Blog

Latest articles from SOCRadar

Top 10 Data Breaches So Far in 2022
August 15, 2022

Top 10 Data Breaches So Far in 2022

Data breach cases are increasing as cyber security incidents rise. According to statistics, more than 90% of data breaches are caused by cyber-attacks. However, data breaches hit an all-time high in 2021. Data breaches increased… Continue Reading

Could China – Taiwan Cyber Conflict Deepen the Global Chip Crisis?
August 15, 2022

Could China – Taiwan Cyber Conflict Deepen the Global Chip Crisis?

The US House of Representatives speaker Nancy Pelosi arrived in Taiwan on the evening of August 2. She's the first US representative to visit Taiwan in the last 25 years. This led to a series… Continue Reading

Vulnerability Affecting Some Palo Alto Products Allows RDoS Attacks
August 15, 2022

Vulnerability Affecting Some Palo Alto Products Allows RDoS Attacks

A service provider recently notified Palo Alto Networks about an attempted reflected denial-of-service (RDoS) attack. The firewalls of several vendors, including Palo Alto Networks, were vulnerable to this attempted attack.  An amplified TCP RDoS attack can be… Continue Reading

Top 10 Search Engines for Pentesters and Bug Bounty Hunters
August 12, 2022

Top 10 Search Engines for Pentesters and Bug Bounty Hunters

Gathering information is the first step in identifying security vulnerabilities and analyzing risks. To collect data, security professionals use advanced and specific search engines. This article compiled the ten most used search engines by pentesters… Continue Reading

Over 1,000 Zimbra Servers Compromised by Auth Bypass Vulnerability
August 12, 2022

Over 1,000 Zimbra Servers Compromised by Auth Bypass Vulnerability

Zimbra Collaboration Suite (ZCS) was found to have an actively exploited authentication bypass vulnerability. The vulnerability is tracked as CVE-2022-37042 and considered high severity.  The vulnerability has just been added to CISA's list of Known Exploited Vulnerabilities along with CVE-2022-27925.… Continue Reading

SOCRadar's Free IOC Search & Enrichment Service is Now Available
August 11, 2022

SOCRadar’s Free IOC Search & Enrichment Service is Now Available

IOCs are a vital component of the threat hunting process, essential to detect and isolate advanced cyber threats. As a critical operational component of proactive security, identifying IOCs is functional to prevent possible intrusions and a… Continue Reading

How Did Cisco Get Hacked, What Was Leaked, and What Did We Learn
August 11, 2022

How Did Cisco Get Hacked, What Was Leaked, and What Did We Learn?

1-Is Cisco really hacked? Yanluowang shared Cisco's profile on their leak site and claimed the attack.  On Tuesday evening, August 10, the Yanluowang ransomware group (linked to Lapsus$ extortion group) claimed to have hacked Cisco and… Continue Reading

Traffic Light Protocol is Updated to Version 2.0
August 10, 2022

Traffic Light Protocol is Updated to Version 2.0

The Forum of Incident Response and Security Teams (FIRST) has shared an update for Traffic Light Protocol (TLP), denominating the latest version as “TLP 2.0.” According to FIRST, TLP 2.0 is planning to be fully adopted… Continue Reading

Microsoft Fixes 121 Security Flaws in August Patch Tuesday
August 10, 2022

Microsoft Fixes 121 Security Flaws in August Patch Tuesday

In this month's Patch Tuesday, Microsoft fixed 121 flaws in total, including two zero-day vulnerabilities that are actively exploited. Among 121, there are 17 vulnerabilities with critical ratings that could allow RCE and privilege escalation. The fixed vulnerabilities fall into the following categories, with their counts: Elevation of Privilege (64) Security Feature Bypass (6) Remote Code Execution (31) Information Disclosure (12) Denial of Service (7) Spoofing (1)… Continue Reading

Why are Russian Threat Actors Targeting Azerbaijan
August 9, 2022

Why are Russian Threat Actors Targeting Azerbaijan?

