web analytics

socprime.com

socprime.com
Detecting Covert curl Usage with Uncoder AI’s Decision Tree in Carbon Black – Source: socprime.com
Detecting Covert curl Usage with Uncoder AI’s Decision Tree in Carbon Black – Source: socprime.com
Source: socprime.com - Author: Steven Edwards When attackers repurpose legitimate binaries like curl.exe to tunnel through...
socprime.com
CVE-2025-31324 Detection: SAP NetWeaver Zero-Day Under Active Exploitation Exposes Critical Systems to Remote Code Execution  – Source: socprime.com
CVE-2025-31324 Detection: SAP NetWeaver Zero-Day Under Active Exploitation Exposes Critical Systems to Remote Code Execution  – Source: socprime.com
Source: socprime.com - Author: Daryna Olyniychuk Zero-day vulnerabilities are no longer rare anomalies—they’re now a core...
socprime.com
Visualizing clfs.sys Threat Activity in Microsoft Defender with Uncoder AI’s Decision Tree – Source: socprime.com
Visualizing clfs.sys Threat Activity in Microsoft Defender with Uncoder AI’s Decision Tree – Source: socprime.com
Source: socprime.com - Author: Steven Edwards Loading legitimate system drivers from illegitimate or suspicious directories is...
socprime.com
Detecting NimScan Execution with Uncoder AI’s Decision Tree for Cortex XQL – Source: socprime.com
Detecting NimScan Execution with Uncoder AI’s Decision Tree for Cortex XQL – Source: socprime.com
Source: socprime.com - Author: Steven Edwards Potentially Unwanted Applications (PUAs) like NimScan are increasingly used by...
socprime.com
Detecting Covert TOR Access in Microsoft Sentinel with Uncoder AI’s Decision Tree – Source: socprime.com
Detecting Covert TOR Access in Microsoft Sentinel with Uncoder AI’s Decision Tree – Source: socprime.com
Source: socprime.com - Author: Steven Edwards When malware like the Kalambur backdoor leverages native tools like...
socprime.com
Exposing Event Log Tampering with Uncoder AI’s AI Decision Tree for Splunk Queries – Source: socprime.com
Exposing Event Log Tampering with Uncoder AI’s AI Decision Tree for Splunk Queries – Source: socprime.com
Source: socprime.com - Author: Steven Edwards One of the more advanced tactics in attacker playbooks is...
socprime.com
CrowdStrike Child Process Detection Enhanced by Uncoder AI’s Short Summary – Source: socprime.com
CrowdStrike Child Process Detection Enhanced by Uncoder AI’s Short Summary – Source: socprime.com
Source: socprime.com - Author: Steven Edwards CrushFTP is a popular file transfer application, but in the...
socprime.com
Exposing Suspicious Scripting via CrushFTP with Uncoder AI in Microsoft Defender – Source: socprime.com
Exposing Suspicious Scripting via CrushFTP with Uncoder AI in Microsoft Defender – Source: socprime.com
Source: socprime.com - Author: Steven Edwards File transfer services like CrushFTP are critical for business operations—but...
socprime.com
Detecting Suspicious LNK Whitespace Obfuscation in Carbon Black with Uncoder AI – Source: socprime.com
Detecting Suspicious LNK Whitespace Obfuscation in Carbon Black with Uncoder AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards In modern cyberattacks, attackers rely not only on payloads but...
socprime.com
How Uncoder AI Clarifies CVE-2024-35250 Detection in Cortex XSIAM – Source: socprime.com
How Uncoder AI Clarifies CVE-2024-35250 Detection in Cortex XSIAM – Source: socprime.com
Source: socprime.com - Author: Steven Edwards When new CVEs drop, defenders race to understand how attackers...
socprime.com
Detecting NimScan Activity in SentinelOne with Uncoder AI – Source: socprime.com
Detecting NimScan Activity in SentinelOne with Uncoder AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards Potentially Unwanted Applications (PUAs) like NimScan.exe can silently operate within...
socprime.com
Uncovering PUA: NimScan Activity with Full Summary in Uncoder AI – Source: socprime.com
Uncovering PUA: NimScan Activity with Full Summary in Uncoder AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards In threat detection, time is everything. Especially when identifying tools...
socprime.com
Password Discovery via Notepad: How Uncoder AI Simplifies SPL Detection Logic – Source: socprime.com
Password Discovery via Notepad: How Uncoder AI Simplifies SPL Detection Logic – Source: socprime.com
Source: socprime.com - Author: Steven Edwards Attackers often use trusted tools like Notepad to discreetly access...
socprime.com
Uncoder AI Automates Cross-Language Rule Translation with Hybrid AI – Source: socprime.com
Uncoder AI Automates Cross-Language Rule Translation with Hybrid AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Translating detection logic across security platforms is...
socprime.com
Rule/Query Full Summary with AI – Source: socprime.com
Rule/Query Full Summary with AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Modern detection rules often involve intricate logic,...
socprime.com
AI-Powered Query Optimization in Uncoder AI – Source: socprime.com
