Tag: Detection Content

Stop Russia’s DDoS Protection: SOC Prime Appeals to US Tech Leaders to Prevent Aggressors From Spreading Misinformation
Stop Russia’s DDoS Protection: SOC Prime Appeals to US Tech Leaders to Prevent Aggressors From Spreading Misinformation

On February 24, 2022, Russia launched a full-scale invasion of Ukraine. Russia has called this a “Special Military Operation” for peacekeeping aimed at the “Liberation of Ukraine”. The facts illustrate something altogether different as destruction has been massive and civilian populations have suffered greatly. The war has cost the lives of 2,000 civilians, and the […]

Read More
FoxBlade Trojan Detection: Microsoft Reveals New Destructive Malware Targeting Ukrainian Infrastructure
FoxBlade Trojan Detection: Microsoft Reveals New Destructive Malware Targeting Ukrainian Infrastructure

On February 23, 2022, prior to Russia’s offensive invasion of Ukraine, a new surge of digital threats hit Ukraine just a short period after an avalanche of cyber-attacks involving data-wiping WhisperGate and HermeticWiper malware strains targeted at Ukrainian entities. Microsoft Security Intelligence Center discovered a series of attacks leveraging a novel FoxBlade malware targeting multiple […]

Read More
The World Joins the Full-Scale Cyber War as Russia Invades Ukraine
The World Joins the Full-Scale Cyber War as Russia Invades Ukraine

Collaborative Cyber Defense: Fueling the Fight to Combat Threats of Any Scale As we all now know, on February 24, 2022, the Russian Federation started an offensive invasion of Ukraine by land, air, and sea. The hostilities have now been ongoing for almost a week with Russian tanks rolling into Ukrainian territory and its missiles […]

Read More
HermeticWiper Malware Detection: CISA and FBI Advisory Warns of New Destructive Cyber-Attacks Targeting Ukrainian Organizations
HermeticWiper Malware Detection: CISA and FBI Advisory Warns of New Destructive Cyber-Attacks Targeting Ukrainian Organizations

On January 13, 2022, a devastating cyber-attack hit Ukraine, taking down online assets of the country’s government, in which attackers took advantage of a new data-wiping malware known as WhisperGate. Hard on the heels of this impactful incident, on February 23, cybersecurity analysts revealed another destructive malware targeting Ukrainian organizations dubbed HermeticWiper. This newly discovered […]

Read More
Cyclops Blink Malware Used by Sandworm APT Group Replaces VPNFilter As Reported by CISA
Cyclops Blink Malware Used by Sandworm APT Group Replaces VPNFilter As Reported by CISA

On February 23, 2022, CISA launched an alert stating that the UK National Cyber Security Centre (NCSC), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have detected the use of a novel malicious strain known as Cyclops Blink. As a replacement of the […]

Read More
BlackByte Ransomware Detection: New Wake-Up Call
BlackByte Ransomware Detection: New Wake-Up Call

The Federal Bureau of Investigation (FBI) and the U.S. Secret Service (USSS) released a joint cybersecurity advisory in regards to the activities of the BlackByte Ransomware-as-a-Service (RaaS) gang. BlackByte ransomware has been used against the businesses located in the USA as the primary targets. The greatest costs fall heavily on the critical infrastructure sectors such […]

Read More
TunnelVision APT Group Exploits the Log4j
TunnelVision APT Group Exploits the Log4j

One of the most notorious exploits of 2021 made its loud entrance in the cybersecurity world in December, and now Log4Shell is back on the radar: Iran-linked TunnelVision APT did not let it rest in peace, striking with profiteering from VMware Horizon Log4j vulnerabilities, along with large-scale exploitation of Fortinet FortiOS (CVE-2018-13379) and Microsoft Exchange […]

Read More
Interview with Threat Bounty Developer: Furkan Celik
Interview with Threat Bounty Developer: Furkan Celik

Our Threat Bounty community keeps growing and attracting more and more distinguished specialists in detection content development. This time, we want to introduce to you Furkan Celik – a senior security analyst in banking and one of our active contributors. Furkan has been with us since December 2019. He wrote precise detections that help to […]

Read More
SOC Prime Threat Bounty — January 2022 Results
SOC Prime Threat Bounty — January 2022 Results

January ‘22 Results In January 2022, Threat Bounty content authors successfully submitted 178 unique detections to the SOC Prime Platform.  179 rules failed the verification by SOC Prime Team and couldn’t have been improved to match our content quality requirements. Also, a significant number of rules went through several iterations of SOC Prime Team review […]

Read More
Russian Nation-Backed Adversaries are Targeting the US Government Contractors: CISA Warning
Russian Nation-Backed Adversaries are Targeting the US Government Contractors: CISA Warning

On February 16, 2022, Cybersecurity and Infrastructure Security Agency (CISA) disclosed the latest intelligence information about Russia-linked cyber-attacks on the US Cleared Defense Contractors (CDCs) that have been in operation for at least two years now. The targeted CDCs had access to a variety of sensitive data sources, including weapons development, surveillance data, communication lines, […]

Read More