Detection Content to Address Attacker Techniques Covered in the “Domain of Thrones: Part I” Research
Offensive forces continuously look for new ways to gain access to the domain environment and sustain their presence by leveraging…
Threats
CVE-2023-4966 Detection: Critical Citrix NetScaler Vulnerability Actively Exploited In the Wild
Adding to the list of critical Citrix NetScaler zero-days, security researchers warn of a new dangerous vulnerability (CVE0-2023-4966) continuously exploited…
GraphRunner Activity Detection: Hackers Apply a Post-Exploitation Toolset to Abuse Microsoft 365 Default Configurations
Microsoft 365 (M365) is leveraged by over a million global companies, which can pose severe threats to the customers relying…
CVE-2023-20198 Detection: Cisco IOS XE Zero-Day Vulnerability Actively Exploited to Install Implants
Hard on the heels of a new surge in the long-running Balada Injector campaign exploiting CVE-2023-3169, another critical security bug…
SOC Prime Threat Bounty Digest — September 2023 Results
Meet the new Threat Bounty Program digest that covers the recent news and updates of SOC Prime’s crowdsourced detection engineering…
UAC-0165 Activity Detection: Destructive Cyber Attacks Targeting Ukrainian Telecom Providers
CERT-UA researchers notify defenders of the persistent malicious campaign impacting more than 11 telecom providers. The UAC-0165 group behind these…
Balada Injector Malware Campaign Detection: Hackers Exploit a tagDiv Composer Vulnerability Infecting Thousands of WordPress Sites
Over a month ago, defenders warned the peer community of CVE-2023-4634, a critical WordPress vulnerability actively exploited in the wild…
The Human Side of Cybersecurity: Unmasking the Alarming Stress & Burnout
How Automation Technology is Reshaping Stress Management in Security Operations Before getting into cybersecurity, did you think of yourself as…
LostTrust Ransomware Detection: SFile and Mindware Advancement, Successor of MetaEncryptor Gang
Novel LostTrust ransomware emerged in the cyber threatscape in early spring 2023. However, the adversary campaign hit the headlines only…
SmokeLoader Malware Detection: UAC-0006 Hackers Launch a Wave of Phishing Attacks Against Ukraine Targeting Accountants
In early October 2023, the UAC-0006 group was observed behind a series of at least four cyber attacks targeting Ukraine,…