SOC Prime Introduces a Fair Usage Policy
Make the Most of Advanced Threat Detection at No Extra Cost In today’s rapidly evolving cybersecurity landscape, where both rogue…
Threats
Threat Bounty Program Digest — May 2024 Results
Publications In May, our content verification team received more than 300 submissions for review. After the review, and in some…
UAC-0020 aka Vermin Attack Detection: SickSync Campaign Using SPECTR Malware and SyncThing Utility to Target the Armed Forces of Ukraine
The Vermin hacking group, also known as UAC-0020, resurfaces, targeting the Armed Forces of Ukraine. In the latest “SickSync” campaign…
UAC-0200 Attack Detection: Adversaries Launch Targeted Phishing Attacks Against Ukrainian Public Sector Leveraging DarkCrystal RAT Spread via Signal
Since the onset of the Russia-Ukraine war in 2022, there has been a significant rise in offensive operations, highlighting the…
FlyingYeti Campaign Detection: russian Hackers Exploit CVE-2023-38831 to Deliver COOKBOX Malware in Ongoing Attacks Against Ukraine
In mid-April 2024, CERT-UA warned defenders of repeated adversary attempts to compromise Ukrainian organizations using COOKBOX malware. Defenders observed the…
CVE-2024-24919 Detection: Zero-Day Vulnerability Actively Exploited for In-the-Wild Attacks Against Check Point’s VPN Gateway Products
There is a growing interest among hacking collectives in exploiting remote-access VPN environments by commony abusing zero-day vulnerabilities as entry…
UAC-0188 Attack Detection: Hackers Launch Targeted Attacks Against Ukraine Exploiting SuperOps RMM
Threat actors frequently leverage remote management tools in cyber attacks via the phishing attack vector. For instance, the Remote Utilities…
SOC Prime Platform Integration with GitHub
Continuously Stream Selected Detection Content from the SOC Prime Platform to Your GitHub Repository SOC Prime launches integration with GitHub,…
UAC-0006 Attack Detection: Financially Motivated Group Actively Launches Phishing Attacks Against Ukraine Delivering SMOKELOADER Malware
The financially motivated group identified as UAC-0006 has been actively launching phishing attacks targeting Ukraine throughout 2023. CERT-UA team reports…
Void Manticore Attack Detection: Iranian Hackers Launch Destructive Cyber Attacks Against Israel
Defenders have uncovered the increasing malicious activity of the Void Manticore group linked to Iran’s Ministry of Intelligence and Security…