SOC Prime helps DIRECTV Latin America boost alert management and navigate migration challenges to QRadar balancing detection coverage & risk minimization.

SOC Prime

28.02.2024

CVE-2024-23204 Detection: Exploitation of a Recently Patched Vulnerability in Apple Shortcuts App Can Lead to User Data Theft - SOC Prime

Detect CVE-2024-23204 exploitation attempts, a newly patched zero-click Apple Shortcuts vulnerability, with a curated Sigma rule from SOC Prime.

SOC Prime

27.02.2024

UAC-0149 Attack Detection: Hackers Launch a Targeted Attack Against the Armed Forces of Ukraine, as CERT-UA Reports - SOC Prime

Detect the UAC-0149 targeted attack against Ukraine using COOKBOX malware with curated detection algorithms from SOC Prime Platform.

SOC Prime

23.02.2024

Earth Preta APT Attack Detection: China-Linked APT Hits Asia with DOPLUGS Malware, a New PlugX Variant - SOC Prime

Detect Earth Preta aka Mustang Panda APT attacks using DOPLUGS, a new variant of PlugX RAT, with detection algorithms from SOC Prime Platform.

SOC Prime

23.02.2024

Interview with Threat Bounty Developer – PHYO PAING HTUN - SOC Prime

Insightful interview with Phyo Paing Htun, who has been an active member of Threat Bounty program since December 2022

SOC Prime

22.02.2024

Knight Ransomware Detection: 3.0 Ransomware Source Code Available for Sale - SOC Prime

Detect Knight ransomware attacks, a rebrand of Cyclops ransomware, with a set of curated detection algorithms from the SOC Prime Platform.

SOC Prime

20.02.2024

SOC Prime Threat Bounty Digest — January 2024 Results - SOC Prime

Threat Bounty January 2024 digest - insights and top-rated detections and authors of the month.

SOC Prime

20.02.2024

CVE-2023-50358 Detection: A New Zero-Day Vulnerability in QNAP QTS and QuTS Hero Firmware - SOC Prime

Detect CVE-2023-50358 QNAP zero-day exploitation attempts with a Sigma rule in the SOC Prime Platform.

SOC Prime

16.02.2024

Nation-Backed APT Attack Detection: Microsoft and OpenAI Warn of AI Exploitation by Iranian, North Korean, Chinese, and russian Hackers - SOC Prime

Detect attacks by nation-backed APTs using AI technologies with curated detection rules from SOC Prime Platform.

SOC Prime

14.02.2024

Troll Stealer Detection: Novel Malware Actively Leveraged by North Korean Kimsuky APT - SOC Prime

Detect attacks by North Korean state-sponsored hacking group Kimsuky using Troll Stealer and GoBear malware with Sigma rules from SOC Prime Platform.

SOC Prime

10.02.2024

Volt Typhoon Attacks: Chinese Nation-Backed Actors Focus Malicious Efforts at the US Critical Infrastructure - SOC Prime

Detect Volt Typhoon attacks revealed in AA24-038A advisory by CISA, FBI, NSA, and Partners with a set of Sigma rules in the SOC Prime Platform.

SOC Prime

09.02.2024

SOC Prime Platform Now Supports the MITRE ATT&CK® Framework v14.1 - SOC Prime

SOC Prime Platform now supports MITRE ATT&CK v14.1 with current updates to tactics, techniques, and sub-techniques as per the latest framework version.

SOC Prime

07.02.2024

Mispadu Stealer Detection: A New Banking Trojan Variant Targets Mexico While Exploiting CVE-2023-36025 - SOC Prime

Detect Mispadu Stealer infections, including the latest attack exploiting CVE-2023-36025, with detection rules from SOC Prime Platform.

home›SOC Prime›Software

SOC Prime - Software

SOC Prime’s Integration Highlights with Amazon Security Lake - SOC Prime

CVE-2024-4040 Detection: A Critical CrushFTP Zero-Day Vulnerability Exploited in the Wild Targeting U.S. Organizations - SOC Prime

CVE-2024-21111 Detection: A New Critical Local Privilege Escalation Vulnerability in Oracle VirtualBox with the PoC Exploit Released - SOC Prime

Forest Blizzard aka Fancy Bear Attack Detection: russian-backed Hackers Apply a Custom GooseEgg Tool to Exploit CVE-2022-38028 in Attacks Against Ukraine, Western Europe, and North America - SOC Prime

AI SIEM Migration: Simplify, Optimize, Innovate - SOC Prime

UAC-0133 (Sandworm) Attack Detection: russia-Linked Hackers Aim to Cripple the Information and Communication Systems of 20 Critical Infrastructure Organizations Across Ukraine - SOC Prime

