Detect Interlock ransomware used in big-game hunting and double-extortion attacks against the U.S. and Europe with Sigma rules from SOC Prime Platform.

SOC Prime

12.11.2024

From Beginner to Pro: Your Successful Path in Threat Bounty - SOC Prime

Get the insights to succeed in SOC Prime Threat Bounty. Boost your earnings, grow your reputation, and create impactful detections

SOC Prime

07.11.2024

Stealthy Strela Stealer Detection: Info-Stealing Malware Resurfaces with Enhanced Capabilities to Target Central and Southwestern Europe - SOC Prime

Detect Strela Stealer malware, which uses obfuscated JavaScript and PowerShell commands to evade detection, with Sigma rules from SOC Prime Platform.

SOC Prime

01.11.2024

UAC-0050 Phishing Attack Detection: The russia-Backed Group Massively Spreads Tax-Related Phishing Emails and Exploit LITEMANAGER - SOC Prime

Detect UAC-0050 attacks leveraging tax-related phishing and exploiting LITEMANAGER with a set of Sigma rules in the SOC Prime Platform.

SOC Prime

01.11.2024

Practical Guide to Converting IOCs to SIEM Queries with Uncoder AI - SOC Prime

Learn how Uncoder AI automates IOC conversion into SIEM-specific queries reducing manual work and enabling teams to focus on strategic threat detection

SOC Prime

30.10.2024

UAC-0001 aka APT28 Attack Detection: Leveraging PowerShell Command in Clipboard as Initial Entry Point - SOC Prime

Detect UAC-0001 aka APT28 attacks leveraging a PowerShell command in slipboard as an initial entry point using Sigma rules from SOC Prime.

SOC Prime

29.10.2024

CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks - SOC Prime

Detect CVE-2024-47575, a new FortiManager vulnerability exploited in zero-day attacks and leading to RCE with a Sigma rule from SOC Prime.

SOC Prime

26.10.2024

UAC-0218 Attack Detection: Adversaries Steal Files Using HOMESTEEL Malware - SOC Prime

Detect UAC-0218 attacks against Ukraine using HOMESTEEL malware and covered in the CERT-UA#11717 alert with Sigma rules from SOC Prime.

SOC Prime

25.10.2024

“Rogue RDP” Attack Detection: UAC-0215 Leverages RDP Configuration Files to Gain Remote Access to Ukrainian Public Sector Computers - SOC Prime

Detect “Rogue RDP” attacks by the UAC-0215 hacking group covered in the CERT-UA#11690 alert using a set of Sigma rules from SOC Prime Platform.

SOC Prime

22.10.2024

Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations - SOC Prime

Detect brute force and credential access activity linked to Iranian hackers and covered in the AA24-290A alert with Sigma rules from SOC Prime Platform.

SOC Prime

19.10.2024

MEDUZASTEALER Detection: Hackers Distribute Malware Masquerading the Sender as Reserve+ Technical Support via Telegram Messaging Service - SOC Prime

Detect MEDUZASTEALER malware spread via Telegram masquerading the sender as Reserve+ technical support with Sigma rules from SOC Prime.

SOC Prime

18.10.2024

How MSSPs and MDRs Can Maximize Threat Detection Efficiency with Uncoder AI - SOC Prime

Discover how MSSPs and MDRs can streamline threat detection with Uncoder AI to improve operational efficiency

SOC Prime

17.10.2024

UAC-0050 Attack Detection: russia-Backed APT Performs Cyber Espionage, Financial Crimes, and Disinformation Operations Against Ukraine - SOC Prime

Detect UAC-0050 attacks focused on cyber espionage, financial theft, and operations under the "Fire Cells Group" brand with Sigma rules from SOC Prime.

SOC Prime

17.10.2024

Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE and Gulf Region - SOC Prime

Detect Earth Simnavaz (aka APT34) attacks using the Windows Kernel vulnerability to target Middle East with Sigma rules from SOC Prime.

