In the dynamic and ever-changing realm of cybersecurity, attackers demonstrate unwavering determination as they continuously come up with innovative techniques to circumvent security measures and infiltrate systems that cannot be easily deemed vulnerable. One such technique that has gained prominence is the Squiblydoo attack. This attack specifically targets the exploitation of legitimate applications or files […]
Cybersecurity researchers warn defenders of yet another phishing campaign dubbed MULTI#STORM, in which hackers abuse JavaScript files to drop RAT malware onto the targeted systems. The MULTI#STORM attack chain contains multiple stages with the final one spreading Quasar RAT and Warzone RAT samples. According to the investigation, in this campaign threat actors have set eyes […]
CVE-2023-23397 is a critical elevation of privilege (EoP) vulnerability in Microsoft Outlook with a CVSS base score of 9.8. It was first disclosed on March 14, 2023, and attributed to APT28, also known as Fancy Bear or Strontium – a threat actor associated with the Russian General Staff Main Intelligence Directorate (GRU). The vulnerability is […]
With the ongoing russian cyber offensive operations targeting Ukraine and its allies, the aggressor is continuously launching cyber-espionage campaigns against state bodies and other organizations representing critical infrastructure. Less than a week after CERT-UA researchers warned of a spike in cyber-espionage attacks by russia-linked Shuckworm group, another nefarious hacking group comes back to the scene. […]
On June 16, 2023, CERT-UA researchers issued a new alert covering the recently discovered malicious activity targeting the National Defense University of Ukraine, named after Ivan Cherniakhovskyi, the country’s leading military educational institution. In this ongoing campaign, threat actors spread PicassoLoader and Cobalt Strike Beacon on the compromised systems via a malicious file containing a […]
Since the outbreak of russia’s full-scale invasion of Ukraine, the aggressor has been targeting multiple cyber attacks against Ukraine and its allies, with a growing number of state-sponsored hacking collectives emerging and resurfacing in the cyber threat arena. During the conflict, russia’s offensive forces have launched over 2,100 attacks with disparate levels of sophistication and […]
On February 24, 2022, a little more than a year ago, the russian federation started an offensive invasion of Ukraine by land, air, and sea. The war escalated in cyberspace as well. As a result, we are now witnessing the first-ever full-fledged cyber war in human history, with multiple offensive counterparts engaged in attacks against […]
It has already become a good tradition in SOC Prime when Threat Bounty members share stories about their professional paths and their experience and achievements with Threat Bounty. Today we are here with Aung Kyaw Min Naing, who joined the program in June 2022 and has already proven himself as an active contributor to the […]
Just a couple of weeks ago, CERT-UA raised awareness among the global cyber defender community about an ongoing cyber-espionage campaign targeting Ukraine and organizations in Central Asia linked to the UAC-0063 group. In early June, CERT-UA researchers issued another alert covering the long-term cyber-espionage activity mainly exploiting the email attack vector and targeting Ukrainian government […]
Embrace Your Cyber Defense Arsenal: Choose a Tool Tailored for Your Unique Cyber Defense Journey SOC Prime equips every cyber defender with a global threat detection platform for collective cyber defense. To help cyber defenders drive immediate value from SOC Prime Platform based on their current security needs, SOC Prime has launched a new three-pronged […]