Mastodawn

SOC Prime Apr 3, 2025

In March, #CERTUA observed cyber-espionage attacks against Ukrainian state bodies and critical infrastructure by #UAC0219 spreading #WRECKSTEEL stealer for data theft. Detect potential intrusions with #Sigma rules from SOC Prime Platform.
https://socprime.com/blog/detect-uac-0219-attacks-against-ukrainian-state-bodies/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post

UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL - SOC Prime

Detect UAC-0219 attacks with Powershell stealer WRECKSTEEL covered in the CERT-UA#14283 alert with Sigma rules from SOC Prime Platform.

SOC Prime