Due to a constantly evolving number of vulnerabilities affecting open-source software products, proactive detection of vulnerability exploitation remains one of the most common security use cases according to the latest SOC Prime’s Detection as Code Innovation report. At the turn of November 2022, a couple of new vulnerabilities in the OpenSSL software library identified as […]
With crypto mining attacks significantly increasing over the past couple of years, increasing awareness of cryptojacking is of paramount importance. Cybersecurity researchers have recently uncovered a massive cryptojacking campaign abusing free CI/CD service providers, with over 30 GitHub, 2,000 Heroku, and 900 Buddy accounts compromised. Dubbed PURPLEURCHIN, the malicious operation applies sophisticated obfuscation techniques and […]
Independent Audit Once Again Verifies SOC Prime’s Compliance with the SOC 2® Requirements We are thrilled to announce that SOC Prime has once again successfully completed the SOC 2 Type II audit conducted by I.S. Partners, LLC, one of the industry-leading internal controls attestation firms certified by the PCI Council as a Qualified Security Assessor. […]
In May 2022, Cuba ransomware maintainers resurfaced marking their loud entrance into the cyber threat arena by leveraging a novel custom remote access Trojan called ROMCOM (or RomCom) RAT. On October 22, 2010, CERT-UA warned the global cyber defender community of the ongoing phishing campaigns targeting Ukrainian officials with the email sender masquerading as the […]
Threat actors don’t sleep, and cyber defenders cannot sleep a wink either to keep up with emerging threats. In 2022, a wave of critical “shell” vulnerabilities has been flooding the cyber threat arena, starting with the loud appearance of Log4Shell at the turn of the year, followed by Spring4Shell in March, then ProxyNotShell just one […]
Throughout 2021-2022, ransomware continues to be one of the dominant trends in the cyber threat landscape, illustrated by the increasing sophistication of intrusions and a rapidly growing number of ransomware affiliates. Cybersecurity researchers warn of the ongoing malicious campaigns, which target Windows users and distribute Magniber ransomware disguised as software updates. Detect Magniber Ransomware Magniber […]
Heads up! A new critical vulnerability is on the radar. Fortinet has recently disclosed an authentication bypass vulnerability in its FortiOS, FortiProxy, and FortiSwitchManager appliances. The security flaw tracked as CVE-2022-40684 is actively exploited in the wild, posing a serious risk to Fortinet’s customers leveraging vulnerable product instances. Detect CVE-2022-40684 Exploitation Attempts In view of […]
A community-driven approach based on Detection-as-Code principles and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® enables intelligent-driven threat detection, cost-efficient and cross-platform threat investigation, and instant access to detections for critical threats. SOC Prime’s platform aggregates over 200,000 pieces of detection content easily convertible to 25+ SIEM, EDR, and XDR formats and aligned with […]
We are thrilled to announce SOC Prime’s participation in the Tenth EU MITRE ATT&CK® Community Workshop taking place in Brussels on 7 October 2022. The upcoming event will host cybersecurity professionals around the globe who will provide insights into best industry practices and share their unique use cases of leveraging the MITRE ATT&CK framework for […]
Cybersecurity researchers have recently revealed a new wave of adversary campaigns leveraging a malware tool named NullMixer spread via malicious websites. The malware dropper is a lure masquerading as legitimate software, which further deploys a set of Trojans infecting the victim’s system. NullMixer hackers apply advanced SEO tactics to distribute the malware affecting popular search […]