SOC Prime
@socprime.com
The world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community.
A novel SesameOp backdoor abuses OpenAI Assistants API as a stealth C2 channel in recent malware attacks. Proactively defend against potential intrusions with a new Sigma rule available in our SOC Prime Platform.
socprime.com/blog/sesameo...
socprime.com/blog/sesameo...
SesameOp Backdoor Detection: Microsoft Discovers New Malware Abusing OpenAI Assistants API in Cyber-Attacks | SOC Prime
Detect SesameOp backdoor, a novel malware that exploits OpenAI Assistants API as a stealth C2 channel, with a curated Sigma rule from SOC Prime Platform.
socprime.com
November 6, 2025 at 1:34 PM
A novel SesameOp backdoor abuses OpenAI Assistants API as a stealth C2 channel in recent malware attacks. Proactively defend against potential intrusions with a new Sigma rule available in our SOC Prime Platform.
socprime.com/blog/sesameo...
socprime.com/blog/sesameo...
SOC Prime has secured strategic investment to accelerate AI-powered cyber defense transformation.
socprime.com/news/soc-pri...
socprime.com/news/soc-pri...
November 5, 2025 at 8:44 AM
SOC Prime has secured strategic investment to accelerate AI-powered cyber defense transformation.
socprime.com/news/soc-pri...
socprime.com/news/soc-pri...
Security isn’t a checkbox — it’s who we are. SOC Prime has achieved SOC 2 Type II compliance for the 5th year in a row, proving our continued dedication to the highest security standards.
👉 Read more: socprime.com/news/soc-pri...
👉 Read more: socprime.com/news/soc-pri...
SOC Prime Marks 5 Years of Continuous SOC 2 Type II Compliance | SOC Prime
SOC Prime completes the SOC 2 Type II audit for the fifth consecutive year, proving our commitment to high cybersecurity standards.
socprime.com
October 31, 2025 at 3:29 PM
Security isn’t a checkbox — it’s who we are. SOC Prime has achieved SOC 2 Type II compliance for the 5th year in a row, proving our continued dedication to the highest security standards.
👉 Read more: socprime.com/news/soc-pri...
👉 Read more: socprime.com/news/soc-pri...
CVE-2025-59287, a new critical RCE vulnerability in Microsoft WSUS systems, is under active exploitation. With a PoC out, rapid detection is a must. Timely spot exploitation attempts with curated detections from SOC Prime Platform.
socprime.com/blog/cve-202...
socprime.com/blog/cve-202...
CVE-2025-59287 Detection: A Critical Unauthenticated RCE Vulnerability in Microsoft WSUS Under Active Exploitation | SOC Prime
Detect CVE-2025-59287 exploitation attempts, a new critical RCE vulnerability in Microsoft WSUS, with curated Sigma rules from SOC Prime Platform.
socprime.com
October 30, 2025 at 3:49 PM
CVE-2025-59287, a new critical RCE vulnerability in Microsoft WSUS systems, is under active exploitation. With a PoC out, rapid detection is a must. Timely spot exploitation attempts with curated detections from SOC Prime Platform.
socprime.com/blog/cve-202...
socprime.com/blog/cve-202...
Struggling to tackle a technical challenge, issue, or task in SIEM, EDR, or Data Lake? Check out Knowledge Bits by SOC Prime experts for crisp, actionable insights to solve common hurdles.
🔗 socprime.com/blog/#knowle...
🔗 socprime.com/blog/#knowle...
October 27, 2025 at 4:43 PM
Struggling to tackle a technical challenge, issue, or task in SIEM, EDR, or Data Lake? Check out Knowledge Bits by SOC Prime experts for crisp, actionable insights to solve common hurdles.
🔗 socprime.com/blog/#knowle...
🔗 socprime.com/blog/#knowle...
Complex attacks don’t follow a straight line — are you seeing the full chain?
Attack Flow v3.0.0 by Center for Threat-Informed Defense is a game-changing approach to visualizing threat behavior. SOC Prime takes it further.
🔗 socprime.com/blog/attack-...
#mirte #cybersecurity #threatintelligence
Attack Flow v3.0.0 by Center for Threat-Informed Defense is a game-changing approach to visualizing threat behavior. SOC Prime takes it further.