UAC-0149 Attacks Ukrainian Defense Forces Using Signal, CVE-2023-38831 Exploits, and COOKBOX Malware - SOC Prime

Akira Ransomware Detection: Joint Cybersecurity Advisory (CSA) AA24-109A Highlights Attacks Targeting Businesses and Critical Infrastructure in North America, Europe, and Australia - SOC Prime

UAC-0184 Abuses Messengers and Dating Websites to Proceed with Attacks Against Ukrainian Government and Military - SOC Prime

CVE-2024-3400 Detection: A Maximum Severity Command Injection PAN-OS Zero-Day Vulnerability in GlobalProtect Software - SOC Prime

CVE-2024-24576 Detection: Hackers Exploit a Maxim Severity “BatBadBut” Rust Vulnerability to Target Windows Users - SOC Prime

SOC Prime Threat Bounty Digest — March 2024 Results - SOC Prime

russian state-sponsored Hive0051 (aka UAC-0010, Gamaredon) Attack Detection: Adversaries Apply an Aggressive Infection Approach Leveraging Three Malware Branches - SOC Prime

VenomRAT Detection: A New Multi-Stage Attack Using ScrubCrypt to Deploy the Final Payload with Malicious Plugins - SOC Prime

Recognition Badges for Threat Bounty Members - SOC Prime

CVE-2024-3094 Analysis: Multi-layer Supply Chain Attack Using XZ Utils Backdoor Impacts Major Linux Distributions - SOC Prime

CVE-2023-42931 Detection: Critical macOS Vulnerability Enabling Easy Privilege Escalation and Root Access - SOC Prime

New Supply Chain Attack Detection: Hackers Apply Multiple Tactics to Target GitHub Developers Using a Fake Python Infrastructure - SOC Prime

SOC Prime Introduces Digital Badge Recognition for Threat Bounty Content Authors - SOC Prime

Kimsuky APT New Campaign Detection: North Korean Hackers Leverage Microsoft Compiled HTML Help Files in Ongoing Cyber Attacks - SOC Prime

DEEP#GOSU Attack Campaign Detection: North Korean Kimsuky APT Is Likely Behind Attacks Using PowerShell and VBScript Malware - SOC Prime

Detect ALPHA SPIDER Ransomware Attacks: TTPs Leveraged by ALPHV aka BlackCat RaaS Operators - SOC Prime

SOC Prime Threat Bounty Digest — February 2024 Results - SOC Prime

CVE-2024-21378 Detection: Vulnerability in Microsoft Outlook Leads to Authenticated Remote Code Execution - SOC Prime

TODDLERSHARK Malware Detection: Hackers Weaponize CVE-2024-1708 and CVE-2024-1709 Vulnerabilities to Deploy a New BABYSHARK Variant - SOC Prime

CVE-2024-27198 and CVE-2024-27199 Detection: Critical Vulnerabilities in JetBrains TeamCity Pose Escalating Risks with Exploits Underway - SOC Prime

Phobos Ransomware Activity Detection: Adversaries Target the Public Sector, Healthcare, and Other Critical U.S. Infrastructure - SOC Prime

DIRECTV Latin America | SOC Prime | Customer Success Story

CVE-2024-23204 Detection: Exploitation of a Recently Patched Vulnerability in Apple Shortcuts App Can Lead to User Data Theft - SOC Prime

UAC-0149 Attack Detection: Hackers Launch a Targeted Attack Against the Armed Forces of Ukraine, as CERT-UA Reports - SOC Prime

Earth Preta APT Attack Detection: China-Linked APT Hits Asia with DOPLUGS Malware, a New PlugX Variant - SOC Prime

Interview with Threat Bounty Developer – PHYO PAING HTUN - SOC Prime

Knight Ransomware Detection: 3.0 Ransomware Source Code Available for Sale - SOC Prime

SOC Prime Threat Bounty Digest — January 2024 Results - SOC Prime

CVE-2023-50358 Detection: A New Zero-Day Vulnerability in QNAP QTS and QuTS Hero Firmware - SOC Prime

Nation-Backed APT Attack Detection: Microsoft and OpenAI Warn of AI Exploitation by Iranian, North Korean, Chinese, and russian Hackers - SOC Prime

Troll Stealer Detection: Novel Malware Actively Leveraged by North Korean Kimsuky APT - SOC Prime

Volt Typhoon Attacks: Chinese Nation-Backed Actors Focus Malicious Efforts at the US Critical Infrastructure - SOC Prime

SOC Prime Platform Now Supports the MITRE ATT&CK® Framework v14.1 - SOC Prime

Mispadu Stealer Detection: A New Banking Trojan Variant Targets Mexico While Exploiting CVE-2023-36025 - SOC Prime

home
›
SOC Prime
›
Software