Cybersecurity researchers have uncovered a new malware family called Domino attributed to the adversary activity of the financially motivated russia-backed FIN7 APT group. Cyber defenders also link the use of Domino with another former hacking group known as Trickbot aka Conti, which has been applied in the malicious campaign by the latter threat actors since […]

The post Domino Malware Detection: Ex-Conti and FIN7 Threat Actors Collaborate to Spread a New Backdoor appeared first on SOC Prime.

The notorious North Korean hacking collective Lazarus Group, also tracked as APT38, Dark Seoul, or Hidden Cobra, has earned its reputation as high-profile nation-backed threat actors, mainly targeting cryptocurrency companies. In the newly discovered malicious campaign dubbed DeathNote, adversaries are shifting their focus by primarily setting eyes on the defense organizations along with automotive and […]

The post Lazarus Hacker Group Shifts Targets and Applies Advanced Techniques in a New DeathNote Campaign appeared first on SOC Prime.

With the tax season in full swing, threat actors are setting eyes on financial organizations. According to the latest cybersecurity reports, U.S. accounting firms and other financial institutions have fallen prey to a series of adversary campaigns spreading GuLoader malware since March 2022. Threat actors spread the GuLoader malicious samples by leveraging a phishing attack […]

The post GuLoader Detection: Malware Targets U.S. Financial Organizations via Phishing Emails appeared first on SOC Prime.

With a growing number of zero-day flaws affecting widely used software products, proactive detection of vulnerability exploitation has been among the most prevalent security use cases since 2021.  Microsoft has recently issued a series of security updates relevant to critical flaws affecting its products, including a patch for a zero-day actively exploited in the wild […]

The post Detect CVE-2023-28252 & CVE-2023-21554 Exploitation Attempts: Windows Zero-Day Actively Used in Ransomware Attacks and a Critical RCE Flaw appeared first on SOC Prime.

With a 250% surge of cyber attacks against Ukraine in 2022 and over 2,000 of them launched by russia-affiliated threat actors since the outbreak of the full-fledged war, cyber defenders are looking for ways to help Ukraine and its allies boost their cyber resilience. On April 3, 2023, CERT-UA issued a new alert covering the […]

The post DarkCrystal RAT Malware Detection: UAC-0145 Hackers Exploit Unlicensed Microsoft Office Software as the Initial Attack Vector appeared first on SOC Prime.