UAC-0180 Targets Defense Contractors in Ukraine Using GLUEEGG, DROPCLUE, and ATERA
According to Accenture research, around 97% organizations experienced a surge in cyber threats since the onset of the russia-Ukraine war…
Threats
SOC Prime Threat Bounty Digest — June 2024 Results
Detection Content Submission & Release In June, SOC Prime’s Threat Bounty Program members started using Uncoder AI to create, validate,…
Detect CVE-2024-38112 Exploitation by Void Banshee APT in Zero-Day Attacks Targeting Windows Users
Following Microsoft’s recent Patch Tuesday update, which addressed the CVE-2024-38112 vulnerability, researchers uncovered a sophisticated campaign by the Void Banshee…
DarkGate Malware Detection: Adversaries Exploit Microsoft Excel Files to Spread a Harmful Software Package
Defenders have been observing a DarkGate malware campaign in which adversaries have taken advantage of Microsoft Excel files to spread…
Threat Bounty Success Story: Kyaw Pyiyt Htet
Today, we want to tell you the story of Kyaw Pyiyt Htet, the content author who has been with the…
Kimsuky APT Campaign Detection Targeting Japanese Organizations
Since early spring 2024, the notorious North Korea-linked hacking collective tracked as Kimsuky APT has been launching a targeted campaign…
APT40 Attacks Detection: People’s Republic of China State-Sponsored Hackers Rapidly Exploit Newly Revealed Vulnerabilities for Cyber-Espionage
The latest advisory issued by law enforcement agencies within Australia, the U.S., Canada, Germany, the U.K., New Zealand, South Korea,…
Volcano Demon Ransomware Attack Detection: Adversaries Apply a New LukaLocker Malware Demanding Ransom via Phone Calls
New ransomware maintainers have rapidly emerged in the cyber threat arena, employing innovative locker malware and a variety of detection…
Kimsuky APT Attack Detection: North Korean Hackers Abuse the TRANSLATEXT Chrome Extension to Steal Sensitive Data
The nefarious North Korea-linked threat actor known as Kimsuky APT group uses a novel malicious Google Chrome extension dubbed “TRANSLATEXT”…
CVE-2024-5806 Detection: A New Authentication Bypass Vulnerability in Progress MOVEit Transfer Under Active Exploitation
The cyber threat landscape in June is heating up, largely due to the disclosure of new vulnerabilities, such as CVE-2024-4577…