Threat Bounty Rules Releases Welcome to the October results edition of our traditional Threat Bounty Monlty digest. Last month, our global community of cybersecurity professionals participating in crowdsourced detection engineering promptly addressed emerging cyber threats with actionable detection content. As a result, 81 new detection rules by Threat Bounty Program members were released on the […]
Essential Tips to Level Up in SOC Prime Threat Bounty Program As a detection engineer, SOC analyst, and threat hunter, joining SOC Prime’s Threat Bounty Program opens the door to significant professional growth within a globally recognized cybersecurity community. The Program is designed to harness the expertise in detection engineering, enabling members to contribute high-value […]
Security researchers have revealed a stealthy campaign targeting users in Central and Southwestern Europe with an email credential stealer. Dubbed Strela, this evasive malware is deployed via phishing emails, utilizing obfuscated JavaScript and WebDAV to circumvent conventional security measures. Since its emergence two years ago, Strela Stealer has significantly enhanced its malicious capabilities, allowing it […]
LemonDuck, a notorious crypto-mining malware, has been observed targeting Windows servers by exploiting known vulnerabilities in Microsoft’s Server Message Block (SMB) protocol, including the EternalBlue flaw tracked as CVE-2017-0144. The malware has evolved into a more advanced threat capable of credential theft, enriched with detection evasion techniques, and spreading through multiple attack vectors. Detect LemonDuck […]
Detection Content Creation, Submission & Release In September, the Threat Bounty Program experienced significant growth, with more submissions of detection rules for verification and a higher number of successful releases of the Threat Bounty rules to the SOC Prime Platform. We remain committed to ensuring that all members of the Threat Bounty Program make the […]
Efficiency and collaboration are essential in cybersecurity. As part of the SOC Prime Platform, Uncoder AI is a a professional IDE & co-pilot for detection engiennering to streamline content creation and threat detection rule contribution. For those participating in the Threat Bounty Program, this tool makes it easier to contribute detection rules, collaborate with experts, […]
In today’s fast-moving technological landscape, organizations face unprecedented challenges in managing their security operations. When both threats and technologies change rapidly, organizations need the agility to adapt, migrate, and use multiple security solutions without being tied down by proprietary formats. Also, as the SIEM market evolves, vendors merge or pivot their offerings, and the organizations […]
SOC Prime Recognizes Top Threat Bounty Researchers Mastering Uncoder AI SOC Prime continues to fuel the professional development of cybersecurity experts by recognizing and celebrating individual contributions to global cyber defense. Through the Threat Bounty Program, SOC Prime empowers skilled threat researchers and SIEM rules engineers to enhance their impact on collective cybersecurity efforts. Earlier […]
Detection Content Creation, Submission & Release August 2024 was challenging for the global cyber community, but it was also full of opportunities for SOC Prime’s Threat Bounty members to gain personal recognition and cash for their contributions. During August, 22 detections were successfully released to the SOC Prime Platform, and twice as many detections were […]
A new critical vulnerability in Ivanti Virtual Traffic Manager (vTM) instances comes into the spotlight. Tracked as CVE-2024-7593, the critical authentication bypass vulnerability enables remote attackers to create rogue admin accounts. The public availability of the PoC exploit code increases the risk of CVE-2024-7593 exploitation in real-world attacks. Detect CVE-2024-7593 Exploitation Attempts In 2023, over […]