reputation for rapidly evolving its adversary toolkit and adapting more sophisticated tools. Cybersecurity researchers tie the latest activity of Black Basta […]
Due to a constantly evolving number of vulnerabilities affecting open-source software products, proactive detection of vulnerability exploitation remains one of the most common security use cases according to the latest SOC Prime’s Detection as Code Innovation report. At the turn of November 2022, a couple of new vulnerabilities in the OpenSSL software library identified as […]
Another day, another exploit emerges in the wild to cause a headache for security practitioners. VMware warns of a public exploit code available for a recently-patched critical remote code execution (RCE) vulnerability (CVE-2021-39144) in VMware Cloud Foundation and NSX Manager. Leveraging this flaw, unauthenticated threat actors might execute the malicious code with the highest system […]