SnipBot Detection: A New RomCom Malware Variant Leverages a Custom Code Obfuscation Method and Sophisticated Evasion Techniques
A novel iteration of the RomCom malware family emerges in the cyber threat arena. The new malware, dubbed SnipBot, uses…
Threats
Vendor-Agnostic Cybersecurity: Adapting to the Future of Threat Detection
In today’s fast-moving technological landscape, organizations face unprecedented challenges in managing their security operations. When both threats and technologies change…
Earth Baxia Attack Detection: China-Backed Hackers Use Spear-Phishing, Exploit the GeoServer Vulnerability (CVE-2024-36401), and Apply a New EAGLEDOOR Malware to Target APAC
In the first quarter of 2024, state-sponsored APT groups from regions such as China, North Korea, Iran, and russia demonstrated…
CVE-2024-6670 and CVE-2024-6671 Detection: RCE Attacks Exploiting Critical SQL Injection Vulnerabilities in WhatsUp Gold
Hackers are weaponizing PoC exploits for newly identified vulnerabilities in Progress Software WhatsUp Gold for in-the-wild attacks. Defenders have recently…
Celebrating Detection Engineering Excellence
SOC Prime Recognizes Top Threat Bounty Researchers Mastering Uncoder AI SOC Prime continues to fuel the professional development of cybersecurity…
RansomHub Ransomware Detection: Attackers Exploits Kaspersky’s TDSSKiller to Disable EDR Systems
Right after the joint advisory by FBI, CISA, and partners warning of a significant shift in the RansomHub RaaS group…
SOC Prime Threat Bounty Digest — August 2024 Results
Detection Content Creation, Submission & Release August 2024 was challenging for the global cyber community, but it was also full…
Repellent Scorpius: Novel RaaS Group Actively Distributes Cicada3301 Ransomware Variant
Ransomware continues to be a leading global threat to organizations, with attacks becoming more frequent and increasingly sophisticated. Recently, a…
Unit 29155 Attacks Detection: russia-Affiliated Military Intelligence Division Targets Critical Infrastructure Globally
Notorious russia-affiliated hacking groups are posing daunting challenges to defensive forces, continuously upgrading their adversary TTPs and enhancing detection evasion…
Detect WikiLoader Attacks: Adversaries Leverage Fake GlobalProtect VPN Software to Deliver a New Malware Variant via SEO Poisoning
The latest stats highlight that in 2023, adversaries deployed an average of 200,454 unique malware scripts per day, equating to…