AI-Powered Query Optimization in Uncoder AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Long and complex detection queries — especially...
socprime.com
Short AI Summaries Make Complex Detection Instantly Understandable – Source: socprime.com
Short AI Summaries Make Complex Detection Instantly Understandable – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Detection rules are growing more complex —...
socprime.com
Rule/Query’s Decision Tree Summarization with AI – Source: socprime.com
Rule/Query’s Decision Tree Summarization with AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Complex threat detection queries can often become...
socprime.com
CVE-2025-32432: Critical Craft CMS Vulnerability Is Actively Exploited in Zero-Day Attacks, Leads to Remote Code Execution – Source: socprime.com
CVE-2025-32432: Critical Craft CMS Vulnerability Is Actively Exploited in Zero-Day Attacks, Leads to Remote Code Execution – Source: socprime.com
Source: socprime.com - Author: Daryna Olyniychuk Following the disclosure of the Command Center CVE-2025-34028 vulnerability, researchers...
socprime.com
Access Uncoder AI Functionality via API – Source: socprime.com
Access Uncoder AI Functionality via API – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works The Uncoder AI API provides access to...
socprime.com
Hot OSINT Indicators – Source: socprime.com
Hot OSINT Indicators – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works The “Hot OSINT Indicators” tab within Uncoder...
socprime.com
Use Case Documentation from Uncoder AI – Source: socprime.com
Use Case Documentation from Uncoder AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Managing detection use cases across tools can...
socprime.com
Rule Deployment into a Data Plane – Source: socprime.com
Rule Deployment into a Data Plane – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Uncoder AI supports native integration with Microsoft...
socprime.com
Rule Customization On The Fly – Source: socprime.com
Rule Customization On The Fly – Source: socprime.com
Source: socprime.com - Author: Steven Edwards WRITTEN BY Steven Edwards Technical Writer [post-views] April 25, 2025...
socprime.com
Save Detection Code & Metadata to Custom Repositories – Source: socprime.com
Save Detection Code & Metadata to Custom Repositories – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works This feature allows detection engineers to store...
socprime.com
Search Threat Detection Marketplace from Uncoder AI – Source: socprime.com
Search Threat Detection Marketplace from Uncoder AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Uncoder AI integrates native search across the...
socprime.com
ToyMaker Activity Detection: Initial Access Brokers Compromise Hosts in Critical Infrastructure Organizations via SSH and File Transfer Utilities – Source: socprime.com
ToyMaker Activity Detection: Initial Access Brokers Compromise Hosts in Critical Infrastructure Organizations via SSH and File Transfer Utilities – Source: socprime.com
Source: socprime.com - Author: Veronika Telychko In recent years, the surge in cyber-attacks has been fueled...
socprime.com
Convenient Detection Code Editor for Uncoder AI – Source: socprime.com
Convenient Detection Code Editor for Uncoder AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Uncoder AI acts as a modern integrated...
socprime.com
Supercharge Detection Content into Roota Format with AI – Source: socprime.com
Supercharge Detection Content into Roota Format with AI – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Platform-specific rules or queries—such as those written...
socprime.com
Translate from Sigma into 48 Languages – Source: socprime.com
Translate from Sigma into 48 Languages – Source: socprime.com
Source: socprime.com - Author: Steven Edwards How It Works Uncoder AI makes it easy to translate...

Latest News

CSO - Online
Ransomware upstart ‘The Gentlemen’ raises the stakes for OT‑heavy sectors – Source: www.csoonline.com
Ransomware upstart ‘The Gentlemen’ raises the stakes for OT‑heavy sectors – Source: www.csoonline.com
CSO - Online
What the Salesloft Drift breaches reveal about 4th-party risk – Source: www.csoonline.com
What the Salesloft Drift breaches reveal about 4th-party risk – Source: www.csoonline.com
CSO - Online
6 hot cybersecurity trends – Source: www.csoonline.com
6 hot cybersecurity trends – Source: www.csoonline.com
securelist.com
Notes of cyber inspector: three clusters of threat in cyberspace – Source: securelist.com
Notes of cyber inspector: three clusters of threat in cyberspace – Source: securelist.com
securityweek.com
Adobe Patches Critical ColdFusion and Commerce Vulnerabilities – Source: www.securityweek.com
Adobe Patches Critical ColdFusion and Commerce Vulnerabilities – Source: www.securityweek.com
securityweek.com
Exposed Docker APIs Likely Exploited to Build Botnet – Source: www.securityweek.com
Exposed Docker APIs Likely Exploited to Build Botnet – Source: www.securityweek.com