Blog

Latest articles from SOCRadar

Apache HTTP Server Vulnerability CVE-2023-25690: PoC Available
May 26, 2023

Apache HTTP Server Vulnerability CVE-2023-25690: PoC Available

The Apache Foundation announced on March 7, 2023, that they had addressed CVE-2023-25690 in Apache HTTP Server 2.4.56. The fix, implemented on March 5, prevents control characters from being included in a proxied request. This vulnerability had a CVSS score… Continue Reading

Key to Achieving a Stronger Cybersecurity Posture: Zero Trust Policy
May 26, 2023

Key to Achieving a Stronger Cybersecurity Posture: Zero Trust Policy

In recent years, we have seen countless high-profile data breaches that have left businesses and individuals vulnerable. To combat these threats, there is one most effective security policy: Zero Trust (ZT). This powerful security concept is gaining traction… Continue Reading

Guarding the Gates: An Exploration of the Top 10 Supply Chain Attacks
May 25, 2023

Guarding the Gates: An Exploration of the Top 10 Supply Chain Attacks

Once upon a time, an anxious emperor, having heard a prophecy of his daughter's demise by a snakebite, ordered the construction of an isolated fortress. This was the Maiden's Tower, rising from the heart of… Continue Reading

Luxottica Data Leak Exposes Over 70M Customers' Data
May 25, 2023

Luxottica Data Leak Exposes Over 70M Customers’ Data

Luxottica, the world's largest eyewear company, has revealed that it was the victim of a major cyber attack. The attack exposed the personal information of over 70 million customers on hacking forums. The major brands Luxottica owns include… Continue Reading

ChatGPT for CTI Professionals
May 23, 2023

ChatGPT for CTI Professionals

In 1950, Alan Turing, the father of modern computing, asked, "Can machines think?" Over the years, that question has evolved into a quest for inventing machines that can understand and generate human-like text and has… Continue Reading

May 22, 2023

Credit Card, RDP Access, Health, and Business Data Sales

Welcome to this week's edition of our dark web news summary, where we bring you the latest updates on the clandestine world of cybercrime. This week's headlines shed light on the alarming activities within the… Continue Reading

G7: Cybersecurity Reflections
May 18, 2023

G7: Cybersecurity Reflections

The G7 Cybersecurity Summit 2023 is just around the corner and is being held in Hiroshima, Japan, which is a city that was devastated by an atomic bomb attack in 1945, now serves as a… Continue Reading

Unlock Industry-Specific Cyber Insights: Industry Threat Landscape Report
May 18, 2023

Unlock Industry-Specific Cyber Insights: Industry Threat Landscape Report

Industry cyber threat landscape means the perspective of distinct cybersecurity threats targeting the related industry. The threat landscape of an industry could change accordingly since cyber threats constantly evolve through time. A detailed industry threat… Continue Reading

5 Lessons Learned from Healthcare Industry Cyberattacks in 2022
May 16, 2023

5 Lessons Learned from Healthcare Industry Cyberattacks in 2022

Like other critical infrastructures, the healthcare industry is frequently targeted by cyberattacks. The attacks in the healthcare vertical have begun to increase in recent years due to security vulnerabilities triggered by changes in procedures during… Continue Reading

May 15, 2023

VMware Vulnerability Exploit, Invicta Stealer, and Source Code Sales

This week's headlines feature some developments that highlight the ongoing threats posed by cybercriminals. First up, we have news of a remote code execution exploit for VMware Workspace ONE that has been shared on the… Continue Reading

May 11, 2023

Cyber Deception at the Ballot Box: Unmasking the Phishing Epidemic in Election Campaigns

During periods of elections, people's desire to obtain knowledge is outstanding, and they are overloaded with messages varying from fliers to social media advertisements. Campaigns for candidates raise tensions, and social balances are more sensitive… Continue Reading

May 11, 2023

Scammers Distribute Malware via Verified Account Ads on Facebook

Scamming campaigns frequently involve threat actors impersonating businesses or significant individuals. However, a recent trend of Facebook ad scams has been especially threatening, with scammers potentially infecting a large number of people with malware. Several… Continue Reading

Increased Healthcare Security Breaches in 2022
May 10, 2023

Increased Healthcare Security Breaches in 2022

Data from the US government shows that there has been a significant increase in healthcare security breaches.  At least 125 data breaches of healthcare organizations have been reported since the beginning of April, according to a list… Continue Reading

May 10, 2023

Microsoft’s May 2023 Patch Tuesday Addresses Three Zero-Day Vulnerabilities

Microsoft has released the May 2023 Patch Tuesday update and it addresses 40 security vulnerabilities. The patch addresses six critical vulnerabilities and three zero-day vulnerabilities, two of which are actively exploited. The following is a… Continue Reading

May 10, 2023

Ever-Changing Tactics on Social Engineering

In today's digital age, cyber threats are becoming increasingly common, and one of the most prevalent types of attacks is phishing. Phishing involves tricking people into giving away their personal or confidential information by posing… Continue Reading

Dark Web Profile: KillNet Anonymous Sudan
May 9, 2023

Dark Web Profile: KillNet Anonymous Sudan

While Anonymous is a decentralized, anti-political cyber hacktivist movement, and typically anyone can claim to work under the Anonymous banner, groups like Anonymous Russia are not aligned with mainstream and western-based Anonymous groups and support… Continue Reading

Money Message Ransomware Leaks MSI Signing Keys for Intel Boot Guard
May 9, 2023

Money Message Ransomware Leaks MSI Signing Keys for Intel Boot Guard

MSI, a leading Taiwanese PC manufacturer, suffered a ransomware attack last month. The threat actors behind the attack, the Money Message gang, published the company's private code signing keys on a dark website last week for double extortion. In… Continue Reading

May 8, 2023

Vocalcom Ransomware Attack, Credit Card Sales, and Botnet Services

This week, we have some troubling news to share, like always. We've learned that half a million credit cards belonging to Brazilians are up for sale on the dark web. In addition, an American shop… Continue Reading

Cactus Ransomware Employs Unique Encryption Techniques to Avoid Detection
May 8, 2023

Cactus Ransomware Employs Unique Encryption Techniques to Avoid Detection

Researchers discovered a new ransomware group called Cactus, operating since at least March 2023. Cactus steals data and encrypts files like other ransomware operations but uses a different method to avoid detection. Cactus, according to researchers,… Continue Reading

Top 7 Must-watch Talks at RSA Conference 2023
May 5, 2023

Top 7 Must-watch Talks at RSA Conference 2023

The RSA Conference 2023 is set to be one of the biggest and most exciting cybersecurity events of the year. With over 500 sessions scheduled, attendees will have plenty of opportunities to learn from some of the brightest minds… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo