Blog

Latest articles from SOCRadar

Top 20 Cybersecurity Podcasts You Must Follow in 2022
October 4, 2022

Top 20 Cybersecurity Podcasts You Must Follow in 2022

Every day brings new trends and threats with it. To keep yourself, your devices, and your business safe, it is advisable to be aware of changes in the cyber landscape. Podcasts are a simple and effective… Continue Reading

October 3, 2022

The Week in Dark Web – 3 October 2022 – Data Leaks and Access Sales

Powered by DarkMirror™ Threat actors sold which companies' or governments' data on the dark web in the first week of October? Are there any access sales that attackers can use for potential breaches? Here's a… Continue Reading

Ransomware Gangs Targeting US Critical Infrastructure
October 3, 2022

Ransomware Gangs Targeting US Critical Infrastructure

Last week, notorious ransomware gangs made a splash again by targeting US critical infrastructures. One of the threat actors that victimized the defense and education sectors were the BlackCat group, also known as ALPHV, and… Continue Reading

Threat Actors Exploit Unpatched Microsoft Exchange Zero-Days
September 30, 2022

Threat Actors Exploit Unpatched Microsoft Exchange Zero-Days (ProxyNotShell)

Security experts caution about actively exploited zero-day vulnerabilities in Microsoft Exchange servers. The flaws could allow remote code execution in fully patched servers.  The two flaws are tracked by Zero Day Initiative as ZDI-CAN-18333 (CVSS score: 8.8)… Continue Reading

Dark Web Profile: Overthinker1877
September 29, 2022

Dark Web Profile: Overthinker1877

Overthinker1877 or 1877 Team have recently drawn attention for their random attacks worldwide. Although the first remarkable attack was ransomware against a Romanian news agency in May 2021, they are now on the headlines with… Continue Reading

Brute Ratel C4 Toolkit Gets Cracked and Distributed Online
September 29, 2022

Brute Ratel C4 Toolkit Gets Cracked and Distributed Online

The cracked version of Brute Ratel C4 (BRC4) is currently being distributed on hacker platforms for free. Posts spreading it have been seen in multiple hacking forums and Telegram and Discord channels. Post about cracked… Continue Reading

Critical WhatsApp Vulnerabilities Allow Attackers Remote Device Hacking
September 28, 2022

Critical WhatsApp Vulnerabilities Allow Attackers Remote Device Hacking

WhatsApp's September security update fixes two high-severity flaws that could result in remote code execution. The flaws affect WhatsApp and WhatsApp Business versions before 2.22.16.12 in iOS and Android operating systems.  To see which version is currently… Continue Reading

Threat Actors Impersonate GitHub, Zoom, and Cloudflare to Steal User Information
September 28, 2022

Threat Actors Impersonate GitHub, Zoom, and Cloudflare to Steal User Information

Hackers frequently look for ways to trick users and organizations, as the weakest link in security is the human factor. This makes phishing one of the most common entry attacks. During the last two months,… Continue Reading

Dark Web Profile: Moses Staff
September 28, 2022

Dark Web Profile: Moses Staff

Over the past months, the SOCRadar Analyst Team has been tracking the Iranian hacker group known as Moses Staff. The group was first spotted in October 2021 and claimed its motivation was to harm Israeli… Continue Reading

Top Cyber Threats Faced by the Aviation Industry
September 27, 2022

Top Cyber Threats Faced by the Aviation Industry

The aviation industry covers a broad spectrum of stakeholders, including airlines, airports, technology providers, etc. It is one of the most important critical infrastructures, with all its network, assets, and systems. It also interacts with… Continue Reading

Exmatter Tool Provides a New Strategy for Extortion
September 27, 2022

Exmatter Tool Provides a New Strategy for Extortion

Data exfiltration malware Exmatter, previously associated with the BlackMatter ransomware gang, now has data corruption capabilities. This could signify a new strategy ransomware affiliates may use in the future. Although BlackMatter affiliates have been using… Continue Reading

Threat Actors Utilize PowerPoint Files to Distribute Graphite Malware
September 27, 2022

Threat Actors Utilize PowerPoint Files to Distribute Graphite Malware

Threat actors started utilizing PowerPoint presentations as a code execution method and delivering Graphite malware in targeted attacks. APT28 (Fancy Bear), a threat actor group linked to Russia, has recently been seen using the method… Continue Reading

How to Detect & Prevent Ransomware Attacks [2022 CISO Edition]
September 26, 2022

How to Detect & Prevent Ransomware Attacks (2022 CISO Edition)

Why is Ransomware One of the First Items on the CISOs Agenda?  Rise with Pandemic With the pandemic, as we rush towards an increasingly digitized world, ransomware has become our institutions' most prevalent cyber threat. … Continue Reading

FARGO Ransomware Targets Vulnerable Microsoft SQL Servers
September 26, 2022

FARGO Ransomware Targets Vulnerable Microsoft SQL Servers

Microsoft SQL database servers are the target of a new ransomware attack campaign called FARGO ransomware. FARGO, also known as TargetCompany, aims to double-extort victims.  This year's ransomware attacks against MS-SQL instances included dropping Cobalt Strike… Continue Reading

Sophos Firewall Patch Released for Actively Exploited Critical Zero-Day RCE Vulnerability
September 26, 2022

Sophos Firewall Patch Released for Actively Exploited Zero-Day RCE Vulnerability

Sophos released a patch for a flaw discovered in their firewall product. Tracked as CVE-2022-3236 (CVSS score: 9.8), the vulnerability allows code injection in the User Portal and Webadmin components, which could result in remote code execution.… Continue Reading

September 26, 2022

The Week in Dark Web – 26 September 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ Threat actors threaten organizations by selling databases containing sensitive data and accesses that could pave the way for potential attacks. Here is the summary of this past week. Find out if your… Continue Reading

Ten Things Will Change Cybersecurity in 2023
September 23, 2022

Ten Things Will Change Cybersecurity in 2023

Businesses come across more significant cybersecurity challenges as technology evolves. The digital environment and the attack surface are changing every single day. Thus, the significance of knowing when to change priorities cannot be overstated. It… Continue Reading

A New Attack Wave Targeting Critical Magento Vulnerability
September 23, 2022

A New Attack Wave Targeting Critical Magento Vulnerability

E-commerce platform Magento has become a frequent target for hackers. More attempts have been made to exploit CVE-2022-24086 since its proof-of-concept was made available. The critical vulnerability is present in Magento 2, and it allows unauthenticated attackers to execute… Continue Reading

CISA Urges to Patch ManageEngine Against RCE Vulnerability
September 23, 2022

CISA Urges to Patch ManageEngine Against RCE Vulnerability

CISA has added a new critical vulnerability to its Known Exploited Vulnerabilities Catalog. The flaw exists in several ManageEngine products from Zoho and can lead to remote code execution on unpatched instances. The flaw, identified as CVE-2022-35405,… Continue Reading

Top 10 Threat Intelligence Resources to Follow
September 22, 2022

Top 10 Threat Intelligence Resources to Follow

Access to timely cyber threat intelligence is widely acknowledged as a crucial protection tactic in our dynamic cyber threat scenario. As a result, there has been an explosion of prospective information sources providing incredible data.… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo