Practical Guide to Converting IOCs to SIEM Queries with Uncoder AI
What are IOCs, and what is their role in cybersecurity? In cybersecurity operations, Indicators of Compromise — such as IP…
Threats
UAC-0001 aka APT28 Attack Detection: Leveraging PowerShell Command in Clipboard as Initial Entry Point
The notorious Russian state-sponsored hacking group known as APT28 or UAC-0001, which has a history of launching targeted phishing attacks…
CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks
Attackers frequently launch high-profile attacks by exploiting RCE vulnerabilities in popular software products. Cybersecurity researchers have recently identified the widespread…
UAC-0218 Attack Detection: Adversaries Steal Files Using HOMESTEEL Malware
Hot on the heels of the “Rogue RDP” attacks exploiting the phishing attack vector and targeting Ukrainian state bodies and…
“Rogue RDP” Attack Detection: UAC-0215 Leverages RDP Configuration Files to Gain Remote Access to Ukrainian Public Sector Computers
Adversaries frequently exploit remote management tools in their offensive campaigns, like the Remote Utilities software, which has been leveraged in…
Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations
At the end of summer, 2024, the FBI, Department of Defense, and CISA issued a joint advisory warning cybersecurity experts…
MEDUZASTEALER Detection: Hackers Distribute Malware Masquerading the Sender as Reserve+ Technical Support via Telegram Messaging Service
Hard on the heels of a new wave of cyber-attacks by UAC-0050 involving cyber espionage and financial thefts and relying…
How MSSPs and MDRs Can Maximize Threat Detection Efficiency with Uncoder AI
In the face of increasingly sophisticated cyber threats, security service providers such as MSSPs and MDRs strive to enhance threat…
UAC-0050 Attack Detection: russia-Backed APT Performs Cyber Espionage, Financial Crimes, and Disinformation Operations Against Ukraine
The UAC-0050 hacking collective notorious for its long-standing offensive operations against Ukraine steps back into the cyber threat arena. CERT-UA…
Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE and Gulf Region
Amid a spike in cyber-espionage efforts by North Korean APT groups targeting Southeast Asia under the SHROUDED#SLEEP campaign, cybersecurity experts…