Blog

Latest articles from SOCRadar

Attackers Exploit Critical Zero-Day Vulnerability in MOVEit Transfer
June 2, 2023

Attackers Exploit Critical Zero-Day Vulnerability in MOVEit Transfer

Cybercriminals are actively exploiting a critical zero-day vulnerability in MOVEit Transfer. Attackers could exploit the vulnerability with SQL injection (SQLi) to execute remote code and steal data from targeted organizations.  MOVEit Transfer is a managed file transfer (MFT) software; its developer is… Continue Reading

Beyond the Veil of Surveillance: Private Sector Offensive Actors (PSOAs)
June 2, 2023

Beyond the Veil of Surveillance: Private Sector Offensive Actors (PSOAs)

Privacy and surveillance are two sides of a coin, and the conditions that have blurred the boundaries between them have also paved the way for the thriving of cyber commercial surveillance technologies and the offensive… Continue Reading

CVE-2023-33733 Vulnerability in ReportLab Allows Bypassing Sandbox Restrictions
June 1, 2023

CVE-2023-33733 Vulnerability in ReportLab Allows Bypassing Sandbox Restrictions

A proof-of-concept (PoC) exploit and a technical write-up for a ReportLab vulnerability are now available. The vulnerability tracked as CVE-2023-33733 could allow an attacker to perform remote code execution (RCE). The ReportLab toolkit is a popular Python library for generating PDFs from HTML.… Continue Reading

CSP Bypass Unveiled: The Hidden Threat of Bookmarklets
June 1, 2023

CSP Bypass Unveiled: The Hidden Threat of Bookmarklets

A bookmarklet is a primitive version of browser extensions commonly used today. It consists of a bookmark that contains JavaScript code. These bookmarklets have been employed since the early days of JavaScript for various purposes. They provide users… Continue Reading

Hacked Healthcare: Rising Security Breaches in the US
May 31, 2023

Hacked Healthcare: Rising Security Breaches in the US

The healthcare industry is an attractive, prime target for ransomware groups; the AIDS Trojan, also known as the PC Cyborg virus, was the first-ever ransomware virus documented. It targeted the healthcare industry. The AIDS trojan was… Continue Reading

Android Spyware SpinOk Affects Over 420M Installations on Google Play
May 31, 2023

Android Spyware SpinOk Affects Over 420M Installations on Google Play

Researchers have discovered a new Android trojan, and they track it as "SpinOk." The trojan is distributed as an advertisement Software Development Kit (SDK) on Google Play Store and has affected numerous mobile apps. Collectively, the infected apps have… Continue Reading

How is Threat Intelligence Used to Monitor Criminal Activity on the Dark Web?
May 31, 2023

How is Threat Intelligence Used to Monitor Criminal Activity on the Dark Web?

The dark web is a part of the Internet that differs from the regular Internet as it is a network that offers anonymity and privacy. Because of its structure, it has evolved into a network… Continue Reading

The Mutation Effect of Babuk Code Leakage: Unleashing New Ransomware Variants
May 30, 2023

Mutation Effect of Babuk Code Leakage: New Ransomware Variants

Ransomware continues to be a significant concern for individuals and organizations alike. One particular ransomware group, Babuk, made headlines in 2021 due to the leakage of its source code. This event has led to the emergence of new… Continue Reading

Exposed Forum Reveals RaidForums Database: 478K Members' Details Leaked
May 30, 2023

Exposed Forum Reveals RaidForums Database: 478K Members’ Details Leaked

A database for the infamous RaidForums has been made public. An administrator posted the database on a new hacking forum called "Exposed," presenting threat actors and security researchers with valuable insights into the former Forum's users. From RaidForums to… Continue Reading

ChatGPT for SOC Analysts
May 30, 2023

ChatGPT for SOC Analysts

ChatGPT, the language model developed by OpenAI, has taken the tech world by storm since its launch in November 2022. In a matter of months, it has amassed over 100 million monthly users, making it the… Continue Reading

May 29, 2023

New RaaS Emerged, RDP Access, Database, and Credit Card Sales

Welcome to this week's dark web news summary. We uncover a new ransomware tool called "NoEscape" on the dark web. Credit cards from Saudi Arabia are being sold, raising concerns about financial fraud. Additionally, unauthorized… Continue Reading

Google's New ZIP Domain Could Be Used for Phishing and Malware Attacks
May 29, 2023

Google’s New ZIP Domain Could Be Used for Phishing and Malware Attacks

Security researchers have found how attackers could potentially exploit the new ZIP TLD offered by Google. A new phishing toolkit uses the ZIP domain to appear legitimate and displays fake WinRAR and Windows File Explorer windows in the browser. Google released… Continue Reading

Discord: The New Playground for Cybercriminals
May 29, 2023

Discord: The New Playground for Cybercriminals

Discord has rapidly grown in popularity as a communication platform in recent years, serving as a virtual gathering place for online communities, gamers, and businesses, with almost 200 million active users and nearly half a billion registered accounts in… Continue Reading

Apache HTTP Server Vulnerability CVE-2023-25690: PoC Available
May 26, 2023

Apache HTTP Server Vulnerability CVE-2023-25690: PoC Available

The Apache Foundation announced on March 7, 2023, that they had addressed CVE-2023-25690 in Apache HTTP Server 2.4.56. The fix, implemented on March 5, prevents control characters from being included in a proxied request. This vulnerability had a CVSS score… Continue Reading

Key to Achieving a Stronger Cybersecurity Posture: Zero Trust Policy
May 26, 2023

Key to Achieving a Stronger Cybersecurity Posture: Zero Trust Policy

In recent years, we have seen countless high-profile data breaches that have left businesses and individuals vulnerable. To combat these threats, there is one most effective security policy: Zero Trust (ZT). This powerful security concept is gaining traction… Continue Reading

Guarding the Gates: An Exploration of the Top 10 Supply Chain Attacks
May 25, 2023

Guarding the Gates: An Exploration of the Top 10 Supply Chain Attacks

Once upon a time, an anxious emperor, having heard a prophecy of his daughter's demise by a snakebite, ordered the construction of an isolated fortress. This was the Maiden's Tower, rising from the heart of… Continue Reading

Luxottica Data Leak Exposes Over 70M Customers' Data
May 25, 2023

Luxottica Data Leak Exposes Over 70M Customers’ Data

Luxottica, the world's largest eyewear company, has revealed that it was the victim of a major cyber attack. The attack exposed the personal information of over 70 million customers on hacking forums. The major brands Luxottica owns include… Continue Reading

Unleashing the Domino Effect: Google's Deletion of Unused Emails and the Cascade of Account Compromises
May 24, 2023

Unleashing the Domino Effect: Google’s Deletion of Unused Emails and the Cascade of Account Compromises

Email accounts are the primary key to accessing various online services in today's digital age. They are used to create accounts and serve as login credentials for platforms such as Facebook, Twitter, and Instagram. However, some… Continue Reading

Cloud Threat Actor Spotlight: GUI-vil's Strategies in AWS Compromises
May 24, 2023

Cloud Threat Actor Spotlight: GUI-vil’s Strategies in AWS Compromises

Researchers have been tracking a financially motivated threat group known as GUI-vil (aka p0-LUCR-1), based in Indonesia, which engages in unauthorized cryptocurrency mining. Researchers first observed this threat actor in November 2021, and recently in… Continue Reading

ChatGPT for CTI Professionals
May 23, 2023

ChatGPT for CTI Professionals

In 1950, Alan Turing, the father of modern computing, asked, "Can machines think?" Over the years, that question has evolved into a quest for inventing machines that can understand and generate human-like text and has… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo