Blog

Latest articles from SOCRadar

Top 5 Tactics Threat Actors Use for Initial Access
July 5, 2022

Top 5 Tactics Threat Actors Use for Initial Access

A short while ago, combined security advice released by several national cybersecurity agencies highlighted the top ten attack vectors most used by threat actors to access networks. Threat actors take advantage of outdated systems, external… Continue Reading

What are DevOps, DevSecOps, and Rugged DevOps?
July 4, 2022

What are DevOps, DevSecOps, and Rugged DevOps?

We are hearing these two buzzwords, DevSecOps and DevOps, more frequently. For example, Gartner predicts DevSecOps will reach mainstream adoption within two to five years, which means that we will hear about them even more… Continue Reading

Hundreds of Windows Networks are Infected with Raspberry Robin Worm
July 4, 2022

Hundreds of Windows Networks are Infected with Raspberry Robin Worm

Microsoft reported that hundreds of businesses' networks have already been compromised by the Windows worm Raspberry Robin. Multiple security experts discovered Raspberry Robin in 2021. Microsoft even saw evidence from 2019. Raspberry Robin acts like… Continue Reading

SOCRadar Denmark Threat Landscape Report
July 4, 2022

SOCRadar Denmark Threat Landscape Report: 9 Danish Companies Targeted Every 9 Days

Cybercrime is a threat that closely concerns public authorities, companies, and residents in Denmark, as it is around the world. The fact that threat actors adapt rapidly to the "new normal," improve their skills and… Continue Reading

SOCRadar Singapore Threat Landscape Report: Excessive Increase in Cyberattack Attempts
June 29, 2022

SOCRadar Singapore Threat Landscape Report: Excessive Increase in Cyberattack Attempts

The cyber security agenda is shaken every day with brand new threats and methods developed by malicious actors. We see the effects of the developments in these attack techniques in countries where capital accumulation is intense,… Continue Reading

New Version of Raccoon Stealer Released
June 29, 2022

New Version of Raccoon Stealer Released

The new version of Raccoon Stealer has been released. The first version was first seen in 2019 and served as MaaS (malware-as-a-service.) The malware ceased operations on March 25, following the death of one of… Continue Reading

What is Network Performance Monitoring (NPM)?
June 28, 2022

What is Network Performance Monitoring (NPM)?

Network Performance Monitoring (NPM) is assessing the service quality of a network as experienced by users by measuring, visualizing, monitoring, diagnosing, optimizing, and reporting on it. NPM aims to identify congestion, maximize throughput, and improve… Continue Reading

New Banking Trojan Revive Targets BBVA Customers
June 28, 2022

New Banking Trojan Revive Targets BBVA Customers

The newly emerged Android banking trojan Revive mimics BBVA bank's two-factor authentication app. Although still in early development, the malware is capable of phishing attacks and account takeover via keyloggers. According to Cleafy's research, when the trojan… Continue Reading

Malicious Python Packages Steal AWS Keys
June 27, 2022

Malicious Python Packages Steal AWS Keys

Cybersecurity researchers have discovered that some Python packages available in the PyPI repositories engage in malicious activity. Malicious packets send some sensitive data, including AWS login credentials, to internet-facing endpoints. In May, malicious activities were… Continue Reading

Threat Actors Target VMware Servers by Exploiting Log4Shell Vulnerability
June 24, 2022

Threat Actors Target VMware Servers by Exploiting Log4Shell Vulnerability

The Log4Shell RCE vulnerability with code CVE-2021-44228 continues to be exploited by state-backed threat actors. Attackers utilize the vulnerability to target VMware Horizon and Unified Access Gateway servers. By exploiting the Log4Shell vulnerability, attackers can gain… Continue Reading

How to Protect Yourself Against Shodan, BinaryEdge and ZoomEye? 
June 22, 2022

How to Protect Yourself Against Shodan, BinaryEdge and ZoomEye? 

Have you ever wondered how hackers find the IPs, ports, and services required for their attacks? Some attacks need thousands of host computers to find the vulnerable ones. Hackers do not require sophisticated tools to… Continue Reading

Dark Web Profile: Netwalker Ransomware
June 22, 2022

Dark Web Profile: Netwalker Ransomware

Today, with the effects of digitalization, most of the information is stored online. This situation creates a vulnerability for organizations because the number of cyberattacks is increasing daily to steal those data. One example of… Continue Reading

NTLM Relay Attack Leads to Windows Domain Takeover
June 21, 2022

NTLM Relay Attack Leads to Windows Domain Takeover

A new DFSCoerce NTLM Relay attack has been discovered on Windows. Threat actors can take over Microsoft Active Directory Certificate Services (AD CS) domains using MS-DFSNM (Microsoft Distributed File System Namespace Management). To take over… Continue Reading

SOCRadar Visiting InfoSecurity Europe 2022
June 20, 2022

SOCRadar Exhibiting Extended Threat Intelligence Solution at InfoSecurity Europe 2022

SOCRadar will be at InfoSecurity Europe, held at London ExCel this week from 21 to 23 June. We are very excited to meet you face to face at our booth V38. Visit us to gain… Continue Reading

BRATA Malware Becomes an Advanced Threat
June 20, 2022

BRATA Malware Becomes an Advanced Threat

Originally a banking trojan, BRATA acquires new capabilities and becomes a more advanced threat. Malware can now be much more effective at stealing user information. Cleafy's analysis shows BRATA's activities are almost identical to APT activity… Continue Reading

DriftingCloud APT Group Exploits Zero-Day In Sophos Firewall
June 17, 2022

DriftingCloud APT Group Exploits Zero-Day In Sophos Firewall

Cybersecurity researchers have revealed that Sophos Firewall has been actively exploited by DriftingCloud APT group since early March. Apparently, the attacks started long before the CVE-2022-1040 vulnerability was patched, affecting v18.5 and older versions of… Continue Reading

Cisco Fixed Critical Authentication Bypass Vulnerability Affecting Some Products
June 16, 2022

Cisco Fixed Critical Authentication Bypass Vulnerability Affecting Some Products

Cisco fixed a vulnerability discovered in the external authentication functionality of Secure Email and Web Manager. The vulnerability could allow threat actors to bypass authentication and log on to the web. The vulnerability tracked as… Continue Reading

Microsoft June 2022 Patch Tuesday Fixes 55 Vulnerabilities Including Follina
June 15, 2022

Microsoft June 2022 Patch Tuesday Fixes 55 Vulnerabilities Including Follina

Microsoft has released the June 2022 Patch Tuesday. The company announced that it had patched 55 vulnerabilities, including the CVE-2022-30190 vulnerability, nicknamed Follina, which affects Office products. Among the fixed vulnerabilities, 27 RCE and 12… Continue Reading

Almost Impossible to Detect Symbiote Linux Malware
June 10, 2022

Almost Impossible to Detect Symbiote Linux Malware

The newly discovered Linux malware Symbiote can easily infect and hide in almost any process on compromised systems. The malware steals account credentials and gives malicious actors backdoor access. Symbiote is stored in the system after… Continue Reading

What Do You Need to Know About New SAMA Principles?
June 8, 2022

What Do You Need to Know About New SAMA Principles?

The Kingdom of Saudi Arabia (KSA) has launched a digital transformation program focusing on the banking industry. With the growing digitization of financial services, securing the availability of sensitive data, transactions, and services has become… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo