How Fusing Sigma & MITRE ATT&CK® Empowers Collective Cyber Defense to Gain a Competitive Advantage in the Global Cyber War This article is based on the original interview conducted by AIN.UA and covered in the corresponding article. In this second part of the interview with SOC Prime’s Founder, CEO, and Chairman, Andrii Bezverkhyi, we’ll provide […]
Agents of S.H.I.E.L.D.: How SOC Prime Helps Ukraine Thwart Aggressor’s Cyber Attacks This article is based on the interview conducted by our partner AIN.UA and covered in the corresponding article. In this write-up within a series covering SOC Prime’s Business Continuity Plan (BCP), SOC Prime’s Founder, CEO, and Chairman, Andrii Bezverkhyi, shares insights about the […]
MITRE ATT&CK is a globally-accessible knowledge base leveraged by all cyber defenders no matter their role in cybersecurity and the technology stack in use. Acting as a periodic table, the MITRE ATT&CK framework enables cybersecurity experts to profile, identify, and compare threat actors, while setting priorities for threat detection goals. Leveraging MITRE ATT&CK, the global […]
We are thrilled to announce SOC Prime’s participation in the Tenth EU MITRE ATT&CK® Community Workshop taking place in Brussels on 7 October 2022. The upcoming event will host cybersecurity professionals around the globe who will provide insights into best industry practices and share their unique use cases of leveraging the MITRE ATT&CK framework for […]
The process of stealing data from a corporate system is also known as exfiltration. MITRE ATT&CK® has dedicated an entire tactic to illegal copying, downloading, and transferring of organizations’ internal data with significant levels of sensitivity. Data exfiltration examples can be quite obvious, like copying files to a thumb drive; and quite stealthy, like DNS […]
MITRE ATT&CK® is a framework for threat-informed cybersecurity defense and public knowledge base of adversarial tactics, techniques, and procedures (TTPs) based on real examples observed in the wild. It also includes a wealth of metadata such as possible detections, mitigations, data sources, platforms, system requirements, associated groups, references, and more. The ATT&CK content is published […]
On August 10, 2022, Cisco officially confirmed its corporate network hack by the Yanluowang ransomware group earlier this year. The tech giant claims that the breach was reported internally on May 24 and was further investigated by Cisco Security Incident Response (CSIRT) team. This Cisco’s security incident made the headlines after the Yanluowang threat actors […]
A new infostealer is getting traction after its source code was shared earlier this month on cybercrime forums. Researchers suggest that the malware developers took this step as a marketing ploy to build a reputation and increase future sales. The malware developer has also included instructions on how to edit this Rust-based stealer and compile […]
Over the course of the past decade, we have field-tested the argument that manual threat detection processes can no longer keep up with the current security demands. It has already been adamantly established that an era of Everything as Code (EaC) is a new reality, and security teams seeking innovation are putting its novel approaches […]
New kernel rootkit named Syslogk is getting traction, terrorizing the Linux OS users. The novel rootkit malware is believed to be based on another Linux rootkit dubbed Adore-Ng – a loadable module used to infect the Linux OS kernel. While Syslogk’s operators are currently invested in its development, enhancing the functionality of the new rootkit, […]