🔗 socprime.com/blog/attack-...
#mirte #cybersecurity #threatintelligence
MITRE Attack Flow v3.0.0 | SOC Prime
Learn how MITRE Attack Flow v3.0.0 empowers security teams to visualize, analyze, and defend against complex threats with insights from SOC Prime Blog.
socprime.com
October 22, 2025 at 1:27 PM
Complex attacks don’t follow a straight line — are you seeing the full chain?
Attack Flow v3.0.0 by Center for Threat-Informed Defense is a game-changing approach to visualizing threat behavior. SOC Prime takes it further.
🔗 socprime.com/blog/attack-...
#mirte #cybersecurity #threatintelligence
Attack Flow v3.0.0 by Center for Threat-Informed Defense is a game-changing approach to visualizing threat behavior. SOC Prime takes it further.
🔗 socprime.com/blog/attack-...
#mirte #cybersecurity #threatintelligence
CERT-UA reports a new spearphishing campaign by UA-0239 targeting the Ukrainian Defense Forces and local government bodies, deploying OrcaC2 and FILEMESS stealer. Detect attacks with curated Sigma rules available in the SOC Prime Platform.
socprime.com/blog/uac-023...
socprime.com/blog/uac-023...
UAC-0239 Activity Detection: Targeted Spearphishing Attacks Against Defense Forces and State Bodies of Ukraine via the OrcaC2 Framework and FILEMESS Stealer | SOC Prime
Detect UAC-0239 activity against defense and state agencies via OrcaC2 framework and FILEMESS stealer with Sigma rules from SOC Prime Platform.
socprime.com
October 16, 2025 at 1:45 PM
CERT-UA reports a new spearphishing campaign by UA-0239 targeting the Ukrainian Defense Forces and local government bodies, deploying OrcaC2 and FILEMESS stealer. Detect attacks with curated Sigma rules available in the SOC Prime Platform.
socprime.com/blog/uac-023...
socprime.com/blog/uac-023...
Storm-1175 group exploits CVE-2025-10035, a critical GoAnywhere MFT vulnerability enabling command injection & RCE, followed by deployment of Medusa ransomware. Stay ahead of the threat with curated detection content from SOC Prime Platform.
socprime.com/blog/detect-...
socprime.com/blog/detect-...
CVE-2025-10035 Detection: Storm-1175 Exploits a Critical Fortra GoAnywhere MFT Vulnerability to Deploy Medusa Ransomware | SOC Prime
Detect CVE-2025-10035 exploitation attempts, a critical GoAnywhere vulnerability used by the Storm-1175 group, with Sigma rules from SOC Prime Platform.
socprime.com
October 10, 2025 at 12:55 PM
Storm-1175 group exploits CVE-2025-10035, a critical GoAnywhere MFT vulnerability enabling command injection & RCE, followed by deployment of Medusa ransomware. Stay ahead of the threat with curated detection content from SOC Prime Platform.
socprime.com/blog/detect-...
socprime.com/blog/detect-...
Oracle has released an emergency update to address a critical RCE vulnerability (CVE-2025-61882) in its E-Business Suite, which has been actively exploited in recent Cl0p ransomware data theft attacks.
socprime.com/blog/cve-202...
#cybersecurity #infosec
socprime.com/blog/cve-202...
#cybersecurity #infosec
CVE-2025-61882 Vulnerability Detection: A Critical Oracle E-Business Suite Zero-Day Exploited in Cl0p Data Theft Attacks | SOC Prime
Detect CVE-2025-61882 exploitation attempts, a critical zero-day vulnerability in Oracle EBS, using Sigma rules in the SOC Prime Platform.
socprime.com
October 8, 2025 at 11:34 AM
Oracle has released an emergency update to address a critical RCE vulnerability (CVE-2025-61882) in its E-Business Suite, which has been actively exploited in recent Cl0p ransomware data theft attacks.
socprime.com/blog/cve-202...
#cybersecurity #infosec
socprime.com/blog/cve-202...
