Blog

Latest articles from SOCRadar

Exploitation Attempts Observed for Critical ownCloud Vulnerabilities (CVE-2023-49103, CVE-2023-49104, CVE-2023-49105)
November 28, 2023

Exploitation Attempts Observed for Critical ownCloud Vulnerability (CVE-2023-49103)

Exploitation activity targeting ownCloud with the CVE-2023-49103 vulnerability has been observed, raising concerns within the cybersecurity community. ownCloud, renowned as an open-source file server facilitating secure storage, file-sharing, and collaboration, recently drew attention due to… Continue Reading

Hacker Forums Are on the Rise: Dumped, Raiding, BlackForums
November 27, 2023

Hacker Forums Are on the Rise: Dumped, Raiding, BlackForums

Recently, cyberspace has witnessed a surge of activity, particularly within the hacktivist space, traditionally active on Telegram and Twitter. As this landscape becomes increasingly volatile, some hacktivist groups are shifting their focus to traditional web… Continue Reading

Dark Strom’s Android RAT, Sales of Financial Data and UK RDP Access, SiegedSec's Government Breach
November 27, 2023

Dark Strom’s Android RAT, Sales of Financial Data and UK RDP Access, SiegedSec’s Government Breach

The SOCRadar Dark Web Team unveils a fresh wave of illicit activities as the relentless pace of dark web threats persists. Recognized threat actors have made significant moves: SiegedSec claims access to sensitive government data,… Continue Reading

Dark Peep #6: Don't You Like the Bar? Fine, Just Hack It!
November 24, 2023

Dark Peep #6: Don’t You Like the Bar? Fine, Just Hack It!

Greetings, just like Bitcoin goes up and down momentarily, the Dark Web can go crazy and calm down from time to time. In this issue, the Dark Web events that the SOCRadar team has been… Continue Reading

2023 Review of the CISA Known Exploited Vulnerabilities (KEV) Catalog
November 24, 2023

2023 Review of the CISA Known Exploited Vulnerabilities (KEV) Catalog

Cybersecurity is a constant back-and-forth between the defenders and the threat actors, all centered around finding vulnerabilities in software. Playing a crucial role in defending against the vulnerabilities is the Cybersecurity & Infrastructure Security Agency… Continue Reading

APT Profile: Volt Typhoon
November 23, 2023

APT Profile: Volt Typhoon

As cyber currents ebb and flow, a storm named Volt Typhoon surges from the digital depths. This isn't your typical tempest from the sea but a state-sponsored maelstrom with a tendency for espionage. Volt Typhoon,… Continue Reading

cisa-alert-serious-vulnerabilities-in-adobe-coldfusion-cve-2023-44350-cve-2023-44351-cve-2023-44353-and-more
November 23, 2023

CISA Alert: Serious Vulnerabilities in Adobe ColdFusion (CVE-2023-44350, CVE-2023-44351, CVE-2023-44353 and More)

CISA has issued an alert regarding multiple vulnerabilities impacting Adobe ColdFusion. The alert underscores that the exploitation of the vulnerabilities could grant threat actors control over affected systems, prompting organizations to take measures to protect… Continue Reading

Atlassian Patches RCE Vulnerabilities in Bamboo & Crowd Data Center and Server: CVE-2023-22516, CVE-2023-22521
November 22, 2023

Atlassian Patches RCE Vulnerabilities in Bamboo & Crowd Data Center and Server: CVE-2023-22516, CVE-2023-22521

Atlassian has urgently issued security advisories for two separate products: Bamboo Data Center and Server, and Crowd Data Center and Server. The announcement states that they have addressed the CVE-2023-22516 vulnerability, which has a CVSS… Continue Reading

Dark Web Sales: E-Commerce and Crypto Wallet Databases, Fortinet Access in US, UK Credit Cards
November 20, 2023

Dark Web Sales: E-Commerce and Crypto Wallets’ Databases, Fortinet Access in US, UK Credit Cards

Embarking on a relentless pursuit of the shadows, the SOCRadar Dark Web Team brings to light a series of alarming cyber incidents. From a massive e-commerce data sale to the unauthorized access threats targeting Western… Continue Reading

Fortinet Reveals Critical Vulnerability in FortiSIEM Report Server (CVE-2023-36553): Patch Now
November 17, 2023

Fortinet Reveals Critical Vulnerability in FortiSIEM Report Server (CVE-2023-36553): Patch Now

Fortinet, a leading cybersecurity provider, has recently issued an advisory for a critical vulnerability impacting its FortiSIEM Report Server. The vulnerability poses a serious risk, potentially allowing remote and unauthenticated attackers to execute malicious commands… Continue Reading

Predicting Vulnerability Exploitation for Proactive Cybersecurity: What’s EPSS, and How Can SVRS Enhance It?
November 17, 2023

Predicting Vulnerability Exploitation for Proactive Cybersecurity: What’s EPSS, and How Can SVRS Enhance It?

