CVE-2023-20198 Detection: Cisco IOS XE Zero-Day Vulnerability Actively Exploited to Install Implants
Hard on the heels of a new surge in the long-running Balada Injector campaign exploiting CVE-2023-3169, another critical security bug…
Threats
SOC Prime Threat Bounty Digest — September 2023 Results
Meet the new Threat Bounty Program digest that covers the recent news and updates of SOC Prime’s crowdsourced detection engineering…
UAC-0165 Activity Detection: Destructive Cyber Attacks Targeting Ukrainian Telecom Providers
CERT-UA researchers notify defenders of the persistent malicious campaign impacting more than 11 telecom providers. The UAC-0165 group behind these…
Balada Injector Malware Campaign Detection: Hackers Exploit a tagDiv Composer Vulnerability Infecting Thousands of WordPress Sites
Over a month ago, defenders warned the peer community of CVE-2023-4634, a critical WordPress vulnerability actively exploited in the wild…
The Human Side of Cybersecurity: Unmasking the Alarming Stress & Burnout
How Automation Technology is Reshaping Stress Management in Security Operations Before getting into cybersecurity, did you think of yourself as…
LostTrust Ransomware Detection: SFile and Mindware Advancement, Successor of MetaEncryptor Gang
Novel LostTrust ransomware emerged in the cyber threatscape in early spring 2023. However, the adversary campaign hit the headlines only…
SmokeLoader Malware Detection: UAC-0006 Hackers Launch a Wave of Phishing Attacks Against Ukraine Targeting Accountants
In early October 2023, the UAC-0006 group was observed behind a series of at least four cyber attacks targeting Ukraine,…
CVE-2023-22515 Detection: A Critical Zero-Day in Confluence Data Center & Server Under Active Exploitation
Atlassian has recently notified defenders of a critical privilege escalation vulnerability in its Confluence software. The uncovered issue identified as…
Unmasking the Most Dangerous APTs Targeting the Financial Sector
Fortifying Your Defense with SOC Prime Platform Financial organizations have always been a juicy target for nation-backed adversaries since they…
CVE-2023-42793 Detection: An Authentication Bypass Vulnerability Leading to RCE on JetBrains TeamCity Server
Hot on the heels of the adversary campaigns abusing the CVE-2023-29357 vulnerability in Microsoft SharePoint Server causing a pre-auth RCE…