SOC Prime

11.10.2024

LemonDuck Malware Detection: Exploits CVE-2017-0144 and Other Microsoft's Server Message BlockSMB Vulnerabilities for Cryptocurrency Mining - SOC Prime

Detect LemonDuck malware, exploiting EternalBlue and other SMB vulnerabilities to attack Windows servers, with Sigma rules from SOC Prime Platform.

SOC Prime

09.10.2024

SOC Prime Threat Bounty Digest — September 2024 Results - SOC Prime

Threat Bounty Program insights on released content and review process, five top-rated rules and authors as of September 2024

SOC Prime

09.10.2024

Shrouded#Sleep Campaign Detection: North Korean Hackers Linked to the APT37 Group Use New VeilShell Malware Targeting Southeast Asia - SOC Prime

Detect the SHROUDED#SLEEP campaign linked to the North Korean APT37 and spreading VeilShell RAT with Sigma rules from SOC Prime.

SOC Prime

09.10.2024

SOC Prime Successfully Completes SOC 2 Type II Compliance - SOC Prime

SOC Prime completes the SOC 2 Type II audit for the fourth consecutive year, reaffirming its commitment to high cybersecurity standards.

SOC Prime

08.10.2024

Uncoder AI: A Guide on Contributing Detection Rules to SOC Prime Platform via Threat Bounty Program - SOC Prime

Learn step by step how to contribute detection rules to SOC Prime with Uncoder AI as a Threat Bounty Program member.

SOC Prime

02.10.2024

Detecting CUPS Exploits: Critical Security Vulnerabilities in Linux and Unix Systems Allow Remote Code Execution - SOC Prime

Detect a critical RCE vulnerability exploit chain in CUPS affecting Linux systems with a set of curated Sigma rules from SOC Prime.

SOC Prime

02.10.2024

Uncoder for Flexible Threat Detection: From Cloud to Air-Gapped Networks - SOC Prime

Learn how the on-prem version of Uncoder IO helps security teams with threat detection while keeping critical data secure.

SOC Prime

27.09.2024

Gamaredon Attack Detection: Cyber-Espionage Operations Against Ukraine by the russia-linked APT - SOC Prime

Detect Gamaredon (aka Hive0051 or Armageddon APT) cyber-espionage operations against Ukraine with a set of Sigma rules from SOC Prime.

SOC Prime

26.09.2024

SnipBot Detection: A New RomCom Malware Variant Leverages a Custom Code Obfuscation Method and Sophisticated Evasion Techniques - SOC Prime

Detect SnipBot, a new RomCom malware variant with advanced code obfuscation features using a set of Sigma rules from SOC Prime Platform.

SOC Prime

25.09.2024

Vendor-Agnostic Cybersecurity: Adapting to the Future of Threat Detection - SOC Prime

Discover how a vendor-agnostic approach and Uncoder AI help security teams adapt to evolving technologies and enhance threat detection.

SOC Prime

24.09.2024

Earth Baxia Attack Detection: China-Backed Hackers Use Spear-Phishing, Exploit the GeoServer Vulnerability (CVE-2024-36401), and Apply a New EAGLEDOOR Malware to Target APAC - SOC Prime

Detect Earth Baxia attacks against APAC by exploiting a GeoServer flaw and using a new EAGLEDOOR backdoor with Sigma rules from SOC Prime.

SOC Prime

18.09.2024

CVE-2024-6670 and CVE-2024-6671 Detection: RCE Attacks Exploiting Critical SQL Injection Vulnerabilities in WhatsUp Gold - SOC Prime

Detect CVE-2024-6670 and CVE-2024-6671 exploitation attempts, WhatsUp Gold SQL injection vulnerabilities, with Sigma rules from SOC Prime.

SOC Prime

18.09.2024

Celebrating Detection Engineering Excellence - SOC Prime

SOC Prime launches digital badges to recognize top Threat Bounty Program members mastering Uncoder AI.

