Since the outbreak of russia’s full-scale invasion of Ukraine, the aggressor has been targeting multiple cyber attacks against Ukraine and its allies, with a growing number of state-sponsored hacking collectives emerging and resurfacing in the cyber threat arena. During the conflict, russia’s offensive forces have launched over 2,100 attacks with disparate levels of sophistication and […]
Embrace Your Cyber Defense Arsenal: Choose a Tool Tailored for Your Unique Cyber Defense Journey SOC Prime equips every cyber defender with a global threat detection platform for collective cyber defense. To help cyber defenders drive immediate value from SOC Prime Platform based on their current security needs, SOC Prime has launched a new three-pronged […]
Hot on the heels of the maximum severity flaw in GitLab software known as CVE-2023-2825, another critical vulnerability comes to the scene, creating a significant buzz in the cyber threat landscape. At the turn of June 2023, Progress Software uncovered a critical vulnerability in MOVEit Transfer that can lead to privilege escalation and instantly issued […]
Driving Cost-Efficient, Zero-Trust, and Multi-Cloud Security Backed by Collective Expertise SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 27 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic […]
Hot on the heels of the massive phishing attacks launched by UAC-0006 at the beginning of May 2023, CERT-UA warns cyber defenders of a new wave of cyber attacks resulting in SmokeLoader infections. The latest investigation indicates that adversaries increasingly spread phishing emails with financial subject lures and use ZIP/RAR attachments to drop malicious samples […]
GitLab has recently issued its latest critical security update v. 16.0.1, addressing a path traverse vulnerability tracked as CVE-2023-2825 with a CVSS score reaching the maximum limit of 10.0. The update affects installations running version 16.0.0., with earlier software versions being not impacted. The successful exploitation of a highly critical security bug enables unauthenticated adversaries […]
For years, China has been launching offensive operations aimed at collecting intelligence and gathering sensitive data from U.S. and global organizations in multiple industries, with attacks frequently related to nation-backed APT groups, like Mustang Panda or APT41. On May 24, 2023, NSA, CISA, and FBA, in conjunction with other U.S. and international authoring agencies, issued […]
Since the outbreak of the full-scale war in Ukraine, cyber defenders have identified the growing volumes of cyber-espionage campaigns aimed at collecting intelligence from the Ukrainian state bodies. On May 22, 2023, CERT-UA researchers issued a new alert warning the global cyber defender community of an ongoing cyber-espionage campaign targeting the information and communication system […]
A novel hacking collective tracked as Lacefly APT has been recently observed applying a custom Merdoor backdoor to attack organizations in the government, telecom, and aviation sectors across South and Southeastern Asia. According to the latest reports, these targeted intrusions point to a long-running adversary campaign leveraging Merdoor sample, with the first traces dating back […]
Threat Bounty Publications In April, the active members of the SOC Prime Threat Bounty community submitted 430 detection rules for review by the SOC Prime team for verification and to earn a chance to monetize their content. However, only 64 rules passed validation and were successfully published to the SOC Prime Platform. Explore Detections We […]