Predicting outcomes closely before taking action is a fundamental aspect of effective decision-making. Whether in our personal lives, business strategies, or even the realm of technology, the ability to anticipate and prepare for potential developments… Continue Reading

Cyber Extortion Meets Regulatory Pressure: ALPHV's SEC Complaint Against MeridianLink
November 16, 2023

Cyber Extortion Meets Regulatory Pressure: ALPHV’s SEC Complaint Against MeridianLink

The ALPHV/BlackCat ransomware group, known for their vicious ransomware attacks, has recently taken a surprising action by filing a complaint with the U.S. Securities and Exchange Commission (SEC) against a company they allegedly hacked, MeridianLink,… Continue Reading

Dark Peep #5: The Calm Before the Storm
November 16, 2023

Dark Peep #5: The Calm Before the Storm

On the dark web, the weather has closed, the thunder is rumbling, and the wind is picking up. Chaos is coming, ahem, not that chaos, ChaosSec is coming(!) Let's take a look at what interesting… Continue Reading

SAP November 2023 Security Patch Day: Critical Business One Vulnerability Has Been Fixed (CVE-2023-31403)
November 16, 2023

SAP November 2023 Security Patch Day: Critical Business One Vulnerability Has Been Fixed (CVE-2023-31403)

SAP, a prominent enterprise software company, has unveiled three new vulnerabilities in its November 2023 Security Patch Day update. The company has also updated security notes for three previously disclosed security vulnerabilities. The most critical… Continue Reading

MGM Casino Hack and Realities of Social Engineering Attacks
November 15, 2023

MGM Casino Hack and Realities of Social Engineering Attacks

In the complicated world of cybersecurity, the most unpredictable element remains the human factor. Social engineering attacks exploit this vulnerability, transforming human error into the most significant risk for digital defense systems. Our in-depth analysis… Continue Reading

Critical CVE-2023-34060 Vulnerability in VMware Cloud Director Appliance: CISA Advises Immediate Patching
November 15, 2023

Critical CVE-2023-34060 Vulnerability in VMware Cloud Director Appliance: CISA Advises Immediate Patching

VMware recently issued an advisory (VMSA-2023-0026) regarding a critical authentication bypass vulnerability in its VMware Cloud Director Appliance (VCD Appliance). Identified as CVE-2023-34060, this vulnerability poses a significant risk with a CVSSv3 score of 9.8,… Continue Reading

Microsoft's November 2023 Patch Tuesday Tackles Exploited Zero-Day Vulnerabilities, Now Listed in CISA KEV
November 15, 2023

Microsoft’s November 2023 Patch Tuesday Tackles Exploited Zero-Day Vulnerabilities, Now Listed in CISA KEV

Microsoft recently rolled out its Patch Tuesday for November 2023, tackling a total of 63 security vulnerabilities. Of these, three carry a critical rating, and five are identified as zero-day vulnerabilities.  Three zero-day vulnerabilities are… Continue Reading

Exploring the Top Vulnerabilities Exploited by State-Sponsored Threat Actors
November 14, 2023

Exploring the Top Vulnerabilities Exploited by State-Sponsored Threat Actors

While cyberattacks are a common concern for individuals and organizations alike, the shadowy realm of state-sponsored threat actors poses a uniquely ominous and formidable challenge. These adversaries, backed by the vast resources and strategic interests… Continue Reading

LockBit Shares Boeing Data, Software Company and US Database Leaks, Dutch RDP Sale
November 13, 2023

LockBit Shares Boeing Data, Software Company and US Database Leaks, Dutch RDP Sale

The SOCRadar Dark Web Team has diligently documented a series of unsettling activities within the depths of the dark web. Among them is a fresh update on the Boeing data leak orchestrated by the LockBit… Continue Reading

OpenVPN Access Server Vulnerabilities: Risk of Information Exposure, DoS, and RCE (CVE-2023-46849, CVE-2023-46850)
November 13, 2023

OpenVPN Access Server Vulnerabilities: Risk of Information Exposure, DoS, and RCE (CVE-2023-46849, CVE-2023-46850)

Last week, OpenVPN Access Server, a widely-used open-source VPN solution, received an update addressing two vulnerabilities, tracked as CVE-2023-46849 and CVE-2023-46850. Although CVSS scores for these vulnerabilities are pending, they can enable attackers to gain… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo