Detect CVE-2025-535770 exploitation attempts, a new critical Microsoft SharePoint zero-day exploited in the wild, with Sigma rules from SOC Prime Platform.

SOC Prime

29.07.2025

UAC-0001 (APT28) Attack Detection: The russia-Backed Actor Uses LLM-Powered LAMEHUG Malware to Target Security and Defense Sector | SOC Prime

Detect UAC-0001 (APT28) attacks using LLM-powered LAMEHUG malware covered in the CERT-UA#16039 alert with Sigma rules from SOC Prime Platform.

SOC Prime

29.07.2025

CVE-2025-6558 Vulnerability: Google Chrome Zero-Day Under Active Exploitation | SOC Prime

Explore details for CVE-2025-6558, a new Google Chrome zero-day vulnerability exploited in the wild, with expert insights on SOC Prime blog.

SOC Prime

16.07.2025

Interlock Ransomware Detection: Adversaries Deploy a Novel PHP-Based RAT Variant via FileFix | SOC Prime

Detect Interlock ransomware group attacks deploying a new PHP-based RAT via FileFix with curated Sigma rules from SOC Prime Platform.

SOC Prime

15.07.2025

CVE-2025-25257 Vulnerability: Critical SQL Injection in Fortinet FortiWeb Enables Unauthenticated Remote Code Execution | SOC Prime

Explore the details for CVE-2025-25257, a critical SQL injection vulnerability in FortiWeb, with an in-depth analysis on our SOC Prime blog.

SOC Prime

11.07.2025

BERT Ransomware Group Activity Detection: Attacks Across Asia, Europe, and the U.S. Targeting Windows and Linux Platforms | SOC Prime

Detect BERT ransomware attacks against your organization using a set of Sigma rules in the SOC Prime Platform.

SOC Prime

11.07.2025

CVE-2025-47981: Critical Heap-Based Buffer Overflow Vulnerability in Windows SPNEGO Extended Negotiation Leads to RCE | SOC Prime

Explore the details for the CVE-2025-47981 vulnerability in Windows SPNEGO that could lead to RCE with an in-depth analysis on SOC Prime blog.

SOC Prime

05.07.2025

CVE-2025-5777 Detection: A New Critical Vulnerability Dubbed “CitrixBleed 2” in NetScaler ADC Faces Exploitation Risk | SOC Prime

Detect CVE-2025-5777 exploitation attempts, a new critical NetScaler ADC vulnerability, with a curated Sigma rule from SOC Prime Platform.

SOC Prime

03.07.2025

CVE-2025-32463 and CVE-2025-32462: Sudo Local Privilege Escalation Vulnerabilities Threaten Linux Environments | SOC Prime

Explore details for CVE-2025-32463 and CVE-2025-32462, Sudo local privilege escalation vulnerabilities, with an analysis on SOC Prime blog.

SOC Prime

02.07.2025

SOC Prime and Anetac | SOC Prime

SOC Prime and Anetac announce partnership to strengthen identity security and combat identity-based enterprise threats.

SOC Prime

28.06.2025

CVE-2025-20281 and CVE-2025-20282 Vulnerabilities: Critical RCE Flaws in Cisco ISE and ISE-PIC Enable Root Access | SOC Prime

Explore details for CVE-2025-20281 and CVE-2025-20282, RCE vulnerabilities in Cisco ISE and ISE-PIC, with an in-depth analysis on SOC Prime blog.

SOC Prime

26.06.2025

CVE-2025-49144 Vulnerability: Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover | SOC Prime

Explore details for CVE-2025-49144, a privilege escalation vulnerability affecting Notepad++, with in-depth analysis in the SOC Prime blog.

SOC Prime

25.06.2025

UAC-0001 (APT28) Activity Detection: The russian State-Sponsored Group Targets Government Agencies Using BEARDSHELL and COVENANT Malware | SOC Prime

Detect UAC-0001 (APT28) attacks against Ukrainian state bodies using BEARDSHELL and COVENANT malware with Sigma rules from SOC Prime.

SOC Prime

20.06.2025

Mocha Manakin Attack Detection: Hackers Spread a Custom NodeJS Backdoor Dubbed NodeInitRAT Using the Paste-and-Run Technique | SOC Prime

Detect Mocha Manakin past-and-run attacks spreading a custom NodeJS backdoor, NodeInitRAT, with Sigma rules from SOC Prime Platform.

SOC Prime

20.06.2025

CVE-2025-6018 and CVE-2025-6019 Vulnerability Exploitation: Chaining Local Privilege Escalation Flaws Lets Attackers Gain Root Access on Most Linux Distributions | SOC Prime

Explore the details of CVE-2025-6019 and CVE-2025-6018 exploit chain that can enable root access on Linux distros with insights on SOC Prime blog.

SOC Prime

19.06.2025

AI Threat Intelligence | SOC Prime

Dive into AI in threat intelligence, benefits, use cases, future trends, and how SOC Prime shapes next-gen defense with AI at its core on our blog.

SOC Prime

18.06.2025

GrayAlpha Operation Detection: The Fin7-Affiliated Group Spreads PowerNet Loader, NetSupport RAT, and MaskBat Loader | SOC Prime

Detect GrayAlpha operation spreading PowerNet Loader, NetSupport RAT and MaskBat Loader with Sigma rules from SOC Prime Platform.

SOC Prime

17.06.2025

CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking | SOC Prime

Explore the details for CVE-2025-4123, a patched Grafana zero-day vulnerability enabling account takeover, with insights on SOC Prime blog.

SOC Prime

17.06.2025

What Are the Predictions of AI in Cybersecurity? | SOC Prime

Explore the future of AI in cybersecurity, the role of cybersecurity predictive analytics, and how to stay ahead with the details on SOC Prime blog.

SOC Prime

14.06.2025

Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent Access and Ransomware Deployment | SOC Prime

Detect attacks exploiting SimpleHelp RMM software using CVE-2024-57727 and other flaws by DragonForce actors with Sigma rules from SOC Prime Platform.

SOC Prime

13.06.2025

Detect DNS Threats in Google SecOps: Katz Stealer Rule Conversion with Uncoder AI | SOC Prime

Translate Sigma DNS rules into Google SecOps UDM queries to detect Katz Stealer domain activity in enterprise environments.

SOC Prime

13.06.2025

Linux Syscall Threat Detection in Splunk with Uncoder AI | SOC Prime

Use Uncoder AI to convert Sigma syscall rules into Splunk SPL for detecting mknod-based persistence in Linux systems

SOC Prime

13.06.2025

From Sigma to SentinelOne: Detecting Password Access via Notepad with Uncoder AI | SOC Prime

Detect Notepad access to password files by translating Sigma rules into SentinelOne event queries using Uncoder AI

SOC Prime

13.06.2025

AI-Powered Query Validation for Cortex XSIAM Detection | SOC Prime

Use Uncoder AI to validate and optimize Palo Alto Cortex XSIAM queries with AI-driven syntax and logic analysis.

SOC Prime

13.06.2025

Cross-Platform Rule Translation: From Sigma to CrowdStrike with Uncoder AI | SOC Prime

Translate Sigma rules to CrowdStrike Endpoint Search with AI-powered accuracy for detecting suspicious Deno file activity.

SOC Prime

13.06.2025

Convert Sigma DNS Rules to Cortex XSIAM with Uncoder AI | SOC Prime

Use Uncoder AI to convert Sigma DNS rules into Palo Alto Cortex XSIAM queries for Katz Stealer domain detection

SOC Prime

13.06.2025

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an AI Agent | SOC Prime

Explore the CVE-2025-32711 analysis, causing a zero-click attack on an AI agent, with the details on SOC Prime blog and relevant Sigma rules.

SOC Prime

13.06.2025

Sigma-to-MDE Query Conversion: DNS Detection for Katz Stealer via Uncoder AI | SOC Prime

Detect Katz Stealer domains by converting Sigma DNS rules into Microsoft Defender for Endpoint queries using Uncoder AI

SOC Prime

13.06.2025

Detect Linux Reconnaissance in Microsoft Sentinel with Sigma-to-KQL Conversion | SOC Prime

Convert Linux Sigma rules for sysinfo syscall into Microsoft Sentinel queries using Uncoder AI to catch discovery techniques

SOC Prime

13.06.2025

AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI | SOC Prime

Automatically validate and optimize Microsoft Sentinel KQL detection logic using AI-generated analysis and performance tips.

SOC Prime

12.06.2025

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges | SOC Prime

Explore CVE-2025-33073, a Windows SMB client elevation of privileges vulnerability, with overview and mitigation tips in the SOC Prime blog.

SOC Prime

12.06.2025

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group | SOC Prime

Explore the details of CVE-2025-33053 vulnerability, an actively exploited zero-day flaw in WebDAV, with a deep analysis on SOC Prime blog.

SOC Prime

11.06.2025

How AI Can Be Used in Threat Detection | SOC Prime

Learn about AI threat detection, explore its benefits, concepts, and use cases, and discover how SOC Prime overcomes risks with ethical AI.

SOC Prime

07.06.2025

IOC Intelligence to Google SecOps: Automated Conversion with Uncoder AI | SOC Prime

Convert IOC-based threat reports into Google SecOps Query (UDM) rules with AI-powered detection logic generation.

SOC Prime

07.06.2025

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild | SOC Prime

Explore the details of CVE-2025-5419 vulnerability in Google Chrome V8 exploited in the wild, with an in-depth analysis on SOC Prime blog.

