Blog

Latest articles from SOCRadar

Lessons Learned from Education Industry Attacks in 2022
February 3, 2023

Lessons Learned from Education Industry Attacks in 2022

By SOCRadar Research The education industry covers a diverse range of organizations, including K-12 education, higher education, private and public education, science research institutes, and tutoring ranging from exam preparation to hobby courses. Furthermore, educational… Continue Reading

1,200 Redis Servers Infected by New HeadCrab Malware for Cryptomining Operations
February 2, 2023

1,200 Redis Servers Infected by New HeadCrab Malware for Cryptomining Operations

A new malware has appeared on the frontlines, targeting online Redis servers. The malware, named HeadCrab by researchers, has been active since September 2021. The malware's primary goal is to create a botnet for Monero… Continue Reading

How Can Extended Threat Intelligence Help CISO's First 100 Days?
February 2, 2023

How Can Extended Threat Intelligence Help CISO’s First 100 Days?

When the expression "first 100 days" is mentioned, we all immediately think of what a leading politician has done from the first day to the hundredth day. These "first 100 days" became iconic during Franklin… Continue Reading

What is Stealer as a Service?
February 1, 2023

What is Stealar as a Service?

By SOCRadar Research Stealer as a service is a marketing approach in which threat actors offer to sell or lease access to information-stealer tools designed to steal sensitive data from victims' devices. This model enables anyone… Continue Reading

134M Exploit Attempts: Realtek RCE Vulnerability Targeted in Large-Scale Attacks
January 31, 2023

134M Exploit Attempts: Realtek RCE Vulnerability Targeted in Large-Scale Attacks

Threat actors stepped up their efforts to exploit a remote code execution vulnerability in the Realtek Jungle SDK between August and October 2022, according to researchers. A report from Palo Alto Networks noted that the attacks targeting… Continue Reading

SOCRadar's End of Year Report: Phishing Threats in 2022
January 30, 2023

SOCRadar’s End of Year Report: Phishing Threats in 2022

The year 2022 was challenging for global cybersecurity, with waves of cyberattacks during Russia's invasion of Ukraine setting the tone for the rest of the year. This has also made it a challenging year for… Continue Reading

January 30, 2023

The Week in Dark Web – 30 January 2023 – KillNet Targets Germany!

Powered by DarkMirror™ Former DDoS provider, nowadays a pro-Russian threat actor KillNet continues targeting western organizations. Since Russia's invasion of Ukraine started, the group added many victims to its list. Last week, multiple German companies… Continue Reading

Yandex Code Repositories Leaked Allegedly by Former Employee
January 27, 2023

Yandex Code Repositories Leaked Allegedly by Former Employee

Yandex, a Russian technology company and popular search engine, has had its source code repositories leaked on a hacker forum. According to Yandex, the repositories were stolen by a former employee.  The hacker shared a magnet link with 44.7GB of data… Continue Reading

Malicious Actors in Dark Web: December 2022 Ransomware Landscape
January 27, 2023

Malicious Actors in Dark Web: December 2022 Ransomware Landscape

Ransomware is one of the more common cyberattack types in the news. Behind the scenes of ransomware, there are numerous threat actors, each with a motive. Although the motive usually includes financial gain, the threat actors… Continue Reading

CTI4SOC: Ultimate Solution to SOC Analyst's Biggest Challenges
January 26, 2023

CTI4SOC: Ultimate Solution to SOC Analyst’s Biggest Challenges 

Today's SOC analyst has a lot to deal with. All kinds of challenges await these cybersecurity professionals, who undertake the critical task of keeping organizations safe. Some of these challenges are related to the changing cybercrime… Continue Reading

January 26, 2023

Dark Web Profile: Hive Ransomware Group

by SOCRadar Research On November 8, 2021 electronics retail giant Media Markt has suffered a ransomware attack with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to… Continue Reading

Introducing Radar Pages: Major Cyber Attacks
January 26, 2023

Introducing Radar Pages: Major Cyber Attacks

Cybersecurity has grown in importance as a geopolitical factor. Cyberattacks target public and private systems each day, and the variety of attacks has grown quickly.  Cybercriminals are primarily driven by financial gain; they are looking for information… Continue Reading

VMware Patches Critical RCE Vulnerabilities in vRealize Log Insight
January 25, 2023

VMware Patches Critical RCE Vulnerabilities in vRealize Log Insight

UPDATE (February 1, 2023): Proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain has been made available by researchers. VMware patched several vulnerabilities found in its vRealize Log Insight appliance. The vulnerabilities are identified as… Continue Reading

Remote Code Execution Vulnerability in Microsoft Teams
January 24, 2023

Remote Code Execution Vulnerability in Microsoft Teams

Researchers discovered an RCE vulnerability in Microsoft Teams during Pwn2Own 2022. The application is used by a wide range of people, including professionals, and an exploit could cause significant harm to its users.  Remote code execution (RCE)… Continue Reading

January 24, 2023

The Week in Dark Web – 24 January 2023 – Access Sales and Data Leaks

Powered by DarkMirror™ Threat actors cause cybercrime to spread to a broader base with databases and unauthorized access sales. Without the ability to obtain the database, attackers can purchase personal information from other threat actors… Continue Reading

From Zero to Adversary: APTs
January 23, 2023

From Zero to Adversary: APTs

By SOCRadar Research From time to time, news hit the front pages regarding cyberattacks on significant infrastructures, such as nuclear facilities, or major companies, such as SolarWinds. These attacks are carried out by cyber threat… Continue Reading

Attackers Exploit Fortinet Zero-Day CVE-2022-42475 with BoldMove Malware
January 23, 2023

Attackers Exploit Fortinet Zero-Day CVE-2022-42475 with BoldMove Malware

Researchers have discovered a sophisticated new BoldMove malware created specifically to operate on Fortinet's FortiGate firewalls after collecting data related to a recently disclosed zero-day vulnerability in the company's FortiOS SSL-VPN technology.  A threat actor created the malware with a base… Continue Reading

PayPal Reveals Credential Stuffing Attack That Affected 35K Users
January 20, 2023

PayPal Reveals Credential Stuffing Attack That Affected 35K Users

PayPal has disclosed that it was hit by a credential stuffing attack last month. The online payment platform notifies all users whose data has been compromised due to the attack.  Hackers carry out credential stuffing attacks using… Continue Reading

CISA Warns for Vulnerabilities in Industrial Control Systems
January 19, 2023

CISA Warns for Vulnerabilities in Industrial Control Systems (ICS)

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns about multiple security vulnerabilities in GE Digital, Siemens, Contec, and Mitsubishi Electric products. The agency issued four ICS (Industry Control Systems) advisories for the vulnerabilities on January 17, 2023. The advisories mention… Continue Reading

Hydra Aftermath and the Future of Dark Web Marketplaces
January 19, 2023

Hydra Aftermath and the Future of Dark Web Marketplaces

By SOCRadar Research Russian-speaking Hydra Market was the biggest among darknet markets, with a $1B turnover in 2020. It was also the largest narcotic market among the countries of the former USSR.  With the operation started by German… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo