On June 16, 2023, CERT-UA researchers issued a new alert covering the recently discovered malicious activity targeting the National Defense University of Ukraine, named after Ivan Cherniakhovskyi, the country’s leading military educational institution. In this ongoing campaign, threat actors spread PicassoLoader and Cobalt Strike Beacon on the compromised systems via a malicious file containing a […]
Since russia’s full-scale invasion of Ukraine, the aggressor’s offensive forces have launched an avalanche of cyber-espionage campaigns against Ukraine and its allies, mainly targeting government agencies and frequently leveraging the phishing attack vector. The infamous hacking collective dubbed Shuckworm (Armageddon, Gamaredon), which is known to have links with russia’s FSB, has been observed behind a […]
Since the outbreak of russia’s full-scale invasion of Ukraine, the aggressor has been targeting multiple cyber attacks against Ukraine and its allies, with a growing number of state-sponsored hacking collectives emerging and resurfacing in the cyber threat arena. During the conflict, russia’s offensive forces have launched over 2,100 attacks with disparate levels of sophistication and […]
As we continue to tell about our keen members of SOC Prime’s Threat Bounty community sharing stories about their professional growth and extending their expertise to developing rules contributing to global cyber defense, today we introduce Mehmet Kadir CIRIK, who joined the program in January 2023 and has been actively contributing his detections since then. […]
It has already become a good tradition in SOC Prime when Threat Bounty members share stories about their professional paths and their experience and achievements with Threat Bounty. Today we are here with Aung Kyaw Min Naing, who joined the program in June 2022 and has already proven himself as an active contributor to the […]
Threat Bounty Publications In May, members of the Threat Bounty community submitted 426 rules for a chance of publication to the SOC Prime Platform for monetization. After consideration and validation by SOC Prime’s team, 81 detections were successfully published. Explore Detections We are happy to report that the information provided during the Threat Bounty Developer […]
Just a couple of weeks ago, CERT-UA raised awareness among the global cyber defender community about an ongoing cyber-espionage campaign targeting Ukraine and organizations in Central Asia linked to the UAC-0063 group. In early June, CERT-UA researchers issued another alert covering the long-term cyber-espionage activity mainly exploiting the email attack vector and targeting Ukrainian government […]
Embrace Your Cyber Defense Arsenal: Choose a Tool Tailored for Your Unique Cyber Defense Journey SOC Prime equips every cyber defender with a global threat detection platform for collective cyber defense. To help cyber defenders drive immediate value from SOC Prime Platform based on their current security needs, SOC Prime has launched a new three-pronged […]
Hot on the heels of the maximum severity flaw in GitLab software known as CVE-2023-2825, another critical vulnerability comes to the scene, creating a significant buzz in the cyber threat landscape. At the turn of June 2023, Progress Software uncovered a critical vulnerability in MOVEit Transfer that can lead to privilege escalation and instantly issued […]
Hot on the heels of the massive phishing attacks launched by UAC-0006 at the beginning of May 2023, CERT-UA warns cyber defenders of a new wave of cyber attacks resulting in SmokeLoader infections. The latest investigation indicates that adversaries increasingly spread phishing emails with financial subject lures and use ZIP/RAR attachments to drop malicious samples […]