SOC Prime

14.09.2024

RansomHub Ransomware Detection: Attackers Exploits Kaspersky’s TDSSKiller to Disable EDR Systems - SOC Prime

Detect RansomHub ransomware attacks leveraging TDSSKiller tool with a set of Sigma rules in the SOC Prime Platform.

SOC Prime

12.09.2024

SOC Prime Threat Bounty Digest — August 2024 Results - SOC Prime

Threat Bounty August 2024 digest - five top-rated rules and authors, updates on rules release, and upcoming news

SOC Prime

11.09.2024

Repellent Scorpius: Novel RaaS Group Actively Distributes Cicada3301 Ransomware Variant - SOC Prime

Detect Cicada3301 ransomware attacks orchestrated by Repellent Scorpius RaaS group with Sigma rules from SOC Prime.

SOC Prime

07.09.2024

Unit 29155 Attacks Detection: russia-Affiliated Military Intelligence Division Targets Critical Infrastructure Globally - SOC Prime

Detect Unit 29155 attacks targeting critical infrastructure sectors worldwide using Sigma rules in the SOC Prime Platform.

SOC Prime

05.09.2024

Detect WikiLoader Attacks: Adversaries Leverage Fake GlobalProtect VPN Software to Deliver a New Malware Variant via SEO Poisoning - SOC Prime

Detect WikiLoader backdoor delivered via spoofed GlobalProtect VPN and SEO poisoning with a set of Sigma rules in the SOC Prime Platform.

SOC Prime

03.09.2024

RansomHub Detection: The FBI, CISA, and Partners Warn Against a Growing RaaS Variant Targeting Critical Infrastructure Organizations - SOC Prime

Detect RansomHub attacks against critical infrastructure organizations covered in the AA24-242A alert with curated Sigma rules from SOC Prime.

SOC Prime

30.08.2024

Pioneer Kitten Attack Detection: CISA, DC3, and FBI Warn of Iranian State-Sponsored Actors Collaborating With Ransomware Gangs to Target U.S. and Middle East - SOC Prime

Detect Pioneer Kitten attacks targeting U.S. and Middle East with Sigma rules in the SOC Prime Platform.

SOC Prime

28.08.2024

PEAKLIGHT Malware Detection: New Stealthy Downloader Leveraged in Attacks Against Windows Systems - SOC Prime

Detect PEAKLIGHT malware, a new downloader used in attacks against Windows users, leveraging a set of Sigma rules in the SOC Prime Platform.

home›SOC Prime›Software

SOC Prime - Software

BianLian Ransomware Detection: AA23-136A Joint Cybersecurity Advisory Details on TTPs Leveraged by BianLian Operators in the Ongoing Malicious Campaigns - SOC Prime

Fickle Stealer Malware Detection: New Rust-Based Stealer Disguises as Legitimate Software to Steal Data from Compromised Devices - SOC Prime

PXA Stealer Detection: Vietnamese Hackers Hit the Public and Education Sectors in Europe and Asia - SOC Prime

New Remcos RAT Activity Detection: Phishing Campaign Spreading a Novel Fileless Malware Variant - SOC Prime

SOC Prime Threat Bounty Digest — October 2024 Results - SOC Prime

Interlock Ransomware Detection: High-Profile and Double-Extortion Attacks Using a New Ransomware Variant - SOC Prime

From Beginner to Pro: Your Successful Path in Threat Bounty - SOC Prime

Stealthy Strela Stealer Detection: Info-Stealing Malware Resurfaces with Enhanced Capabilities to Target Central and Southwestern Europe - SOC Prime

UAC-0050 Phishing Attack Detection: The russia-Backed Group Massively Spreads Tax-Related Phishing Emails and Exploit LITEMANAGER - SOC Prime

Practical Guide to Converting IOCs to SIEM Queries with Uncoder AI - SOC Prime

UAC-0001 aka APT28 Attack Detection: Leveraging PowerShell Command in Clipboard as Initial Entry Point - SOC Prime

CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks - SOC Prime

UAC-0218 Attack Detection: Adversaries Steal Files Using HOMESTEEL Malware - SOC Prime