#cybersecurity #infosec
AI ransomware on the rise! FunkLocker is a new AI-based ransomware strain by FunkLocker that has already hit 100+ organizations in the U.S., Europe, and Asia. Stay ahead of ransomware attacks with curated detection rules from SOC Prime Platform.
buff.ly/IJ3ZSFG
#cybersecurity #infosec
buff.ly/IJ3ZSFG
#cybersecurity #infosec
October 3, 2025 at 10:11 AM
AI ransomware on the rise! FunkLocker is a new AI-based ransomware strain by FunkLocker that has already hit 100+ organizations in the U.S., Europe, and Asia. Stay ahead of ransomware attacks with curated detection rules from SOC Prime Platform.
buff.ly/IJ3ZSFG
#cybersecurity #infosec
buff.ly/IJ3ZSFG
#cybersecurity #infosec
CERT-UA warns defenders of targeted attacks against the Ukrainian military entities by the UAC-0245 threat group using CABINETRAT backdoor spread via Excel XLL add-ins shared over Signal. Detect malicious activity with Sigma rules in the SOC Prime Platform.
buff.ly/9cI0sZH
#cybersecurity #infosec
buff.ly/9cI0sZH
#cybersecurity #infosec
October 2, 2025 at 9:54 AM
CERT-UA warns defenders of targeted attacks against the Ukrainian military entities by the UAC-0245 threat group using CABINETRAT backdoor spread via Excel XLL add-ins shared over Signal. Detect malicious activity with Sigma rules in the SOC Prime Platform.
buff.ly/9cI0sZH
#cybersecurity #infosec
buff.ly/9cI0sZH
#cybersecurity #infosec
Rely on zero-trust, multi-cloud, and cost-efficient security operations backed by AWS and SOC Prime innovation to future-proof your cyber resilience.
my.socprime.com/amazon-web-s...
my.socprime.com/amazon-web-s...
SOC Prime’s Center of Excellence for Amazon AWS
Rely on the power of SOC Prime & AWS to drive a transformational change in cyber defense backed by zero-trust and cost-efficient security operations.
my.socprime.com
September 30, 2025 at 1:40 PM
Rely on zero-trust, multi-cloud, and cost-efficient security operations backed by AWS and SOC Prime innovation to future-proof your cyber resilience.
my.socprime.com/amazon-web-s...
my.socprime.com/amazon-web-s...
Detect BRICKSTORM, a stealthy backdoor used by China-nexus UNC5221 APT in targeted cyber-espionage campaigns against U.S. legal & tech firms, with the latest CTI and curated Sigma rules in the SOC Prime Platform.
socprime.com/blog/brickst...
socprime.com/blog/brickst...
BRICKSTORM Malware Detection: UNC5221 and Related China-Backed Actors Target U.S. Legal and Tech Sectors | SOC Prime
Detect BRICKSTORM malware used in stealthy attacks by UNC5221 to target U.S. legal and tech firms with Sigma rules from SOC Prme Platform.
socprime.com
September 26, 2025 at 6:47 PM
Detect BRICKSTORM, a stealthy backdoor used by China-nexus UNC5221 APT in targeted cyber-espionage campaigns against U.S. legal & tech firms, with the latest CTI and curated Sigma rules in the SOC Prime Platform.
socprime.com/blog/brickst...
socprime.com/blog/brickst...
LTIMindtree saved 4,000 hours per year on threat research and detection content coding using SOC Prime Platform.
Explore more at: socprime.com/customer-suc...
Explore more at: socprime.com/customer-suc...
September 26, 2025 at 12:35 PM
LTIMindtree saved 4,000 hours per year on threat research and detection content coding using SOC Prime Platform.
Explore more at: socprime.com/customer-suc...
Explore more at: socprime.com/customer-suc...
The latest CISA alert warns of a major threat posed by CVE-2024-36401, an unauthenticated RCE vulnerability in GeoServer exploited to breach a U.S. federal agency. Detect related TTPs using a set of Sigma rules in the SOC Prime Platform.
socprime.com/blog/detect-...
#cybersecurity #infosec
socprime.com/blog/detect-...
