December ‘22 Publications During the last month of the year 2022, Threat Bounty developers managed to submit 441 rules to review by SOC Prime Team for a chance of publication to the Platform for monetization. The submitted rules were reviewed by a team of seasoned engineers, and based on the collective decisions, 126 rules were […]
November ‘22 Publications During the previous month, members of Threat Bounty community submitted 433 rules for publication to the SOC Prime Platform. A number of rules were automatically rejected on the stage of automated checks because of structure, syntax, logic mistakes, or content duplication and were not sent to review by SOC Prime experts. In […]
October ‘22 Publications In October, the members of Threat Bounty Program actively contributed detections for critical emerging threats. After the SOC Prime validation, 256 detections were successfully released on the Platform and thus were included into monetization based on the client’s activities. Read Blog Explore Detections However, 375 rules were rejected to be published. SOC […]
September ‘22 Publications In September, members of the Threat Bounty Community submitted 441 rules for review by the SOC Prime team via the Developer Portal and Sigma rules Slack Bot. However, only 183 rules have successfully passed the verification and were approved for publication on the SOC Prime Platform. When creating new rules and submitting […]
August ‘22 Publications In August, 151 Sigma rules submitted by Threat Bounty Program members passed the SOC Prime acceptance validation and were released on the SOC Prime Platform. Totally, 313 rules were declined during the review’s first iteration for different reasons, including content quality, the detection value of the suggested code, full of partial duplication […]
Ransomware operators constantly seek lucrative and feasible extortion opportunities, affecting a wide array of organizations across industries. One of the latest examples of successful breaches is the Vice Society gang’s attack against the Los Angeles Unified School District that happened over the Labor Day weekend. The attack caused widespread disruption, affecting several information management systems. […]
Security researchers are raising the alarm on a new Mirai botnet variant dubbed MooBot that targets D-Link devices. The novel threat employs multiple exploitation techniques. MooBot first surfaced in 2019, hijacking LILIN digital video recorders and Hikvision video surveillance products and co-opting them into a family of denial-of-service bots. Detect MooBot To detect the signature […]
Researchers warn of a new ransomware family: a novel strain called Agenda sails in, targeting healthcare and education entities. Similar to another emerging piece written in Go language (aka Golang) dubbed BianLian, this cross-platform threat is gaining popularity with affiliates for its versatility and easy-to-tweak elements of the campaign, including encryption extension, personalized ransomware note […]
A novel attack framework called “Manjusaka” is currently making rounds in the wild. The name “Manjusaka,” which means “cow flower,” is far from denoting the high level of offense potential the attack framework bears. Deriving from ample evidence, the campaign operators behind this malware family are believed to be China-based. Developers of Manjusaka have designed […]
Amadey Bot, a notorious malware strain that first came to the cyber threat arena in 2018, is capable of stealing data and deploying other malicious payloads on the compromised system. It has been actively distributed across hacker forums to engage in offensive operations. Cybersecurity researchers have recently observed the distribution of a new version of […]