UAC-0050 Attack Detection: Hackers Are Armed with Remcos RAT, Quasar RAT, and Remote Utilities to Target Ukraine Once Again
At the end of 2023, the nefarious UAC-0050 group loomed in the cyber threat arena, targeting Ukraine using Remcos RAT,…
Threats
Lumma Stealer Malware Detection: Hackers Abuse YouTube Channels to Spread a Malware Variant
Recent cybersec reports unveil a series of attacks in which hackers take advantage of YouTube channels to spread the Lumma…
UAC-0184 Attack Detection: Targeted Phishing Attacks Against the Armed Forces of Ukraine Using Remcos RAT and Reverse SSH
Hard on the heels of the phishing campaign against Ukraine spreading Remcos RAT, another offensive operation relying on a similar…
APT28 Adversary Activity Detection: New Phishing Attacks Targeting Ukrainian and Polish Organizations
Throughout the second half of December 2023, cybersecurity researchers uncovered a series of phishing attacks against Ukrainian government agencies and…
New Phishing Campaign by UAC-0050: Kyivstar & Security Service of Ukraine Baits to Deliver Remcos RAT
Cybersecurity analysts are observing a substantial increase in malicious activities targeting Ukraine’s public and private sectors, where attackers often resort…
Play Ransomware Detection: Ongoing Ransomware Attacks Against Businesses and Critical Infrastructure in the U.S., South America, and Europe
At the end of November 2023, leading U.S. cybersecurity agencies, in collaboration with international partners, issued an alert covering LockBit…
SOC Prime Threat Bounty Digest — November 2023 Results
Threat Bounty Content We continue aligning the efforts with Threat Bounty Program members in enriching the SOC Prime Platform with…
CVE-2023-42793 Detection: Large-Scale Exploitation of the JetBrains TeamCity Vulnerability by the russian Foreign Intelligence Service
FBI and CISA, in conjunction with U.S. and international cybersecurity authorities, warn the global cyber defender community about large-scale exploitation…
CVE-2023-49070 Exploit Detection: A Critical Pre-Auth RCE Vulnerability in Apache OFBiz
Сritical vulnerabilities in popular open-source software solutions pose severe threats to global businesses that rely on the impacted products. Recently,…
Operation Blacksmith Detection: Lazarus APT Uses a CVE-2021-44228 Exploit to Deploy New DLang-Based Malware Strains
Adversaries set their eyes on a notorious security flaw in Log4j Java Library tracked as CVE-2021-44228, aka Log4Shell, even a…