Detect SmokeLoader Malware: UAC-0006 Strikes Again to Target Ukraine in a Series of Phishing Attacks
Hot on the heels of the massive phishing attacks launched by UAC-0006 at the beginning of May 2023, CERT-UA warns…
Threats
Interview with Threat Bounty Developer – Mustafa Gurkan Karakaya
Today, we want to introduce to SOC Prime’s community one of the most active members of the Threat Bounty Program…
CVE-2023-2825 Exploit Detection: GitLab Urges Users to Promptly Patch a Maximum Severity Flaw
GitLab has recently issued its latest critical security update v. 16.0.1, addressing a path traverse vulnerability tracked as CVE-2023-2825 with…
Chinese State-Sponsored Cyber Actor Detection: Joint Cybersecurity Advisory (CSA) AA23-144a Sheds Light on Stealty Activity by Volt Typhoon Targeting U.S. Critical Infrastructure
For years, China has been launching offensive operations aimed at collecting intelligence and gathering sensitive data from U.S. and global…
UAC-0063 Cyber-Espionage Activity Detection: Hackers Target Organizations in Ukraine, Kazakhstan, Kyrgyzstan, Mongolia, Izrael, and India to Gather Intelligence
Since the outbreak of the full-scale war in Ukraine, cyber defenders have identified the growing volumes of cyber-espionage campaigns aimed…
Merdoor Malware Detection: Lancefly APT Uses a Stealthy Backdoor in Long-Running Attacks Against Organizations in South and Southeast Asia
A novel hacking collective tracked as Lacefly APT has been recently observed applying a custom Merdoor backdoor to attack organizations…
CVE-2023-25717 Detection: New Malware Botnet AndoryuBot Exploits RCE Flaw in the Ruckus Wireless Admin Panel
A new DDoS botnet dubbed AndoryuBot poses a threat to Ruckus Wireless Admin panels by exploiting a newly patched critical…
Snake Malware Detection: Cyber-Espionage Implant Leveraged by russia-Affiliated Turla APT in a Long-Lasting Campaign Against NATO Countries
On May 9, 2023, the U.S. Department of Justice revealed the details of a joint operation dubbed MEDUSA that resulted…
Detecting Abused Legitimate Tools Applied by Hackers in the Human-Operated Ransomware Attacks
With the constantly changing cyber threat landscape and the increasing sophistication of the adversary toolkit, information exchange between cybersecurity experts…
SmokeLoader Malware Detection: UAC-0006 Group Reemerges to Launch Phishing Attacks Against Ukraine Using Financial Subject Lures
The financially-motivated hacking collective tracked as UAC-0006 comes back to the cyber threat arena exploiting the phishing attack vector and…