Strengthening Cybersecurity in the Finance Industry Equipped with SOC Prime’s Solutions
The financial sector, the keystone of the global economy, has become increasingly digitized in recent years. While this transformation brings…
Threats
APT28 Phishing Attack Detection: Hackers Target Ukrainian Energy Sector Using Microsoft Edge Downloader, TOR Software, and the Mockbin Service for Remote Management
At the turn of fall 2023, the russia-backed APT28 hacking group reemerges in the cyber threat arena, targeting the critical…
Installing and Configuring Content Packs for QRadar
This guide describes how to deploy Content Packs for QRadar based on the recommended example of the “SOC Prime –…
CVE-2023-38831 Detection: UAC-0057 Group Exploits a WinRAR Zero-Day to Spread a PicassoLoader Variant and CobaltStrike Beacon via Rabbit Algorithm
The UAC-0057 hacking collective, aka GhostWriter, reemerges in the cyber threat arena by abusing a WinRAR zero-day tracked as CVE-2023-38831…
Junos OS Vulnerabilities Exploit Detection: Hackers Leverage CVE-2023-36844 RCE Bug Chain Abusing Juniper Devices After PoC Release
Adversaries weaponize four newly discovered RCE security flaws in the J-Web component of Junos OS tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846,…
UAC-0173 Attacks: Ukrainian Judicial Bodies and Notary Massively Targeted With AsyncRAT Malware
Cybersecurity experts observe significantly growing volumes of malicious activity aimed at targeting Ukrainian public and private sectors, with offensive forces…
SOC Prime on Discord: Join a Single Community for All Cyber Defenders to Benefit from Shared Expertise
In February 2023, SOC Prime launched its Discord server community connecting aspiring cybersecurity enthusiasts and seasoned experts in a single…
Detect Cuba Ransomware Threat Group Infections: New Tooling Applied in Attacks Against Critical Infrastructure Organizations in the U.S.
Being active since 2019, Cuba ransomware operators constantly evolve their attack methods and seem not to stop that. The most…
CVE-2023-3519 Detection: RCE Zero-Day in Citrix NetScaler ADC and NetScaler Gateway Exploited in the Wild
Heads up! Cybersecurity experts notify defenders of a zero-day flaw compromising Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway…
Adversaries Use Weaponized PDFs Disguised as German Embassy Lures to Spread Duke Malware Variant in Attacks Against Ministries of Foreign Affairs of NATO-Aligned Countries
Cybersecurity researchers have observed a new malicious campaign targeting Ministries of Foreign Affairs of NATO-related countries. Adversaries distribute PDF documents…