Latest articles from SOCRadar
Cybercriminals are actively exploiting a critical zero-day vulnerability in MOVEit Transfer. Attackers could exploit the vulnerability with SQL injection (SQLi) to execute remote code and steal data from targeted organizations. MOVEit Transfer is a managed file transfer (MFT) software; its developer is… Continue Reading
Privacy and surveillance are two sides of a coin, and the conditions that have blurred the boundaries between them have also paved the way for the thriving of cyber commercial surveillance technologies and the offensive… Continue Reading
A proof-of-concept (PoC) exploit and a technical write-up for a ReportLab vulnerability are now available. The vulnerability tracked as CVE-2023-33733 could allow an attacker to perform remote code execution (RCE). The ReportLab toolkit is a popular Python library for generating PDFs from HTML.… Continue Reading
A bookmarklet is a primitive version of browser extensions commonly used today. It consists of a bookmark that contains JavaScript code. These bookmarklets have been employed since the early days of JavaScript for various purposes. They provide users… Continue Reading
The healthcare industry is an attractive, prime target for ransomware groups; the AIDS Trojan, also known as the PC Cyborg virus, was the first-ever ransomware virus documented. It targeted the healthcare industry. The AIDS trojan was… Continue Reading
Researchers have discovered a new Android trojan, and they track it as "SpinOk." The trojan is distributed as an advertisement Software Development Kit (SDK) on Google Play Store and has affected numerous mobile apps. Collectively, the infected apps have… Continue Reading
The dark web is a part of the Internet that differs from the regular Internet as it is a network that offers anonymity and privacy. Because of its structure, it has evolved into a network… Continue Reading
Ransomware continues to be a significant concern for individuals and organizations alike. One particular ransomware group, Babuk, made headlines in 2021 due to the leakage of its source code. This event has led to the emergence of new… Continue Reading
A database for the infamous RaidForums has been made public. An administrator posted the database on a new hacking forum called "Exposed," presenting threat actors and security researchers with valuable insights into the former Forum's users. From RaidForums to… Continue Reading
ChatGPT, the language model developed by OpenAI, has taken the tech world by storm since its launch in November 2022. In a matter of months, it has amassed over 100 million monthly users, making it the… Continue Reading
Welcome to this week's dark web news summary. We uncover a new ransomware tool called "NoEscape" on the dark web. Credit cards from Saudi Arabia are being sold, raising concerns about financial fraud. Additionally, unauthorized… Continue Reading
Security researchers have found how attackers could potentially exploit the new ZIP TLD offered by Google. A new phishing toolkit uses the ZIP domain to appear legitimate and displays fake WinRAR and Windows File Explorer windows in the browser. Google released… Continue Reading
Discord has rapidly grown in popularity as a communication platform in recent years, serving as a virtual gathering place for online communities, gamers, and businesses, with almost 200 million active users and nearly half a billion registered accounts in… Continue Reading
The Apache Foundation announced on March 7, 2023, that they had addressed CVE-2023-25690 in Apache HTTP Server 2.4.56. The fix, implemented on March 5, prevents control characters from being included in a proxied request. This vulnerability had a CVSS score… Continue Reading
In recent years, we have seen countless high-profile data breaches that have left businesses and individuals vulnerable. To combat these threats, there is one most effective security policy: Zero Trust (ZT). This powerful security concept is gaining traction… Continue Reading
Once upon a time, an anxious emperor, having heard a prophecy of his daughter's demise by a snakebite, ordered the construction of an isolated fortress. This was the Maiden's Tower, rising from the heart of… Continue Reading
Luxottica, the world's largest eyewear company, has revealed that it was the victim of a major cyber attack. The attack exposed the personal information of over 70 million customers on hacking forums. The major brands Luxottica owns include… Continue Reading
Email accounts are the primary key to accessing various online services in today's digital age. They are used to create accounts and serve as login credentials for platforms such as Facebook, Twitter, and Instagram. However, some… Continue Reading
Researchers have been tracking a financially motivated threat group known as GUI-vil (aka p0-LUCR-1), based in Indonesia, which engages in unauthorized cryptocurrency mining. Researchers first observed this threat actor in November 2021, and recently in… Continue Reading
In 1950, Alan Turing, the father of modern computing, asked, "Can machines think?" Over the years, that question has evolved into a quest for inventing machines that can understand and generate human-like text and has… Continue Reading