Tag: MITRE ATT&CK

Driving Business Growth in Turbulent Times from the Perspective of SOC Prime’s CEO: Part II
Driving Business Growth in Turbulent Times from the Perspective of SOC Prime’s CEO: Part II

How Fusing Sigma & MITRE ATT&CK® Empowers Collective Cyber Defense to Gain a Competitive Advantage in the Global Cyber War This article is based on the original interview conducted by AIN.UA and covered in the corresponding article.   In this second part of the interview with SOC Prime’s Founder, CEO, and Chairman, Andrii Bezverkhyi, we’ll provide […]

Read More
How SOC Prime Helps Ukraine Defend in a Global Cyber War
Driving Business Growth in Turbulent Times from the Perspective of SOC Prime’s CEO: Part I

Agents of S.H.I.E.L.D.: How SOC Prime Helps Ukraine Thwart Aggressor’s Cyber Attacks This article is based on the interview conducted by our partner AIN.UA and covered in the corresponding article. In this write-up within a series covering SOC Prime’s Business Continuity Plan (BCP), SOC Prime’s Founder, CEO, and Chairman, Andrii Bezverkhyi, shares insights about the […]

Read More
SOC Prime Platform now supports MITRE ATT&CK v12
SOC Prime Platform Now Supports the MITRE ATT&CK® Framework v12 

MITRE ATT&CK is a globally-accessible knowledge base leveraged by all cyber defenders no matter their role in cybersecurity and the technology stack in use. Acting as a periodic table, the MITRE ATT&CK framework enables cybersecurity experts to profile, identify, and compare threat actors, while setting priorities for threat detection goals. Leveraging MITRE ATT&CK, the global […]

Read More
SOC Prime presents at the Tenth EU MITRE ATT&CK® Community Workshop
SOC Prime to Present at the Tenth EU MITRE ATT&CK® Community Workshop

We are thrilled to announce SOC Prime’s participation in the Tenth EU MITRE ATT&CK® Community Workshop taking place in Brussels on 7 October 2022. The upcoming event will host cybersecurity professionals around the globe who will provide insights into best industry practices and share their unique use cases of leveraging the MITRE ATT&CK framework for […]

Read More
What Is Data Exfiltration? MITRE ATT&CK® Exfiltration Tactic | TA0010

The process of stealing data from a corporate system is also known as exfiltration. MITRE ATT&CK® has dedicated an entire tactic to illegal copying, downloading, and transferring of organizations’ internal data with significant levels of sensitivity. Data exfiltration examples can be quite obvious, like copying files to a thumb drive; and quite stealthy, like DNS […]

Read More
What Is the MITRE ATT&CK® Framework? Getting Started with ATT&CK

MITRE ATT&CK® is a framework for threat-informed cybersecurity defense and public knowledge base of adversarial tactics, techniques, and procedures (TTPs) based on real examples observed in the wild. It also includes a wealth of metadata such as possible detections, mitigations, data sources, platforms, system requirements, associated groups, references, and more. The ATT&CK content is published […]

Read More
Cisco Security Breach
Cisco Hacked by Yanluowang: Detect Relevant Malicious Activity With Sigma Rules Kit

On August 10, 2022, Cisco officially confirmed its corporate network hack by the Yanluowang ransomware group earlier this year. The tech giant claims that the breach was reported internally on May 24 and was further investigated by Cisco Security Incident Response (CSIRT) team. This Cisco’s security incident made the headlines after the Yanluowang threat actors […]

Read More
Luca Stealer Malware
Luca Malware Detection: Novel Infostealer Grabs The Headlines

A new infostealer is getting traction after its source code was shared earlier this month on cybercrime forums. Researchers suggest that the malware developers took this step as a marketing ploy to build a reputation and increase future sales. The malware developer has also included instructions on how to edit this Rust-based stealer and compile […]

Read More
Detection as Code
Detection as Code Benefits: On Embracing The Future of Cyber Defense to Fuel Your Next-Gen SOC

Over the course of the past decade, we have field-tested the argument that manual threat detection processes can no longer keep up with the current security demands. It has already been adamantly established that an era of Everything as Code (EaC) is a new reality, and security teams seeking innovation are putting its novel approaches […]

Read More
Syslogk Linux Rootkit
Syslogk Linux Rootkit Detection: Novel Malware Used in the Wild

New kernel rootkit named Syslogk is getting traction, terrorizing the Linux OS users. The novel rootkit malware is believed to be based on another Linux rootkit dubbed Adore-Ng – a loadable module used to infect the Linux OS kernel. While Syslogk’s operators are currently invested in its development, enhancing the functionality of the new rootkit, […]

Read More