#cybersecurity #infosec
CISA Alert AA25-266A: Detecting Malicious Activity Linked to the U.S. Federal Agency Breach via Unpatched GeoServer (CVE-2024-36401) | SOC Prime
Detect attacks exploiting CVE-2024-36401, linked to the U.S. federal agency breach covered in CISA’s AA25-266A alert, with Sigma rules from SOC Prime.
socprime.com
September 24, 2025 at 3:13 PM
The latest CISA alert warns of a major threat posed by CVE-2024-36401, an unauthenticated RCE vulnerability in GeoServer exploited to breach a U.S. federal agency. Detect related TTPs using a set of Sigma rules in the SOC Prime Platform.
socprime.com/blog/detect-...
#cybersecurity #infosec
socprime.com/blog/detect-...
#cybersecurity #infosec
Whether you're searching by threat actors, TTPs, CVE IDs, log source names, event IDs, or any other query, Light Search helps you find exactly what you need across the world's largest library on detection algorithms.
Start now: tdm.socprime.com/light-search/
Start now: tdm.socprime.com/light-search/
September 22, 2025 at 4:15 PM
Whether you're searching by threat actors, TTPs, CVE IDs, log source names, event IDs, or any other query, Light Search helps you find exactly what you need across the world's largest library on detection algorithms.
Start now: tdm.socprime.com/light-search/
Start now: tdm.socprime.com/light-search/
Discover prioritized SIEM use cases with Attack Detective. Save time and effort to seamlessly configure and deploy them to generate low-noise, high-value alerts tailored to your threat profile.
my.socprime.com/rules-for-al...
my.socprime.com/rules-for-al...
September 19, 2025 at 12:52 PM
Discover prioritized SIEM use cases with Attack Detective. Save time and effort to seamlessly configure and deploy them to generate low-noise, high-value alerts tailored to your threat profile.
my.socprime.com/rules-for-al...
my.socprime.com/rules-for-al...
Outsmart adversaries with SOC Prime's hands-on training based on real-life scenarios. Dive into critical concepts, improve practical skills, and accelerate threat hunting and detection engineering maturity through enhanced expertise.
Learn more: my.socprime.com/detection-en...
Learn more: my.socprime.com/detection-en...
September 17, 2025 at 3:38 PM
Outsmart adversaries with SOC Prime's hands-on training based on real-life scenarios. Dive into critical concepts, improve practical skills, and accelerate threat hunting and detection engineering maturity through enhanced expertise.
Learn more: my.socprime.com/detection-en...
Learn more: my.socprime.com/detection-en...
Maranhão Stealer targets gamers via cloud-hosted pirated software, using social engineering, reflective DLL injection, and advanced stealth methods to hijack credentials and crypto wallets. Detect attacks with Sigma rules from SOC Prime Platform.
socprime.com/blog/maranha...
#cybersecurity
socprime.com/blog/maranha...
#cybersecurity
Maranhão Stealer Detection: New Node.js-Based Information-Stealing Malware Applies Reflective DLL Injection | SOC Prime
Detect Maranhão stealer that uses reflective DLL injection to steal login credentials with curated Sigma rules from SOC Prime Platform.
socprime.com
September 16, 2025 at 3:09 PM
Maranhão Stealer targets gamers via cloud-hosted pirated software, using social engineering, reflective DLL injection, and advanced stealth methods to hijack credentials and crypto wallets. Detect attacks with Sigma rules from SOC Prime Platform.
socprime.com/blog/maranha...
#cybersecurity
socprime.com/blog/maranha...
#cybersecurity
Deliver high-margin, scalable services to new and existing customers while relying on your in-house engineering team. Learn how to empower your #MDR offerings with SOC Prime’s cutting-edge technologies.
my.socprime.com/mdr-partners/
#MSSP #SOC #SOCservices #cybersecurity #BlueTeam
my.socprime.com/mdr-partners/
#MSSP #SOC #SOCservices #cybersecurity #BlueTeam
September 12, 2025 at 2:39 PM
Deliver high-margin, scalable services to new and existing customers while relying on your in-house engineering team. Learn how to empower your #MDR offerings with SOC Prime’s cutting-edge technologies.
