Latest articles from SOCRadar
Exploitation activity targeting ownCloud with the CVE-2023-49103 vulnerability has been observed, raising concerns within the cybersecurity community. ownCloud, renowned as an open-source file server facilitating secure storage, file-sharing, and collaboration, recently drew attention due to… Continue Reading
Recently, cyberspace has witnessed a surge of activity, particularly within the hacktivist space, traditionally active on Telegram and Twitter. As this landscape becomes increasingly volatile, some hacktivist groups are shifting their focus to traditional web… Continue Reading
The SOCRadar Dark Web Team unveils a fresh wave of illicit activities as the relentless pace of dark web threats persists. Recognized threat actors have made significant moves: SiegedSec claims access to sensitive government data,… Continue Reading
Greetings, just like Bitcoin goes up and down momentarily, the Dark Web can go crazy and calm down from time to time. In this issue, the Dark Web events that the SOCRadar team has been… Continue Reading
Cybersecurity is a constant back-and-forth between the defenders and the threat actors, all centered around finding vulnerabilities in software. Playing a crucial role in defending against the vulnerabilities is the Cybersecurity & Infrastructure Security Agency… Continue Reading
As cyber currents ebb and flow, a storm named Volt Typhoon surges from the digital depths. This isn't your typical tempest from the sea but a state-sponsored maelstrom with a tendency for espionage. Volt Typhoon,… Continue Reading
CISA has issued an alert regarding multiple vulnerabilities impacting Adobe ColdFusion. The alert underscores that the exploitation of the vulnerabilities could grant threat actors control over affected systems, prompting organizations to take measures to protect… Continue Reading
Atlassian has urgently issued security advisories for two separate products: Bamboo Data Center and Server, and Crowd Data Center and Server. The announcement states that they have addressed the CVE-2023-22516 vulnerability, which has a CVSS… Continue Reading
Embarking on a relentless pursuit of the shadows, the SOCRadar Dark Web Team brings to light a series of alarming cyber incidents. From a massive e-commerce data sale to the unauthorized access threats targeting Western… Continue Reading
Fortinet, a leading cybersecurity provider, has recently issued an advisory for a critical vulnerability impacting its FortiSIEM Report Server. The vulnerability poses a serious risk, potentially allowing remote and unauthenticated attackers to execute malicious commands… Continue Reading
Predicting outcomes closely before taking action is a fundamental aspect of effective decision-making. Whether in our personal lives, business strategies, or even the realm of technology, the ability to anticipate and prepare for potential developments… Continue Reading
The ALPHV/BlackCat ransomware group, known for their vicious ransomware attacks, has recently taken a surprising action by filing a complaint with the U.S. Securities and Exchange Commission (SEC) against a company they allegedly hacked, MeridianLink,… Continue Reading
On the dark web, the weather has closed, the thunder is rumbling, and the wind is picking up. Chaos is coming, ahem, not that chaos, ChaosSec is coming(!) Let's take a look at what interesting… Continue Reading
SAP, a prominent enterprise software company, has unveiled three new vulnerabilities in its November 2023 Security Patch Day update. The company has also updated security notes for three previously disclosed security vulnerabilities. The most critical… Continue Reading
In the complicated world of cybersecurity, the most unpredictable element remains the human factor. Social engineering attacks exploit this vulnerability, transforming human error into the most significant risk for digital defense systems. Our in-depth analysis… Continue Reading
VMware recently issued an advisory (VMSA-2023-0026) regarding a critical authentication bypass vulnerability in its VMware Cloud Director Appliance (VCD Appliance). Identified as CVE-2023-34060, this vulnerability poses a significant risk with a CVSSv3 score of 9.8,… Continue Reading
Microsoft recently rolled out its Patch Tuesday for November 2023, tackling a total of 63 security vulnerabilities. Of these, three carry a critical rating, and five are identified as zero-day vulnerabilities. Three zero-day vulnerabilities are… Continue Reading
While cyberattacks are a common concern for individuals and organizations alike, the shadowy realm of state-sponsored threat actors poses a uniquely ominous and formidable challenge. These adversaries, backed by the vast resources and strategic interests… Continue Reading
The SOCRadar Dark Web Team has diligently documented a series of unsettling activities within the depths of the dark web. Among them is a fresh update on the Boeing data leak orchestrated by the LockBit… Continue Reading
Last week, OpenVPN Access Server, a widely-used open-source VPN solution, received an update addressing two vulnerabilities, tracked as CVE-2023-46849 and CVE-2023-46850. Although CVSS scores for these vulnerabilities are pending, they can enable attackers to gain… Continue Reading