Latest articles from SOCRadar
Cybercriminals employ many ways to distribute malware, including taking advantage of legitimate services. Recently, security researchers discovered that cybercriminals have started using Adobe Acrobat Sign service to spread the RedLine information stealer malware. Adobe Acrobat Sign is an online… Continue Reading
'By 2024, a cyberattack will so damage critical infrastructure that a member of the G20 will reciprocate with a declared physical attack' is one of Gartner's strategic planning assumptions about critical infrastructure. Cyberattacks on critical infrastructure… Continue Reading
Powered by DarkMirror™ Last week, two notorious ransomware groups added two more names to their victim lists. AlphVM/BlackCat announced the Amazon-owned Ring on their leak site. The company has denied this for now. LockBit, one… Continue Reading
On December 6, 2022, Telegram shared a new update blog on its blog page. In this blog post, specific topics attract attention, primarily based on privacy, and will attract cybercriminals. Telegram is known to be… Continue Reading
Advanced Persistent Threat (APT) groups are widely classified as organizations that lead "attacks on a country's information assets of national security or strategic economic importance through either cyber espionage or cyber sabotage." They are elusive,… Continue Reading
SAP has recently fixed 19 vulnerabilities as part of its March 2023 patch day. Five vulnerabilities are rated critical and have also been labeled "hot news" by the vendor. The critical vulnerabilities affect several versions of the… Continue Reading
Microsoft has released its Patch Tuesday update for March 2023, which includes fixes for 80 security vulnerabilities. Eight vulnerabilities have critical severity ratings, and two zero-day vulnerabilities are under active exploitation. The types of vulnerabilities fixed in March 2023 Patch Tuesday are listed below:… Continue Reading
Powered by DarkMirror™ Data held by states is valuable to many threat actors. This information is sometimes used for fraud and sometimes for larger attacks. Data from missile systems companies such as NATO, Italian Ministry… Continue Reading
Recently, AT&T revealed that a data breach in January compromised the personal information of about 9 million of their customers. The breach was caused by a marketing vendor's hack, and as a result, some Customer Proprietary Network Information (CPNI) was accessed.… Continue Reading
Funding will support the expansion of SOCRadar’s single-platform early warning system that offers external attack surface management, cyber threat intelligence, and digital risk protection SOCRadar, one of the fastest-growing cyber security companies in the world,… Continue Reading
By SOCRadar Research Ransomware attacks have become a potential threat to all enterprises, regardless of industry or size. Ransomware can target any individual or business that processes sensitive data as long as the threat actors… Continue Reading
Fortinet has revealed a critical severity vulnerability, tracked as CVE-2023-25610, in a new advisory. It is a buffer underwrite vulnerability in FortiOS and FortiProxy that occurs when a program attempts to read more data than is available from… Continue Reading
As we enter March 2023, the world continues to face a surge in cyberattacks that threaten individuals, businesses, and government agencies. The last month has already witnessed some of the most significant cyber incidents, including data… Continue Reading
Not many sane persons in the US will go against the (Internal Revenue Service) IRS. Even some crazies like Batman's supervillain Joker will stay out of the way of the IRS. However, the IRS's frightening… Continue Reading
We are thrilled to announce that SOCRadar, a leading provider of cyber threat intelligence solutions, has been awarded in three categories in Cybersecurity Excellence Awards. SOCRadar Extended Threat Intelligence (XTI) has been named the Gold… Continue Reading
CVE-2023-21716 was discovered in Microsoft Word last year. It is a critical remote code execution (RCE) vulnerability in Microsoft Office, with a CVSS score of 9.8. Joshua Drake, a researcher, had reported the vulnerability to… Continue Reading
By SOCRadar Research The Russia-Ukraine war continues to this day with huge consequences on the physical side. In parallel, the sides also wage cyber warfare against each other to have leverage against one another, such… Continue Reading
Powered by DarkMirror™ Credit card theft and the sale of credit card information are among the biggest revenue streams for threat actors on the dark web. This information is sometimes used for fraud and sometimes… Continue Reading
As the world becomes increasingly digital, educational institutions face a growing cyberattack threat. In 2022, cybersecurity researchers expected these attacks to increase in frequency and complexity as cybercriminals seek to exploit vulnerabilities in school systems… Continue Reading
In a recent security advisory, Aruba Networks disclosed thirty-three vulnerabilities. Six of them were rated as critical. The vulnerabilities were discovered through a bug bounty program and affect several ArubaOS versions in Aruba Mobility Conductor,… Continue Reading