On April 18, 2022, CERT-UA issued an alert warning of ongoing cyber-attacks targeting Ukrainian state bodies. According to the research, government officials were exposed to targeted phishing attacks using emails related to Azovstal that contained malicious attachments spreading Cobalt Strike Beacon malware. The detected activity reflects the behavior patterns associated with the hacking collective tracked […]
During the previous month, the attention and experience of the cybersecurity experts were especially required to help the industry withstand emerging devastating threats. Devoted members of the Threat Bounty community provided detections to protect against such threats as HermeticWiper, the FoxBlade malware, the attack of APT41 against the U.S. state government networks, exploitations of the […]
The 7-Zip file archiver versions of 21.07 have a serious security weak point. 7-Zip is one of the most in-demand tools to compress and package files with a wide array of supported formats including 7z, ZIP, GZIP, BZIP2, and TAR. The vulnerability tracked as CVE-2022-29072 grants adversaries elevated access and command execution when a file […]
Step-By-Step Guided Instruction: Get Started Quickly to Unleash the Full Power of the Platform’s Capabilities We are thrilled to announce the release of an onboarding wizard designed to simplify the onboarding experience for the SOC Prime Platform. The newly released functionality is designed to assist SOC Prime users with driving immediate value: Enable the guided […]
Hunt at No Cost Through May 25, 2022 Furthering its mission to transform threat detection, SOC Prime has boosted threat hunting velocity by continuing to evolve its Detection as Code platform. Uncoder CTI powered by SOC Prime’s platform allows security researchers to automatically convert IOCs of multiple types into custom queries enabling instant IOC searching […]
SOC Prime’s Detection as Code platform, the world’s largest and most advanced platform for collaborative cyber defense, integrates with 25+ SIEM, EDR, and XDR formats and continuously broadens the support for cloud-based cybersecurity solutions. We are thrilled to announce SOC Prime’s integration with LimaCharlie enabling security professionals to obtain the most relevant detection content tailored […]
A few years ago, with the pandemic just starting to ravage the world, unprecedented changes shook all spheres of our day-to-day life, digital included. We’ve faced many necessary adjustments when steering different industries away from offline format to online. The transformation of knowledge sharing and creating professional networks brought sweeping changes in how people work, […]
SOC Prime is a US based company with teams distributed across the globe in Europe, the Americas & APAC. We implemented different measures to ensure the SOC Prime Platform availability and that our support and services meet customer expectations and of course, foremost, support the safety of our employees and their families. SOC Prime had […]
Zloader (aka Terdot and DELoader) is raging worldwide, evading banking systems’ defenses. Not something one expects to find under their Christmas trees, especially accompanied by the calamitous Log4j Vulnerability, but these are some crazy times we live in. According to the researchers, Zloader attack routines are growing in scale and sophistication, adopting diversified techniques and […]
New Year, fresh start! And for threat actors as well. Meet a brand-new backdoor malware that has been increasingly hitting the cyber domain throughout the last couple of months. Dubbed SysJoker, the threat obtains powerful evasion capabilities while being able to target major operating systems, including Windows, Linux, and macOS. SysJoker Malware Analysis SysJocker malware […]