“Rogue RDP” Attack Detection: UAC-0215 Leverages RDP Configuration Files to Gain Remote Access to Ukrainian Public Sector Computers - SOC Prime

Detect Brute Force and Credential Access Activity Linked to Iranian Hackers: The FBI, CISA, and Partners Warn Defenders of Growing Attacks Against Critical Infrastructure Organizations - SOC Prime

MEDUZASTEALER Detection: Hackers Distribute Malware Masquerading the Sender as Reserve+ Technical Support via Telegram Messaging Service - SOC Prime

How MSSPs and MDRs Can Maximize Threat Detection Efficiency with Uncoder AI - SOC Prime

UAC-0050 Attack Detection: russia-Backed APT Performs Cyber Espionage, Financial Crimes, and Disinformation Operations Against Ukraine - SOC Prime

Earth Simnavaz (aka APT34) Attack Detection: Iranian Hackers Leverage Windows Kernel Vulnerability to Target UAE and Gulf Region - SOC Prime

LemonDuck Malware Detection: Exploits CVE-2017-0144 and Other Microsoft's Server Message BlockSMB Vulnerabilities for Cryptocurrency Mining - SOC Prime

SOC Prime Threat Bounty Digest — September 2024 Results - SOC Prime

Shrouded#Sleep Campaign Detection: North Korean Hackers Linked to the APT37 Group Use New VeilShell Malware Targeting Southeast Asia - SOC Prime

SOC Prime Successfully Completes SOC 2 Type II Compliance - SOC Prime

Uncoder AI: A Guide on Contributing Detection Rules to SOC Prime Platform via Threat Bounty Program - SOC Prime

Detecting CUPS Exploits: Critical Security Vulnerabilities in Linux and Unix Systems Allow Remote Code Execution - SOC Prime

Uncoder for Flexible Threat Detection: From Cloud to Air-Gapped Networks - SOC Prime

Gamaredon Attack Detection: Cyber-Espionage Operations Against Ukraine by the russia-linked APT - SOC Prime

SnipBot Detection: A New RomCom Malware Variant Leverages a Custom Code Obfuscation Method and Sophisticated Evasion Techniques - SOC Prime

Vendor-Agnostic Cybersecurity: Adapting to the Future of Threat Detection - SOC Prime

Earth Baxia Attack Detection: China-Backed Hackers Use Spear-Phishing, Exploit the GeoServer Vulnerability (CVE-2024-36401), and Apply a New EAGLEDOOR Malware to Target APAC - SOC Prime

CVE-2024-6670 and CVE-2024-6671 Detection: RCE Attacks Exploiting Critical SQL Injection Vulnerabilities in WhatsUp Gold - SOC Prime

Celebrating Detection Engineering Excellence - SOC Prime

RansomHub Ransomware Detection: Attackers Exploits Kaspersky’s TDSSKiller to Disable EDR Systems - SOC Prime

SOC Prime Threat Bounty Digest — August 2024 Results - SOC Prime

Repellent Scorpius: Novel RaaS Group Actively Distributes Cicada3301 Ransomware Variant - SOC Prime

Unit 29155 Attacks Detection: russia-Affiliated Military Intelligence Division Targets Critical Infrastructure Globally - SOC Prime

Detect WikiLoader Attacks: Adversaries Leverage Fake GlobalProtect VPN Software to Deliver a New Malware Variant via SEO Poisoning - SOC Prime

RansomHub Detection: The FBI, CISA, and Partners Warn Against a Growing RaaS Variant Targeting Critical Infrastructure Organizations - SOC Prime

Pioneer Kitten Attack Detection: CISA, DC3, and FBI Warn of Iranian State-Sponsored Actors Collaborating With Ransomware Gangs to Target U.S. and Middle East - SOC Prime

PEAKLIGHT Malware Detection: New Stealthy Downloader Leveraged in Attacks Against Windows Systems - SOC Prime

home
›
SOC Prime
›
Software