Tag: MITRE ATT&CK

SOC Prime presents at the Tenth EU MITRE ATT&CK® Community Workshop
SOC Prime to Present at the Tenth EU MITRE ATT&CK® Community Workshop

We are thrilled to announce SOC Prime’s participation in the Tenth EU MITRE ATT&CK® Community Workshop taking place in Brussels on 7 October 2022. The upcoming event will host cybersecurity professionals around the globe who will provide insights into best industry practices and share their unique use cases of leveraging the MITRE ATT&CK framework for […]

Read More
What Is Data Exfiltration? MITRE ATT&CK® Exfiltration Tactic | TA0010

The process of stealing data from a corporate system is also known as exfiltration. MITRE ATT&CK® has dedicated an entire tactic to illegal copying, downloading, and transferring of organizations’ internal data with significant levels of sensitivity. Data exfiltration examples can be quite obvious, like copying files to a thumb drive; and quite stealthy, like DNS […]

Read More
What Is the MITRE ATT&CK® Framework? Getting Started with ATT&CK

MITRE ATT&CK® is a framework for threat-informed cybersecurity defense and public knowledge base of adversarial tactics, techniques, and procedures (TTPs) based on real examples observed in the wild. It also includes a wealth of metadata such as possible detections, mitigations, data sources, platforms, system requirements, associated groups, references, and more. The ATT&CK content is published […]

Read More
Cisco Security Breach
Cisco Hacked by Yanluowang: Detect Relevant Malicious Activity With Sigma Rules Kit

On August 10, 2022, Cisco officially confirmed its corporate network hack by the Yanluowang ransomware group earlier this year. The tech giant claims that the breach was reported internally on May 24 and was further investigated by Cisco Security Incident Response (CSIRT) team. This Cisco’s security incident made the headlines after the Yanluowang threat actors […]

Read More
Luca Stealer Malware
Luca Malware Detection: Novel Infostealer Grabs The Headlines

A new infostealer is getting traction after its source code was shared earlier this month on cybercrime forums. Researchers suggest that the malware developers took this step as a marketing ploy to build a reputation and increase future sales. The malware developer has also included instructions on how to edit this Rust-based stealer and compile […]

Read More
Detection as Code
Detection as Code Benefits: On Embracing The Future of Cyber Defense to Fuel Your Next-Gen SOC

Over the course of the past decade, we have field-tested the argument that manual threat detection processes can no longer keep up with the current security demands. It has already been adamantly established that an era of Everything as Code (EaC) is a new reality, and security teams seeking innovation are putting its novel approaches […]

Read More
Syslogk Linux Rootkit
Syslogk Linux Rootkit Detection: Novel Malware Used in the Wild

New kernel rootkit named Syslogk is getting traction, terrorizing the Linux OS users. The novel rootkit malware is believed to be based on another Linux rootkit dubbed Adore-Ng – a loadable module used to infect the Linux OS kernel. While Syslogk’s operators are currently invested in its development, enhancing the functionality of the new rootkit, […]

Read More
SOC Prime Cyber Threats Search Engine Now Includes Comprehensive MITRE ATT&CK® Visualization

Instantly Explore the Latest Trends and Adjust Search Results to Illustrate ATT&CK Tactics and Techniques Most Relevant to Your Threat Profile SOC Prime recently released the industry-first search engine for Threat Hunting, Threat Detection, and Cyber Threat Intelligence allowing InfoSec professionals to discover comprehensive cyber threat information including relevant Sigma rules instantly convertible to 25+ […]

Read More
SOC PRIME TO PRESENT AT NINTH EU MITRE ATT&CK® COMMUNITY WORKSHOP

SOC Prime is thrilled to participate in the Ninth EU MITRE ATT&CK® Community Workshop taking place in Brussels, June 2, 2022. The upcoming event will host security practitioners and offer insights into the latest updates to the MITRE ATT&CK framework for enhanced cyber defense. The program includes a series of peer sessions and informative presentations […]

Read More
Lateral Movement Tactic | TA0008

Overview and Analysis, Top Data Sources, and Relevant Sigma Rules to Detect Lateral Movement SOC Prime operates the world’s largest and most advanced platform for collaborative cyber defense that enables threat-centric selection of detection content backed by particular adversary tactics, techniques, and sub-techniques as per the MITRE ATT&CK® framework v.10. In this blog article, we […]

Read More