Latest articles from SOCRadar
The Apache Foundation announced on March 7, 2023, that they had addressed CVE-2023-25690 in Apache HTTP Server 2.4.56. The fix, implemented on March 5, prevents control characters from being included in a proxied request. This vulnerability had a CVSS score… Continue Reading
In recent years, we have seen countless high-profile data breaches that have left businesses and individuals vulnerable. To combat these threats, there is one most effective security policy: Zero Trust (ZT). This powerful security concept is gaining traction… Continue Reading
Once upon a time, an anxious emperor, having heard a prophecy of his daughter's demise by a snakebite, ordered the construction of an isolated fortress. This was the Maiden's Tower, rising from the heart of… Continue Reading
Luxottica, the world's largest eyewear company, has revealed that it was the victim of a major cyber attack. The attack exposed the personal information of over 70 million customers on hacking forums. The major brands Luxottica owns include… Continue Reading
Email accounts are the primary key to accessing various online services in today's digital age. They are used to create accounts and serve as login credentials for platforms such as Facebook, Twitter, and Instagram. However, some… Continue Reading
Researchers have been tracking a financially motivated threat group known as GUI-vil (aka p0-LUCR-1), based in Indonesia, which engages in unauthorized cryptocurrency mining. Researchers first observed this threat actor in November 2021, and recently in… Continue Reading
In 1950, Alan Turing, the father of modern computing, asked, "Can machines think?" Over the years, that question has evolved into a quest for inventing machines that can understand and generate human-like text and has… Continue Reading
Malicious actors frequently resort to alternative techniques to gain initial access, such as employing diverse file formats and payloads. It is important to highlight that they still actively use VBA macros embedded within Office documents… Continue Reading
Welcome to this week's edition of our dark web news summary, where we bring you the latest updates on the clandestine world of cybercrime. This week's headlines shed light on the alarming activities within the… Continue Reading
The G7 Cybersecurity Summit 2023 is just around the corner and is being held in Hiroshima, Japan, which is a city that was devastated by an atomic bomb attack in 1945, now serves as a… Continue Reading
Industry cyber threat landscape means the perspective of distinct cybersecurity threats targeting the related industry. The threat landscape of an industry could change accordingly since cyber threats constantly evolve through time. A detailed industry threat… Continue Reading
A vulnerability in the open-source password manager tool KeePass could allow retrieval of the master password. The vulnerability tracked as CVE-2023-32784 has a proof-of-concept (PoC) exploit available before its patch. The KeePass 2.X branch for… Continue Reading
The attacks targeting European foreign affairs entities since January 2023 have been attributed to a Chinese cyber espionage group, Mustang Panda. The attackers use a TP-Link firmware implant that contains a backdoor malware called "Horse Shell."… Continue Reading
In April 2023, several cybersecurity incidents were reported across various industries. These included supply chain attacks, data breaches, and cryptocurrency thefts. It's important to keep up-to-date on the nature of these attacks, their implications, and… Continue Reading
Like other critical infrastructures, the healthcare industry is frequently targeted by cyberattacks. The attacks in the healthcare vertical have begun to increase in recent years due to security vulnerabilities triggered by changes in procedures during… Continue Reading
This week's headlines feature some developments that highlight the ongoing threats posed by cybercriminals. First up, we have news of a remote code execution exploit for VMware Workspace ONE that has been shared on the… Continue Reading
Data breaches have become increasingly common, with recent incidents impacting companies like Capita, Toyota and Discord, exposing the sensitive information of customers. Such breaches can have severe financial and reputational consequences, making it essential for… Continue Reading
“Bahrain, Kuwait, Oman, Qatar, Saudi Arabia, and the United Arab Emirates constitute the Cooperation Council for the Arab States of the Gulf, generally known as the Gulf Cooperation Council (GCC), a regional, intergovernmental, political, and… Continue Reading
A popular WordPress plugin called Essential Addons for Elementor has a security vulnerability, tracked as CVE-2023-32243, which could allow hackers to gain administrator privileges on affected websites. The plugin, which has over one million active… Continue Reading
During periods of elections, people's desire to obtain knowledge is outstanding, and they are overloaded with messages varying from fliers to social media advertisements. Campaigns for candidates raise tensions, and social balances are more sensitive… Continue Reading