Tag: Onur Atali

Blue Mockingbird Threat Actor
Telerik UI Vulnerability Exploit Detection: Blue Mockingbird Leverages CVE-2019-18935

Blue Mockingbird cybercrime group has been on the cybersecurity radar for about two years now. In the current campaign, the threat actor exploits the vulnerabilities discovered in 2019 in a popular Telerik UI suite for ASP.NET AJAX that includes around 120 components. The major vulnerability, tracked as CVE-2019-18935 with a critical severity level of 9.8, […]

Read More
Yashma Ransomware
Yashma Ransomware Detection: the Latest Chaos Builder Variant

Chaos graphical user interface (GUI) builder has been on the market for less than a year, allowing adversaries to craft new ransomware strains. A new ransomware variant dubbed Yashma is its 6th version, available from May 2022. Yashma is the most refined version of this GUI ransomware builder that is known for its flexibility and […]

Read More
Cyclops Blink malware
Cyclops Blink Malware Used by Sandworm APT Group Replaces VPNFilter As Reported by CISA

On February 23, 2022, CISA launched an alert stating that the UK National Cyber Security Centre (NCSC), the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), and the Federal Bureau of Investigation (FBI) have detected the use of a novel malicious strain known as Cyclops Blink. As a replacement of the […]

Read More
Threat Bounty
SOC Prime Threat Bounty — September 2021 Results

In April 2019, SOC Prime announced a crowdsourcing initiative to unite the cyber security community to withstand emerging threats. Since the launch of the Threat Bounty Program, SOC Prime welcomed 300+ participants who published 2300+ Sigma rules, 100+ YARA rules, 25+ Snort Rules to Threat Detection Marketplace repository of the SOC Prime Platform.  More than […]

Read More
CVE-2021-22005
Detect Critical VMware vCenter Vulnerability (CVE-2021-22005) Exploitation Attempts

On September 24, 2021, CISA issued an alert warning about multiple exploitation attempts for а critical vulnerability (CVE-2021-22005) in VMware vCenter Server. A heavy number of scans for the vulnerable servers broke forth after the Vietnamese security researcher Jang published an incomplete exploit for CVE-2021-2205. Jang’s technical notes were enough for experienced hackers to produce […]

Read More
interview Onur Atali
Interview with Threat Bounty Developer: Onur Atali

Meet the latest newscast about the SOC Prime Developers community! Today we want to introduce Onur Atali, a keen developer contributing to our Threat Bounty Program since June 2021. Onur is an active content creator, concentrating his efforts on Sigma rules. You can refer to Onur’s detections of the highest quality and value in Threat […]

Read More