CVE-2022-3602 & CVE-2022-3786: New High-Severity OpenSSL Vulnerabilities Due to a constantly evolving number of vulnerabilities affecting open-source software products, proactive detection of vulnerability exploitation remains one...
Tag: socprime
Detect CVE-2021-39144: Critical Remote Code Execution Vulnerability in VMware Cloud Foundation via XStream Open Source Library
Detect CVE-2021-39144: Critical Remote Code Execution Vulnerability in VMware Cloud Foundation via XStream Open Source Library Another day, another exploit emerges in the wild to cause...
On Demand Subscription: Drive Immediate Value From SOC Prime Platform
On Demand Subscription: Drive Immediate Value From SOC Prime Platform A community-driven approach based on Detection-as-Code principles and cutting-edge technology leveraging Sigma language and MITRE ATT&CK®...
CVE-2022-40684 Detection: A Critical Fortinet Authentication Bypass Vulnerability Exploited in the Wild
CVE-2022-40684 Detection: A Critical Fortinet Authentication Bypass Vulnerability Exploited in the Wild Heads up! A new critical vulnerability is on the radar. Fortinet has recently disclosed...
SOC Prime Threat Bounty — September 2022 Results
SOC Prime Threat Bounty — September 2022 Results September ‘22 Publications In September, members of the Threat Bounty Community submitted 441 rules for review by the...
Magniber Ransomware Detection: Threat Actors Spread JavaScript Files Targeting Windows Users
Magniber Ransomware Detection: Threat Actors Spread JavaScript Files Targeting Windows Users Throughout 2021-2022, ransomware continues to be one of the dominant trends in the cyber threat...
Interview with Threat Bounty Developer: Wirapong Petshagun
Interview with Threat Bounty Developer: Wirapong Petshagun SOC Prime Threat Bounty Program keeps uniting enthusiastic and keen detection content developers who joined the community to contribute...
Detecting Text4Shell (CVE-2022-42889), Critical RCE in Apache Commons Text
Detecting Text4Shell (CVE-2022-42889), Critical RCE in Apache Commons Text Threat actors don’t sleep, and cyber defenders cannot sleep a wink either to keep up with emerging...
RomCom Backdoor Detection: Cyber Attack on Ukrainian State Bodies Attributed to Cuba Ransomware Operators aka Tropical Scorpius (UNC2596) Group
RomCom Backdoor Detection: Cyber Attack on Ukrainian State Bodies Attributed to Cuba Ransomware Operators aka Tropical Scorpius (UNC2596) Group In May 2022, Cuba ransomware maintainers resurfaced...
Sigma2SaveLives: Equip Yourself with Curated Sigma Rules While Donating to Save Lives in Ukraine
Sigma2SaveLives: Equip Yourself with Curated Sigma Rules While Donating to Save Lives in Ukraine On April 4, 2022, SOC Prime launched Sigma2SaveLives charity subscription with 100%...
SOC Prime Achieves SOC 2 Type II Compliance for the Second Year in a Row
SOC Prime Achieves SOC 2 Type II Compliance for the Second Year in a Row Independent Audit Once Again Verifies SOC Prime’s Compliance with the SOC...
PURPLEURCHIN Campaign Detection: A New Crypto Mining Operation Massively Abuses GitHub Actions and Other Popular Free CI/CD Service Accounts
PURPLEURCHIN Campaign Detection: A New Crypto Mining Operation Massively Abuses GitHub Actions and Other Popular Free CI/CD Service Accounts With crypto mining attacks significantly increasing over...