SOC Prime

@[email protected]
86 Followers
24 Following
182 Posts
The only Threat Detection Marketplace where researchers monetize their content to help security teams defend against attacks faster and more efficiently.
Threat Search Enginehttps://socprime.com/
Uncoder.iohttps://uncoder.io/
LinkedInhttps://www.linkedin.com/company/soc-prime
SOC PrimeNov 13

🚨 Important Notice for SOC Prime Job Seekers

At SOC Prime, we’re proud to share that we recently secured a new round of investment. This is a milestone that reflects our continued growth and commitment to cybersecurity innovation.

However, with success often comes unwanted attention. Recently, we’ve received several reports from individuals who were contacted by people falsely claiming to represent SOC Prime in recruitment processes. These individuals are not affiliated with our company.

‼️ We want to remind everyone that:

✅ All SOC Prime recruitment activities are conducted in full compliance with international standards.

✅ We never communicate through third parties or send unsolicited invitations via Microsoft Teams or other unofficial channels.

✅ We do not ask candidates to share sensitive personal information outside of our official recruitment flow.

✅ All legitimate communication comes from our corporate email addresses and verified company profiles on professional platforms.

‼️ To stay safe, please always verify any job opportunity via our official website or trusted job platforms where SOC Prime has an official company page.

SOC PrimeNov 6

A novel SesameOp backdoor abuses OpenAI Assistants API as a stealth C2 channel in recent malware attacks. Proactively defend against potential intrusions with a new Sigma rule available in our SOC Prime Platform.

https://socprime.com/blog/sesameop-backdoor-detection/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post

SesameOp Backdoor Detection: Microsoft Discovers New Malware Abusing OpenAI Assistants API in Cyber-Attacks | SOC Prime

Detect SesameOp backdoor, a novel malware that exploits OpenAI Assistants API as a stealth C2 channel, with a curated Sigma rule from SOC Prime Platform.

SOC Prime
SOC PrimeNov 3

The russian hackers target Ukraine again in new campaigns against a major business services company and a local state body using LotL and dual-use tools & a custom Sandworm-linked webshell. Detect attacks with Sigma rules from SOC Prime Platform.

https://socprime.com/blog/russian-hackers-target-ukrainian-organizations/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post

Detect russian Attacks Targeting Ukraine: Hackers Apply the Custom Sandworm-Linked Webshell and Living-off-the-Land Tactics for Persistence | SOC Prime

Detect russian attacks targeting Ukraine using living-off-the-land and dual-use tools with curated Sigma rules from SOC Prime Platform.

SOC Prime
SOC PrimeOct 31

Security isn’t a checkbox — it’s who we are. SOC Prime has achieved SOC 2 Type II compliance for the 5th year in a row, proving our continued dedication to the highest security standards.

👉 Read more: https://socprime.com/news/soc-prime-5-years-of-soc-2-type-ii-compliance/

SOC Prime Marks 5 Years of Continuous SOC 2 Type II Compliance | SOC Prime

SOC Prime completes the SOC 2 Type II audit for the fifth consecutive year, proving our commitment to high cybersecurity standards.

SOC Prime
SOC PrimeOct 30
CVE-2025-59287, a new critical RCE vulnerability in Microsoft WSUS systems, is under active exploitation. With a PoC out, rapid detection is a must. Timely spot exploitation attempts with curated detections from SOC Prime Platform.
https://socprime.com/blog/cve-2025-59287-detection/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
CVE-2025-59287 Detection: A Critical Unauthenticated RCE Vulnerability in Microsoft WSUS Under Active Exploitation | SOC Prime

Detect CVE-2025-59287 exploitation attempts, a new critical RCE vulnerability in Microsoft WSUS, with curated Sigma rules from SOC Prime Platform.

SOC Prime
SOC PrimeOct 22

Complex attacks don’t follow a straight line — are you seeing the full chain?

Attack Flow v3.0.0 by Center for Threat-Informed Defense is a game-changing approach to visualizing threat behavior. SOC Prime takes it further.

🔗 https://socprime.com/blog/attack-flow-v3/

#mirte #cybersecurity #threatintelligence

MITRE Attack Flow v3.0.0 | SOC Prime

Learn how MITRE Attack Flow v3.0.0 empowers security teams to visualize, analyze, and defend against complex threats with insights from SOC Prime Blog.

SOC Prime
SOC PrimeOct 16
CERT-UA reports a new spearphishing campaign by UA-0239 targeting the Ukrainian Defense Forces and local government bodies, deploying OrcaC2 and FILEMESS stealer. Detect attacks with curated Sigma rules available in the SOC Prime Platform.
https://socprime.com/blog/uac-0239-attack-detection/?utm_source=mastodon&utm_medium=social&utm_campaign=cert-ua&utm_content=blog-post
UAC-0239 Activity Detection: Targeted Spearphishing Attacks Against Defense Forces and State Bodies of Ukraine via the OrcaC2 Framework and FILEMESS Stealer  | SOC Prime

Detect UAC-0239 activity against defense and state agencies via OrcaC2 framework and FILEMESS stealer with Sigma rules from SOC Prime Platform.

SOC Prime
SOC PrimeOct 10
Storm-1175 group exploits CVE-2025-10035, a critical GoAnywhere MFT vulnerability enabling command injection & RCE, followed by deployment of Medusa ransomware. Stay ahead of the threat with curated detection content from SOC Prime Platform.
https://socprime.com/blog/detect-cve-2025-10035-exploitation/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
CVE-2025-10035 Detection: Storm-1175 Exploits a Critical Fortra GoAnywhere MFT Vulnerability to Deploy Medusa Ransomware | SOC Prime

Detect CVE-2025-10035 exploitation attempts, a critical GoAnywhere vulnerability used by the Storm-1175 group, with Sigma rules from SOC Prime Platform.

SOC Prime
SOC PrimeOct 8

Oracle has released an emergency update to address a critical RCE vulnerability (CVE-2025-61882) in its E-Business Suite, which has been actively exploited in recent Cl0p ransomware data theft attacks. Detect potential exploitation attempts using a set of Sigma rules in the SOC Prime Platform.

https://socprime.com/blog/cve-2025-61882-zero-day-vulnerability/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post

CVE-2025-61882 Vulnerability Detection: A Critical Oracle E-Business Suite Zero-Day Exploited in Cl0p Data Theft Attacks | SOC Prime

Detect CVE-2025-61882 exploitation attempts, a critical zero-day vulnerability in Oracle EBS, using Sigma rules in the SOC Prime Platform.

SOC Prime
SOC PrimeOct 3
AI ransomware on the rise! FunkLocker is a new AI-based ransomware strain by FunkLocker that has already hit 100+ organizations in the U.S., Europe, and Asia. Stay ahead of ransomware attacks with curated detection rules from SOC Prime Platform.
https://socprime.com/blog/detect-funklocker-ransomware-by-funksec/?utm_source=mastodon&utm_medium=social&utm_campaign=latest-threats&utm_content=blog-post
FunkLocker Ransomware Detection: FunkSec  Operators Leverage AI to Target U.S., Europe, and Asia | SOC Prime

Detect FunkLocker ransomware by FunkSec using AI and targeting 100+ organizations in U.S., Europe, and Asia with Sigma rules from SOC Prime Platform.

SOC Prime