Unmasking the Most Dangerous APTs Targeting the Financial Sector
Fortifying Your Defense with SOC Prime Platform Financial organizations have always been a juicy target for nation-backed adversaries since they…
Threats
CVE-2023-42793 Detection: An Authentication Bypass Vulnerability Leading to RCE on JetBrains TeamCity Server
Hot on the heels of the adversary campaigns abusing the CVE-2023-29357 vulnerability in Microsoft SharePoint Server causing a pre-auth RCE…
CVE-2023-29357 Detection: Microsoft SharePoint Server Elevation of Privilege Vulnerability Exploitation Can Lead to Pre-Auth RCE Chain
Threat actors frequently set eyes on Microsoft SharePoint Server products by weaponizing a set of RCE vulnerabilities, such as CVE-2022-29108…
Engage, Empower, and Enjoy SOC Prime’s Community on Discord
Balance Your Cybersecurity Journey with a Single Community for Collective Cyber Defense In the ever-evolving landscape of technology, finding a…
Snatch Ransomware Detection: FBI & CISA Issue a Joint Alert Warning of Growing Attacks by Snatch RaaS Operators
Proactive ransomware detection remains one of the top priorities for defenders, marked by a rise in intrusion complexity and continuously…
CVE-2023-38146 Detection: Windows “ThemeBleed” RCE Bug Poses Growing Risks with the PoC Exploit Release
The new Microsoft Windows Themes security bug tracked as CVE-2023-38146, which enables attackers to perform RCE, emerges in the cyber…
ShadowPad Trojan Detection: Redfly Hackers Apply a Nefarious RAT to Hit National Power Grid Organization in Asia
ShadowPad backdoor is popular among multiple state-backed APTs, including China-linked hacking groups, widely used in their cyber espionage campaigns. A…
SOC Prime Threat Bounty Digest — August 2023 Results
Threat Bounty monthly digests cover what’s happening in the SOC Prime Threat Bounty community. Each month, we publish the Program…
Frequent SIGMA Mistakes Series
Part 1: Unintentional Escaped Wildcards Overview of Series This is part 1 of a multi-part series covering frequent mistakes SOC…
Detecting Network Spikes Identified by WAF for the Elastic Stack Platform
There are a lot of interesting cases that you can find while investigating anomalies in the traffic baselines, for example,…