Yet another splitting headache for SOC teams — beware of the hottest Log4j vulnerability CVE-2021-45046! The cybersecurity world has just been shaken by an increasing amount of exploitation attempts for CVE-2021-44228, a critical zero-day vulnerability affecting the Apache Log4j Java logging library, while another high-severity Log4j RCE flaw tracked as CVE-2021-45046 comes on the scene. […]
Adversaries have found a way to obtain full admin rights to the Active Directory (AD) domains by weaponizing CVE-2021-42287 and CVE-2021-42278 vulnerabilities. The nefarious exploitation chain enables Active Directory domain impersonation in just a couple of clicks. A batch of vulnerabilities tied to this exploitation chain drove the attention of security professionals in November 2021. […]
Brace yourself for the new zero-day vulnerability exploited in the wild. A recently-disclosed flaw affects Grafana, multi-platform open source analytics and interactive visualization app used by organizations globally to track and understand the metrics of their data. After the vulnerability details were occasionally leaked online, the multitude of proof-of-concept exploits spread over Twitter and GitHub, […]
Stay alert! Threat actors are actively leveraging the new zero-day vulnerability (CVE-2021-44515) in Zoho ManageEngine Desktop Central products to attack businesses worldwide. The flaw is a critical authentication bypass issue that enables hackers to gain unauthorized access and execute arbitrary code on vulnerable servers. CVE-2021-44515 Description Zoho ManageEngine Desktop Central is a widely-used management utility […]
Cyber Monday is over, but not the hot deals from SOC Prime. In December 2021, we launch the Cyber Threat Intelligence Promo to break the limits on Community content views for SOC Prime users for the remainder of the year! Powered by its Detection as Code Platform, SOC Prime curates Threat Detection Marketplace, the world’s […]
Another day —  another major challenge for security practitioners. Meet BlackByte, a new ransomware-as-a-service (RaaS) ring that is hard forging the way to the top of the threat list. First incidents attributed to the BlackByte collective were detected in July 2021, and since then adversaries evolved their tactics and tools significantly. Currently, security researchers observe […]
Meet Babadeda, a new notorious crypter in the arsenal of threat actors. The malware has been actively leveraged by adversaries since May 2021 to bypass security protections and covertly deliver a variety of threats to unsuspecting victims. Multiple infostealers and remote access Trojans (RATs) have been deployed with the help of Babadeda. Moreover, LockBit maintainers […]
We are thrilled to announce an amazing Cyber Monday deal for Quick Hunt, a new cutting-edge module of the SOC Prime’s Detection as Code platform empowering any Blue Teamer, whatever their level of experience in the field, to take up hunting for threats in their SIEM or EDR environment with just a couple of clicks.  […]
SOC Prime’s Detection as Code platform for collaborative cyber defense, threat hunting, and discovery continuously evolves to empower the global community with more accessible and efficient cyber defense capabilities. Striving to unlock threat hunting to a wider cybersecurity audience, SOC Prime introduced Quick Hunt, a new cutting-edge module, enabling both newcomers and seasoned experts alike […]
To enable organizations to address the risks posed by critical vulnerabilities outlined in Binding Operational Directive (BOD) 22-01, SOC Prime provides an extensive list of curated detections to identify possible exploit attempts in your infrastructure and isolate potentially affected assets while patching procedures are in progress. The increasing sophistication of malicious activities threatening the private […]