Since the start of the Russian invasion of Ukraine, Ukrainian organizations have been bombarded with cyberattacks executed by Russian threat actors. In addition to Ukrainian organizations, on August 5, multiple Russian threat actors turned their… Continue Reading

Critical Vulnerabilities in Exim Email Server Allow RCE
August 9, 2022

Critical Vulnerabilities in Exim Email Server Allow RCE

Two critical vulnerabilities discovered in the open source email server Exim threaten over 500,000 email servers. One of the vulnerabilities allows RCE. POCs Published The critical vulnerability, code CVE-2022-37452, allows threat actors to execute commands… Continue Reading

Top 10 DNS Threat Analysis and Monitoring Tools
August 8, 2022

Top 10 DNS Threat Analysis and Monitoring Tools

DNS converts easy-to-remember domain names into numeric IP addresses determined by the primary network protocols of the computer services and devices to be accessed. The DNS system, which can be considered a database, saves users… Continue Reading

Linux Malware RapperBot Brute Forcing SSH Servers
August 8, 2022

Linux Malware RapperBot Brute Forcing SSH Servers

RapperBot is an IoT botnet malware that has spread through brute force since it was first identified in June 2022. Over 3,500 unique IPs were utilized by the RapperBot to brute force into a rising… Continue Reading

Gartner: EASM and DRPS Services Rise in the Market
August 5, 2022

Gartner: EASM and DRPS Services Rise in the Market

Gartner shared HypeCyclefor Security Operations, 2022, which it publishes periodically and aims to provide insight into cyber security operations and risk management strategy formation. In the report, Gartner stated that Digital Risk Protection services had… Continue Reading

Dark Utilities Platform Provides Threat Actors C2 Server
August 5, 2022

Dark Utilities Platform Provides C2 Server for Threat Actors

Cybercriminals can now use a new service called Dark Utilities to build up a command and control (C2) center for their malicious activities.  Dark Utilities was created in 2022 as a C2-as-a-Service platform. Many functions… Continue Reading

Cisco Fixed RCE and Command Injection Flaws in VPN Router Series
August 4, 2022

Cisco Fixed RCE and Command Injection Flaws in VPN Router Series

Cisco released fixes for several vulnerabilities in its VPN routers. Affected products could be subject to remote code execution, command injection, and DoS attacks by unauthenticated, remote attackers. The vulnerabilities are labeled CVE-2022-20827, CVE-2022-20841, and… Continue Reading

Dark Web Profile: Vice Society
August 4, 2022

Dark Web Profile: Vice Society

Vice Society is a ransomware threat that is relatively new in the ransomware space. They emerged in the middle of 2021 and have targeted small or mid-size victims. It has been observed that they have been performing… Continue Reading

IBM Report: Data Breach Costs Higher Than Ever
August 3, 2022

IBM Report: Data Breach Costs Higher Than Ever

IBM has published the Cost of a Data Breach report, which reveals how organizations from different industries are affected by data breaches and set future cybersecurity predictions. According to the report, financial losses incurred by… Continue Reading

VMware Fixes Critical Vulnerabilities Including RCE and Authentication Bypass
August 3, 2022

VMware Fixes Critical Vulnerabilities Including RCE and Authentication Bypass

With the security update released Tuesday, VMware fixed ten vulnerabilities affecting some of its products. One is the authentication bypass vulnerability, which is critical with a CVSS score of 9.8. Three RCE vulnerabilities are also… Continue Reading

How to Detect Reconnaissance Using MITRE ATT&CK Framework
August 2, 2022

How to Detect Reconnaissance Using MITRE ATT&CK Framework

In this article, we will look at the reconnaissance techniques from the MITRE ATT&CK framework’s point of view and discuss how to detect cyberattacks using MITRE ATT&CK Framework, and how we can protect ourselves and… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo