New community rule by Ariel Millahuel that enables detection of Buer loader is available on Threat Detection Marketplace: https://tdm.socprime.com/tdm/info/5F93tXFdZmx9/ Buer is a modular loader that was first spotted at the end of last summer and since then this malware has been actively promoted on the underground marketplaces. Proofpoint researchers tracked multiple campaigns spreading Buer loader, […]
SOC Prime is presenting another interview with a participant of the SOC Prime Threat Bounty Developer Program (https://my.socprime.com/en/tdm-developers). We want to introduce to you Den Iuzvyk who published 60+ community rules of the highest quality and detection value during six months of his participation in the Threat Bounty Program. Read more interviews with content developers […]
SOC Prime brings to your attention a small digest of the latest community rules developed by participants of the Threat Bounty Program (https://my.socprime.com/en/tdm-developers). The digest includes 5 rules that help to detect Trojans and Hidden Tear Ransomware. In the future, we will continue to publish such selections of content to detect specific threat actors or […]
āThe Suspicious Command Line Contains Azure TokenCache.dat as Argumentā community rule by the SOC Prime team is available at Threat Detection Marketplace: https://tdm.socprime.com/tdm/info/MzSiYeDJ9PvW/ The TokenCache.dat file contains the AccessKey for the current session and is stored as a plaintext JSON file. Any manipulations with this file via the command line may indicate an attempt to steal […]
+30% bonus on Threat Bounty Payout for March and Steady Income Generation on Threat Research in times of WFH and COVID19 āWe are witnessing the cyber security industry transformation. Software has progressed from waterfall and kanban to agile processes and CI/CD. The discipline of threat detection engineering has evolved too. This became possible due to […]
We present to your attention new interview with the participant in SOC Primeās Developer Program (https://my.socprime.com/en/tdm-developers). Meet Osman Demir. Tell us a bit about yourself and your experience in threat-hunting. Hello, I’m Osman Demir. I live in Istanbul, Turkey, and Iām 25 years old. I finished my education in Computer Engineering in 2017, and I […]
We took another interview with one of the participants in SOC Primeās Developer Program (https://my.socprime.com/en/tdm-developers). We want to introduce to you Ariel Millahuel. Ariel, could you please introduce yourself and tell us about your Threat Hunting experience? I’m Ariel Millahuel from Buenos Aires, Argentina and I’m 30 years old. I started in the Threat Hunting […]
We continue our series of interviews with participants of the Developer Program (https://my.socprime.com/en/tdm-developers), threat hunters and cybersecurity enthusiasts to introduce you to these wonderful people who are searching the web for relevant threats and create unique content for their detection. Meet SOC Primeās Senior Threat Hunting Engineer – Adam Swan. Adam, tell us a bit […]
MeetĀ Nate Guagenti Over a decade, Nate has both deployed and engineered network and endpoint SIEMs that have scaled to multiple-TB/day of ingest, while simultaneously using and training others on the deployed solution. As Nate has worked in all facets of IT, he adds the unique experience of someone who has performed both endpoint and network […]
We keep interviewing the developers of our Threat Bounty ProgramĀ (https://my.socprime.com/en/tdm-developers) to encourage cybersecurity professionals to develop more Sigma rules, share their threat-detection content and build a stronger community. The previous interview is here https://socprime.com/blog/interview-with-developer-florian-roth/ Meet Thomas Patzke Thomas is one of the most inspiring experts in the cybersecurity community who has 13+ years of […]