my.socprime.com/mdr-partners/
#MSSP #SOC #SOCservices #cybersecurity #BlueTeam
my.socprime.com/mdr-partners/
#MSSP #SOC #SOCservices #cybersecurity #BlueTeam
The new Gentlemen ransomware group exploits privileged accounts and evades defenses with advanced techniques targeting critical organizations in 17+ countries. Proactively detect ransomware attacks with curated Sigma rules from SOC Prime Platform.
buff.ly/Apfdhao
#cybersecurity #infosec
buff.ly/Apfdhao
#cybersecurity #infosec
The Gentlemen Ransomware Detection: New Adversary Campaign Abuses Group Policies and Uses Advanced Tools to Target Critical Organizations | SOC Prime
Detect the Gentlemen ransomware used in a new advanced adversary campaign against global organizations with Sigma rules from SOC Prime Platform.
socprime.com
September 11, 2025 at 2:34 PM
The new Gentlemen ransomware group exploits privileged accounts and evades defenses with advanced techniques targeting critical organizations in 17+ countries. Proactively detect ransomware attacks with curated Sigma rules from SOC Prime Platform.
buff.ly/Apfdhao
#cybersecurity #infosec
buff.ly/Apfdhao
#cybersecurity #infosec
Knowledge Bits are bite-sized insights by SOC Prime experts to resolve common SIEM, EDR, and Data Lake hurdles.
🔸 Dive in now: buff.ly/B3QYjMs
🔸 Dive in now: buff.ly/B3QYjMs
September 10, 2025 at 3:27 PM
Knowledge Bits are bite-sized insights by SOC Prime experts to resolve common SIEM, EDR, and Data Lake hurdles.
🔸 Dive in now: buff.ly/B3QYjMs
🔸 Dive in now: buff.ly/B3QYjMs
Detect MostereRAT attacks, a stealthy phishing-driven threat leveraging AnyDesk and TightVNC to sustain long-term control over compromised Windows systems, using Sigma rules in the SOC Prime Platform.
buff.ly/YDwd2WN
buff.ly/YDwd2WN
MostereRAT Detection: Attackers Abuse AnyDesk and TightVNC for Persistent Access on Windows Systems | SOC Prime
Detect MostereRAT that employs advanced evasion techniques and is deployed via AnyDesk and TightVNC with Sigma rules from SOC Prime Platform.
socprime.com
September 9, 2025 at 4:24 PM
Detect MostereRAT attacks, a stealthy phishing-driven threat leveraging AnyDesk and TightVNC to sustain long-term control over compromised Windows systems, using Sigma rules in the SOC Prime Platform.
buff.ly/YDwd2WN
buff.ly/YDwd2WN
Check out our guide on the MITRE ATT&CK® Exfiltration tactic, featuring top detection & prevention methods, plus relevant Sigma rules.
What Is Data Exfiltration? MITRE ATT&CK® Exfiltration Tactic | TA0010 | SOC Prime
Exfiltration is a common MITRE ATT&CK tactic used by attackers to steal sensitive data. Explore key concepts and how to detect dangerous data leaks.
buff.ly
September 5, 2025 at 4:04 PM
Check out our guide on the MITRE ATT&CK® Exfiltration tactic, featuring top detection & prevention methods, plus relevant Sigma rules.
North Korea’s Lazarus Group is back with new tricks! Hackers rely on social engineering, exploit suspected Chrome zero-day to deploy new RATs targeting financial and crypto sectors. Detect associated malicious activity with Sigma rules in the SOC Prime Platform. socprime.com/blog/detect-...
Lazarus Group Attack Detection: Hackers Expand Their Toolkit with PondRAT, ThemeForestRAT, and RemotePE Malware Strains | SOC Prime
Detect Lazarus Group attacks leveraging PondRAT, ThemeForestRAT, and RemotePE RATs using a set of Sigma rules in the SOC Prime Platform.
socprime.com
September 5, 2025 at 10:46 AM
North Korea’s Lazarus Group is back with new tricks! Hackers rely on social engineering, exploit suspected Chrome zero-day to deploy new RATs targeting financial and crypto sectors. Detect associated malicious activity with Sigma rules in the SOC Prime Platform. socprime.com/blog/detect-...