Month: July 2025

Google Sues 25 in China Over Alleged BadBox 2.0 Botnet Operation

by
Google accuses 25 people in China of operating an extensive botnet that targets connected consumer devices.

IoT devices at the core of massive botnet

Google has filed a civil lawsuit against 25 unnamed individuals in China who allegedly operated the notorious BadBox 2.0 botnet that has hijacked over 10 million smart devices worldwide. Affected devices included Android-powered streaming boxes, projectors, tablets, and car infotainment systems, many of them inexpensive and shipped with little t

Anne Arundel Dermatology data breach impacts 1.9 million people

by
Hackers breached Anne Arundel Dermatology systems for three months, potentially exposing personal and health data of 1.9 million people. Anne Arundel Dermatology is a physician-owned and managed dermatology group headquartered in Maryland, founded over 50 years ago. It’s one of the largest dermatology providers in the Mid‑Atlantic and Southeastern United States, operating more than 100 […]

UAC-0001 (APT28) Attack Detection: The russia-Backed Actor Uses LLM-Powered LAMEHUG Malware to Target Security and Defense Sector 

by

The notorious russian state-sponsored threat group UAC-0001 (also tracked as APT28) has once again surfaced in the cyber threat landscape. After CERT-UA’s late June alert exposing the group’s use of the COVENANT framework and the BEARDSHELL backdoor, UAC-0001 has maintained its focus on Ukraine. CERT-UA now reports a new wave of cyber-attacks targeting the security […]

The post UAC-0001 (APT28) Attack Detection: The russia-Backed Actor Uses LLM-Powered LAMEHUG Malware to Target Security and Defense Sector  appeared first on SOC Prime.

Automating IT Tasks at Scale with Remote Scripting

by

In today’s complex IT environments, managing a growing network of endpoints across multiple platforms and locations is no small feat. As remote work becomes the norm and endpoint diversity increases, IT and security teams are under more pressure than ever to maintain control, troubleshoot quickly, and ensure compliance without being physically present. Enter remote scripting … Read more

The Hidden Limits of AWS Cloud Security

by

AWS cloud security plays a foundational role in enterprise infrastructure, but its effectiveness declines when organizations adopt multicloud or hybrid-cloud strategies. A 2024 State of the Cloud Report shows that 89% of enterprises now operate in multicloud environments, spanning AWS, Azure, and Google Cloud. Security architectures, however, rarely keep pace with this complexity. Each cloud … Read more

Critical NVIDIA Container Toolkit Flaw Allows Privilege Escalation on AI Cloud Services

by
Cybersecurity researchers have disclosed a critical container escape vulnerability in the NVIDIA Container Toolkit that could pose a severe threat to managed AI cloud services.
The vulnerability, tracked as CVE-2025-23266, carries a CVSS score of 9.0 out of 10.0. It has been codenamed NVIDIAScape by Google-owned cloud security company Wiz.
“NVIDIA Container Toolkit for all platforms contains a

From Backup to Cyber Resilience: Why IT Leaders Must Rethink Backup in the Age of Ransomware

by
With IT outages and disruptions escalating, IT teams are shifting their focus beyond simply backing up data to maintaining operations during an incident. One of the key drivers behind this shift is the growing threat of ransomware, which continues to evolve in both frequency and complexity. Ransomware-as-a-Service (RaaS) platforms have made it possible for even inexperienced threat actors with

CNAPP vs CWPP: Too Many Acronyms, Not Enough Clarity

by

How many acronyms are too many? With a new category being created seemingly every other day in cybersecurity, keeping up with it all can be exhausting. Even in the cloud security market, CNAPP, CWPP, CSPM, and other acronyms might confuse you. In this blog, let’s dig deeper into CNAPP vs CWPP, the two heavyweights in … Read more