Hot on the heels of the massive email distribution in the recent malicious campaign targeting Ukrainian state bodies and leveraging Remcos (Remote Control and Surveillance) Trojan, threat actors exploit another remote administration software dubbed Remote Utilities to hit Ukrainian organizations. CERT-UA warns the global cyber defender community of ongoing phishing attacks attributed to the UAC-0096 […]
Building Team Resilience and Fortitude While Facing the Challenges of Wartime: Insights from a Shared Experience In this second part of the interview with SOC Primeās Director of People and Culture, Marina Aksyonova, weāll gain insights into how the company supports its people and helps the team adapt to current challenges and how the business […]
Remcos Trojan (Remote Control and Surveillance) is frequently delivered by threat actors leveraging phishing attack vectors. The malware currently reemerges in the cyber threat arena to target Ukrainian government entities. On February 6, 2023, cybersecurity researchers released a new CERT-UA#5926 alert detailing the mass email distribution impersonating the Ukrtelecom JSC aimed to spread Remcos malware […]
Since the outbreak of the global cyber war, state bodies of Ukraine and its allies have become targets of diverse malicious campaigns launched by multiple hacking collectives. Threat actors frequently leverage phishing attack vectors to perform their adversary campaigns, like in December 2022ās cyber attacks distributing DolphinCape and FateGrab/StealDeal malware. On February 1, 2023, CERT-UA […]
SOC Primeās International Team: Bridging the Gap Between Time Zones and Languages With a Common Flair for Cybersecurity, Innovation, and Resilience At the turn of 2023, we launched a series of articles covering SOC Primeās Business Continuity Plan (BCP) to share insights on how the company accelerates business growth no matter the hurdles in the […]
The russia-linked Sandworm APT group (aka UAC-0082) has been continuously targeting Ukrainian public systems and critical infrastructure for at least a decade. This group is responsible for massive blackouts throughout the country in 2015-2016 caused by the infamous BlackEnergy malware. That was followed by the NotPetya campaign in 2017, which eventually ended up creating a […]
Security experts have shed light on a novel malicious sample hiding in the malicious arena, an evasive stealer dubbed Rhadamanthys. The malware is commonly distributed via Google ads redirecting compromised users to phishing webpages disguised as widely-used legitimate software.Ā Detect Rhadamanthys Malware In view of the increasing popularity of Rhadamanthys stealer being broadly distributed in […]
Insights into How SOC Prime Achieved 100% YoY Growth While Withstanding the Challenges of War and Economic Recession Since russia’s full-scale invasion of Ukraine, SOC Prime has been on the frontline of war helping Ukraine and our customers defend themselves from the aggressorās malicious activity in the cyber domain. Regardless of the challenges, we keep […]
Stay alert! Security researchers are warning the global cyber defender community of a zero-day vulnerability in FortiOS SSL-VPN, which was patched in December 2022. The security flaw tracked as CVE-2022-42475 and resulting in unauthenticated remote code execution (RCE) has been exploited in targeted attacks against government agencies and large organizations across the globe. Detect CVE-2022-42475: […]
No matter the holiday season, adversaries have no vacation inventing new malicious tricks to target unsuspecting victims. Last week, security researchers uncovered an enhanced variant of the worm-like Raspberry Robin malware dropper leveraged to target financial and insurance companies across European countries. Experts specifically note that Rasperry Robin received a significant upgrade, including complex obfuscation […]