Latest articles from SOCRadar
In the latest edition of the Week in Dark Web, the SOCRadar Dark Web Team has uncovered significant revelations, such as the sale of a government database, a data breach involving over 400,000 lines of… Continue Reading
Artificial intelligence (AI) stands as a multifaceted force, shaping the future of both defense and offense in the cyber realm. As technology advances, threat actors adeptly leverage AI for malicious purposes, crafting sophisticated malware and… Continue Reading
A significant vulnerability affecting Syrus4 IoT Gateway has emerged, posing a serious threat to the worldwide automotive industry. This vulnerability, capable of giving hackers control over a fleet of vehicles and potentially shutting them down,… Continue Reading
On December 6, 2023, WordPress rolled out version 6.4.2, addressing a vulnerability introduced in version 6.4 – specifically, a POP chain issue within the core. This vulnerability depended on the existence of an additional PHP… Continue Reading
Cyber threats are evolving at an unprecedented pace, and businesses must prioritize partnering with cybersecurity providers that understand these threats and demonstrate a commitment to the highest standards of data security and management. One such example of… Continue Reading
Google has released the December 2023 Android Security Bulletin. Despite the bulletin being released, the awaited Google Pixel December update is yet to be made available. In this Android security bulletin, dated December 5, 2023,… Continue Reading
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a Cybersecurity Advisory (CSA), regarding exploitation of a vulnerability in Adobe ColdFusion, targeting government-related servers. The advisory aims to guide organizations in enhancing their security posture… Continue Reading
In the rapidly evolving digital marketplace, the threat of phishing in e-commerce has become a critical concern. To navigate these treacherous waters, SOCRadar's "E-Commerce Cyber Bible" offers invaluable insights, presenting an in-depth analysis of the… Continue Reading
[Update] December 11, 2023: "CISA Urges Swift Action on Critical Atlassian Vulnerabilities" Atlassian has issued critical security updates addressing multiple vulnerabilities in its suite of products. Identified as CVE-2022-1471, CVE-2023-22522, CVE-2023-22524, and CVE-2023-22523, these vulnerabilities… Continue Reading
The Cybersecurity and Infrastructure Security Agency (CISA) has once again issued a summary of the latest vulnerabilities. The latest CISA vulnerability summary lists vulnerabilities identified between November 24 and December 2, 2023. In this blog… Continue Reading
The first days of December 2023 were rattled by ALPHV/BlackCat ransomware group, known for its sophisticated cyberattacks and recent interesting attack methods. The latest in their series of high-profile breaches is the alleged infiltration on… Continue Reading
The SOCRadar Dark Web Team has revealed an alarming increase in the sales of unauthorized network access to a myriad of companies in the previous week. From research centers to online retail platforms, no sector… Continue Reading
The Internet is a vast network that has revolutionized our daily lives. It encompasses many technologies, including web servers, content delivery networks, and cloud computing. Web entities' content served over HTTP (like websites, web-based control… Continue Reading
Is it really possible for ordinary text to be dangerous or harmful to people or things, unless it is some sort of black magic that unleashes its power when read or spoken, or a text… Continue Reading
[Update] December 5, 2023: See the subheading “CISA Lists Apple Zero-Day Vulnerabilities Under KEV Catalog.” Apple has released emergency security updates to counteract two zero-day vulnerabilities actively exploited in the wild. Tracked as CVE-2023-42916 and… Continue Reading
The Cybersecurity and Infrastructure Security Agency (CISA) has just introduced the Secure by Design Alert series, a proactive step to highlight instances where vulnerabilities or intrusion campaigns could have been prevented by the vendors, through… Continue Reading
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently issued four new advisories for Industrial Control Systems (ICS). CISA released the advisories on November 28, 2023, regarding current security issues, vulnerabilities, and exploits affecting… Continue Reading
Exploitation activity targeting ownCloud with the CVE-2023-49103 vulnerability has been observed, raising concerns within the cybersecurity community. ownCloud, renowned as an open-source file server facilitating secure storage, file-sharing, and collaboration, recently drew attention due to… Continue Reading
Recently, cyberspace has witnessed a surge of activity, particularly within the hacktivist space, traditionally active on Telegram and Twitter. As this landscape becomes increasingly volatile, some hacktivist groups are shifting their focus to traditional web… Continue Reading
The SOCRadar Dark Web Team unveils a fresh wave of illicit activities as the relentless pace of dark web threats persists. Recognized threat actors have made significant moves: SiegedSec claims access to sensitive government data,… Continue Reading