Tag: Roman Ranskyi

Interview with Developer: Roman Ranskyi

Today, we want to introduce to our readers one of the detection content authors whose name you can see on the SOC Prime Threat Detection Marketplace Leaderboards. Meet Roman Ranskyi, Threat Hunting/Content Developer Engineer at SOC Prime. Read about Threat Bounty Program  – https://my.socprime.com/tdm-developers   More interviews with Threat Bounty Program developers – https://socprime.com/tag/interview/ Roman, […]

Read More
Threat Hunting Rules: Possible C2 Connection via DoH

It’s been a year since the first malware timidly exploited DNS-over-HTTPS (DoH) to retrieve the IPs for the command-and-control infrastructure. Security researchers had already warned that this could be a serious problem and started to look for a solution that would help detect such malicious traffic. More and more malware has been switching to DoH […]

Read More