SOC Prime

06.06.2025

AI-Validated Hostname Filtering for Chronicle Queries | SOC Prime

Uncoder AI analyzes and optimizes Google SecOps hostname queries for faster Chronicle UDM detection logic and field-level accuracy.

home›SOC Prime›Software

SOC Prime - Software

CVE-2025-8292: Use-After-Free Vulnerability in Google Chrome Leads to RCE and System Compromise | SOC Prime

Koske Malware Detection: New AI-Generated Linux Threat in the Wild | SOC Prime

Epsilon Red Ransomware Detection: New Adversary Campaign Targeting Users Globally via ClickFix | SOC Prime

Interlock Ransomware Detection: The FBI, CISA, and Partners Issue Joint Alert on Massive Attacks via the ClickFix Social Engineering Technique | SOC Prime

CVE-2025-53770 Detection: Microsoft SharePoint Zero-Day Vulnerability Is Actively Exploited for RCE Attacks | SOC Prime

UAC-0001 (APT28) Attack Detection: The russia-Backed Actor Uses LLM-Powered LAMEHUG Malware to Target Security and Defense Sector | SOC Prime

CVE-2025-6558 Vulnerability: Google Chrome Zero-Day Under Active Exploitation | SOC Prime

Interlock Ransomware Detection: Adversaries Deploy a Novel PHP-Based RAT Variant via FileFix | SOC Prime

CVE-2025-25257 Vulnerability: Critical SQL Injection in Fortinet FortiWeb Enables Unauthenticated Remote Code Execution | SOC Prime

BERT Ransomware Group Activity Detection: Attacks Across Asia, Europe, and the U.S. Targeting Windows and Linux Platforms | SOC Prime

CVE-2025-47981: Critical Heap-Based Buffer Overflow Vulnerability in Windows SPNEGO Extended Negotiation Leads to RCE | SOC Prime

CVE-2025-5777 Detection: A New Critical Vulnerability Dubbed “CitrixBleed 2” in NetScaler ADC Faces Exploitation Risk | SOC Prime

CVE-2025-32463 and CVE-2025-32462: Sudo Local Privilege Escalation Vulnerabilities Threaten Linux Environments | SOC Prime

SOC Prime and Anetac | SOC Prime

CVE-2025-20281 and CVE-2025-20282 Vulnerabilities: Critical RCE Flaws in Cisco ISE and ISE-PIC Enable Root Access | SOC Prime

CVE-2025-49144 Vulnerability: Critical Privilege Escalation Flaw in Notepad++ Leads to Full System Takeover | SOC Prime

UAC-0001 (APT28) Activity Detection: The russian State-Sponsored Group Targets Government Agencies Using BEARDSHELL and COVENANT Malware | SOC Prime

Mocha Manakin Attack Detection: Hackers Spread a Custom NodeJS Backdoor Dubbed NodeInitRAT Using the Paste-and-Run Technique | SOC Prime

CVE-2025-6018 and CVE-2025-6019 Vulnerability Exploitation: Chaining Local Privilege Escalation Flaws Lets Attackers Gain Root Access on Most Linux Distributions | SOC Prime

AI Threat Intelligence | SOC Prime

GrayAlpha Operation Detection: The Fin7-Affiliated Group Spreads PowerNet Loader, NetSupport RAT, and MaskBat Loader | SOC Prime

CVE-2025-4123 Vulnerability: “The Grafana Ghost” Zero-Day Enables Malicious Account Hijacking | SOC Prime

What Are the Predictions of AI in Cybersecurity? | SOC Prime

Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent Access and Ransomware Deployment | SOC Prime

Detect DNS Threats in Google SecOps: Katz Stealer Rule Conversion with Uncoder AI | SOC Prime

Linux Syscall Threat Detection in Splunk with Uncoder AI | SOC Prime

From Sigma to SentinelOne: Detecting Password Access via Notepad with Uncoder AI | SOC Prime

AI-Powered Query Validation for Cortex XSIAM Detection | SOC Prime

Cross-Platform Rule Translation: From Sigma to CrowdStrike with Uncoder AI | SOC Prime

Convert Sigma DNS Rules to Cortex XSIAM with Uncoder AI | SOC Prime

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an AI Agent | SOC Prime

Sigma-to-MDE Query Conversion: DNS Detection for Katz Stealer via Uncoder AI | SOC Prime

Detect Linux Reconnaissance in Microsoft Sentinel with Sigma-to-KQL Conversion | SOC Prime

AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI | SOC Prime

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges | SOC Prime

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group | SOC Prime

How AI Can Be Used in Threat Detection | SOC Prime

IOC Intelligence to Google SecOps: Automated Conversion with Uncoder AI | SOC Prime

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild | SOC Prime

AI-Validated Hostname Filtering for Chronicle Queries | SOC Prime

home
›
SOC Prime
›
Software