Blog

Latest articles from SOCRadar

October 24, 2022

The Week in Dark Web – 24 October 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ Threat actors continued to sell databases and access to organizations' systems on hacker forums last week. Check out the latest dark web summary and see what's happening on the dark side. Find… Continue Reading

Ursnif Malware Moving to Ransomware Operations from Bank Account Theft
October 21, 2022

Ursnif Malware Moving to Ransomware Operations from Bank Account Theft

Ursnif (a.k.a. Gozi), a former banking trojan, has been repurposed as a generic backdoor. Threat actors could use the new variant to distribute ransomware.  Mandiant researchers discovered Ursnif's new variant, LDR4, in late June, and they… Continue Reading

Finance Threat Landscape Report: 17.5M Credit Card Numbers Sold on Blackmarket
October 21, 2022

Finance Threat Landscape Report: 17.5M Credit Card Numbers Sold on Blackmarket

The dark web's levels of anonymity make it the ideal hub for all kinds of cybercrime activity. Finance is one of the critical industries that dark web threats impact, and threat actors frequently highlight it… Continue Reading

Details On The Largest B2B Leak: BlueBleed
October 20, 2022

Details On The Largest B2B Leak: BlueBleed

As a cyber threat intelligence company, SOCRadar's mission is to use every possible piece of information to identify and prevent cyber threats targeting our platform users. SOCRadar has been tireless in expanding its proactive defense… Continue Reading

Collective Cyber Attacks by Hacktivists: What's Going on in Iran?
October 20, 2022

Collective Cyber Attacks by Hacktivists: What’s Going on in Iran?

Iran is under the influence of a massive hacktivism attack that has recently begun and is still ongoing. The protests, which began following the death of a young Iranian woman named Masha Amini, echoed in… Continue Reading

Sensitive Data of 65,000+ Entities in 111 Countries Leaked due to a Single Misconfigured Data Bucket
October 19, 2022

Sensitive Data of 65,000+ Entities in 111 Countries Leaked due to a Single Misconfigured Data Bucket

SOCRadar has detected that sensitive data of 65,000 entities became public because of a misconfigured server. The leak includes Proof-of-Execution (PoE) and Statement of Work (SoW) documents, user information, product orders/offers, project details, PII (Personally… Continue Reading

Valuable Resources and Must-Attend Conferences for CISOs
October 18, 2022

Valuable Resources and Must-Attend Conferences for CISOs

A senior-level executive known as a "CISO" is in charge of planning and executing an extensive information security program to safeguard the company from both internal and external threats. A CISO is a senior-level executive who carries… Continue Reading

Better Protect Your Mobile App with SOCRadar MAS Module
October 18, 2022

Better Protect Your Mobile App with SOCRadar MAS Module

Threat actors use all kinds of methods to achieve their malicious goals. Mobile apps are among the most popular targets for attackers lately. Targeting a mobile app with various attack vectors has been an increasing… Continue Reading

What is Data Loss Prevention (DLP)? [Ultimate Guide]
October 17, 2022

What is Data Loss Prevention (DLP)? [Ultimate Guide]

Data loss prevention (DLP) prohibits users on a business network from transferring sensitive data outside of the network. DLP systems assist network administrators in regulating network data flow and enforcing stringent controls over private, sensitive,… Continue Reading

What are the Different Methods of Threat Detection?
October 14, 2022

What are the Different Methods of Threat Detection?

Threat detection is known as the process of evaluating a security ecosystem from top to bottom to find any malicious behavior that might compromise the network. Before a threat exploits any existing vulnerabilities, mitigating measures… Continue Reading

New Alchimist Framework Targets Windows, macOS, and Linux Systems
October 14, 2022

New Alchimist Framework Targets Windows, macOS, and Linux Systems

Researchers discovered a new post-exploit C2 framework by the name of Alchimist. The framework targets devices using Windows, Linux, and Mac operating systems; and is possibly already being used.  Alchimist can be used by attackers with… Continue Reading

SAP Fixes Critical Vulnerabilities in Commerce and Manufacturing Execution Products
October 13, 2022

SAP Fixes Critical Vulnerabilities in Commerce and Manufacturing Execution Products

SAP published its Security Patch Day document for October 2022. Five new high-severity security notes and one update, including three that address BusinessObjects information disclosure vulnerabilities and one that addresses a buffer overflow in SAP SQL Anywhere… Continue Reading

Aruba Released Patch for EdgeConnect's Critical RCE and Auth Bypass Vulnerabilities
October 13, 2022

Aruba Released Patches for EdgeConnect’s Critical Vulnerabilities

Aruba released security updates to fix several critical vulnerabilities. The vulnerabilities were found in its popular WAN management tool, EdgeConnect Enterprise Orchestrator. Successful exploitation could let a remote attacker access systems and execute commands.  Affected products:  EdgeConnect… Continue Reading

October 12, 2022

The Week in Dark Web – 12 October 2022 – Access and Database Sales

Powered by DarkMirror™ Threat actors continued to sell databases and access to organizations' systems on hacker forums last week. The dark web summary is full this week, as always. Find out if your data has… Continue Reading

Microsoft October Patch Tuesday Fixes Actively Exploited Zero Day and 13 Critical Flaws
October 12, 2022

Microsoft October Patch Tuesday Fixes Actively Exploited Zero Day and 13 Critical Flaws

Microsoft Patch Tuesday for this month fixes a total of 84 vulnerabilities, including an actively exploited zero-day flaw. All the vulnerabilities are high-severity, with 13 critical ones that could lead to remote code execution, privilege escalation, or… Continue Reading

Critical RCE Vulnerability with Max CVSS Score in VM2 Sandbox Library
October 12, 2022

Critical RCE Vulnerability with Max CVSS Score in VM2 Sandbox Library

A critical vulnerability in vm2 might let a remote attacker bypass the sandbox environment and execute shell commands on the device hosting the sandbox.  To reduce the possibility that malicious code will harm the host machine it… Continue Reading

What Skills Do You Need to Become a Better CISO?
October 11, 2022

What Skills Do You Need to Become a Better CISO?

Chief information security officers (CISO) handle data protection and management's strategic, operational, and financial aspects. These experts collaborate closely with other leaders to design an enterprise or organization's information security policies and procedures. In addition,… Continue Reading

Fortinet Critical Authentication Bypass Vulnerability Exploited in the Wild
October 11, 2022

What Do You Need to Know About Fortinet Critical Authentication Bypass Vulnerability (CVE-2022-40684)?

1. What are the CVE details and severity status of vulnerabilities?  Last week, Fortinet patched a severe authentication bypass vulnerability. The company confirmed after the patch that the vulnerability is being exploited in the wild. The CVE-2022-40684(CVSS score: 9.6)… Continue Reading

Dark Web Profile: Play Ransomware
October 10, 2022

Dark Web Profile: Play Ransomware

While cyber-attacks are increasing nowadays, threat actors seek to implement different methods and techniques as well. Ransomware is one of the most common cyber-attacks that are not new but developing a cybercrime industry that threatens… Continue Reading

BidenCash Carding Shop Returns With a Larger Credit Card Dump
October 10, 2022

BidenCash Carding Shop Returns With a Larger Credit Card Dump

BidenCash carding shop released another advertisement dump, including information on 1,221,551 credit cards. The dump is available to anyone for free. BidenCash dump download page Last month, BidenCash launched new domains in response to distributed denial-of-service… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo