Squiblydoo Attack Analysis, Detection, and Mitigation
In the dynamic and ever-changing realm of cybersecurity, attackers demonstrate unwavering determination as they continuously come up with innovative techniques…
Threats
MULTI#STORM Attack Detection: A New Phishing Campaign Spreading Multiple Remote Access Trojans and Targeting U.S. and India
Cybersecurity researchers warn defenders of yet another phishing campaign dubbed MULTI#STORM, in which hackers abuse JavaScript files to drop RAT…
Microsoft Outlook Vulnerability CVE-2023-23397 Detection
CVE-2023-23397 is a critical elevation of privilege (EoP) vulnerability in Microsoft Outlook with a CVSS base score of 9.8. It…
CVE-2020-35730, CVE-2021-44026, CVE-2020-12641 Exploit Detection: APT28 Group Abuses Roundcube Flaws In Spearphishing Espionage Attacks
With the ongoing russian cyber offensive operations targeting Ukraine and its allies, the aggressor is continuously launching cyber-espionage campaigns against…
PicassoLoader and Cobalt Strike Beacon Detection: UAC-0057 aka GhostWriter Hacking Group Attacks the Ukrainian Leading Military Educational Institution
On June 16, 2023, CERT-UA researchers issued a new alert covering the recently discovered malicious activity targeting the National Defense…
Shuckworm Espionage Group Attack Detection: russia-backed Threat Actors Repeatedly Attack Ukrainian Military, Security, and Government Organizations
Since russia’s full-scale invasion of Ukraine, the aggressor’s offensive forces have launched an avalanche of cyber-espionage campaigns against Ukraine and…
Cadet Blizzard’s Activity Detection: Novel russia-Linked Nation-Backed Threat Actor Tracked as DEV-0586 Comes to the Scene
Since the outbreak of russia’s full-scale invasion of Ukraine, the aggressor has been targeting multiple cyber attacks against Ukraine and…
Interview with Threat Bounty Developer – Mehmet Kadir CIRIK
As we continue to tell about our keen members of SOC Prime’s Threat Bounty community sharing stories about their professional…
Asylum Ambuscade Attack Detection: Hacking Collective Engaged in Multiple Cyber-Espionage and Financially-Motivated Cybercrime Campaigns
On February 24, 2022, a little more than a year ago, the russian federation started an offensive invasion of Ukraine…
Interview with Threat Bounty Developer – Aung Kyaw Min Naing
It has already become a good tradition in SOC Prime when Threat Bounty members share stories about their professional paths…