At the end of summer, 2024, the FBI, Department of Defense, and CISA issued a joint advisory warning cybersecurity experts of a rise in operations by Iran-affiliated adversaries known as Pioneer Kitten. The U.S. cybersecurity authoring agencies in collaboration with international partners have recently issued another advisory AA24-290A covering the increasing activity of Iranian threat […]
Hard on the heels of a new wave of cyber-attacks by UAC-0050 involving cyber espionage and financial thefts and relying on a diverse number of tools, including MEDUZASTEALER, another suspicious activity comes to the spotlight in the Ukrainian cyber threat arena. CERT-UA recently launched a new alert covering spoofed phishing attacks spreading MEDUZASTEALER via Telegram […]
In the face of increasingly sophisticated cyber threats, security service providers such as MSSPs and MDRs strive to enhance threat detection capabilities while scaling their businesses. Managing detection rules across multiple security solutions in the environments of current and potential clients poses a significant challenge to service providers as they must align their service capabilities […]
The UAC-0050 hacking collective notorious for its long-standing offensive operations against Ukraine steps back into the cyber threat arena. CERT-UA researchers have long been investigating the group’s activity, which primarily focuses on three key directions, including cyber espionage and financial theft, along with information and psychological operations tracked under the “Fire Cells Group” brand. Financially […]
Amid a spike in cyber-espionage efforts by North Korean APT groups targeting Southeast Asia under the SHROUDED#SLEEP campaign, cybersecurity experts are raising alarms about a parallel wave of attacks orchestrated by Iran-affiliated hackers. This newly discovered campaign focuses on spying on organizations across the UAE and Gulf regions. Known as Earth Simnavaz APT (also referred […]
Reaching Security Compliance Milestone for the Fourth Year in a Row We are excited to share that SOC Prime has successfully passed the SOC 2 Type II audit once again, conducted by I.S. Partners, LLC—a top-tier internal controls attestation firm accredited by the PCI Council as a Qualified Security Assessor. SOC 2® compliance, recognized as […]
North Korea-affiliated APT groups have consistently ranked among the most active adversaries over the past decade. This year, security experts have observed a significant uptick in their malicious operations, driven by enhanced toolsets and an expanded range of targets. In August 2024, North Korean hackers bolstered their arsenal with the MoonPeak Trojan. A month earlier, […]
Detection Content Creation, Submission & Release In September, the Threat Bounty Program experienced significant growth, with more submissions of detection rules for verification and a higher number of successful releases of the Threat Bounty rules to the SOC Prime Platform. We remain committed to ensuring that all members of the Threat Bounty Program make the […]
Efficiency and collaboration are essential in cybersecurity. As part of the SOC Prime Platform, Uncoder AI is a a professional IDE & co-pilot for detection engiennering to streamline content creation and threat detection rule contribution. For those participating in the Threat Bounty Program, this tool makes it easier to contribute detection rules, collaborate with experts, […]
The nefarious state-sponsored russia-aligned Gamaredon (aka Hive0051, UAC-0010, or Armageddon APT) has been launching a series of cyber-espionage campaigns against Ukraine since 2014, with cyber attacks intensifying since russia’s full-scale invasion of Ukraine on February 24, 2022. ESET recently published an in-depth technical analysis, providing insights into Gamaredon’s cyber-espionage operations against Ukraine throughout 2022 and […]