CVE-2023-38146 Detection: Windows “ThemeBleed” RCE Bug Poses Growing Risks with the PoC Exploit Release
The new Microsoft Windows Themes security bug tracked as CVE-2023-38146, which enables attackers to perform RCE, emerges in the cyber…
Threats
ShadowPad Trojan Detection: Redfly Hackers Apply a Nefarious RAT to Hit National Power Grid Organization in Asia
ShadowPad backdoor is popular among multiple state-backed APTs, including China-linked hacking groups, widely used in their cyber espionage campaigns. A…
SOC Prime Threat Bounty Digest — August 2023 Results
Threat Bounty monthly digests cover what’s happening in the SOC Prime Threat Bounty community. Each month, we publish the Program…
Frequent SIGMA Mistakes Series
Part 1: Unintentional Escaped Wildcards Overview of Series This is part 1 of a multi-part series covering frequent mistakes SOC…
Detecting Network Spikes Identified by WAF for the Elastic Stack Platform
There are a lot of interesting cases that you can find while investigating anomalies in the traffic baselines, for example,…
CVE-2023-4634 Detection: Unauthenticated RCE Vulnerability in WordPress Media Library Assistant Plugin
Security researchers have issued a stark warning about a critical vulnerability, designated as CVE-2023-4634, which is affecting an alarming number…
CVE-2023-4634 Exploit Detection: Unauthenticated RCE Vulnerability in WordPress Media Library Assistant Plugin
CVE-2023-4634, which is affecting an alarming number of over 70,000 WordPress sites globally. This vulnerability originates from a security flaw…
Strengthening Cybersecurity in the Finance Industry Equipped with SOC Prime’s Solutions
The financial sector, the keystone of the global economy, has become increasingly digitized in recent years. While this transformation brings…
APT28 Phishing Attack Detection: Hackers Target Ukrainian Energy Sector Using Microsoft Edge Downloader, TOR Software, and the Mockbin Service for Remote Management
At the turn of fall 2023, the russia-backed APT28 hacking group reemerges in the cyber threat arena, targeting the critical…
Installing and Configuring Content Packs for QRadar
This guide describes how to deploy Content Packs for QRadar based on the recommended example of the “SOC Prime –…