Latest articles from SOCRadar
By SOCRadar Research Microsoft Exchange Server, a widely used email and calendar server for businesses, holds critical information vital to an organization's functioning. Exchange servers can contain the PII of the users and sensitive data regarding the… Continue Reading
Powered by DarkMirror™ Threat actors can weaponize even the smallest scraps of information in large-scale attacks. This is why dark web posts that expose personal information, such as data leaks, account and access sales can… Continue Reading
The vulnerability, tracked as CVE-2021-21974, is caused by a stack overflow issue in the OpenSLP service that unauthenticated threat actors in low-complexity attacks can exploit. According to available research, CERT-FR claims that this attack exploits the CVE-2021-21974 vulnerability that has… Continue Reading
By SOCRadar Research The education industry covers a diverse range of organizations, including K-12 education, higher education, private and public education, science research institutes, and tutoring ranging from exam preparation to hobby courses. Furthermore, educational… Continue Reading
A new malware has appeared on the frontlines, targeting online Redis servers. The malware, named HeadCrab by researchers, has been active since September 2021. The malware's primary goal is to create a botnet for Monero… Continue Reading
When the expression "first 100 days" is mentioned, we all immediately think of what a leading politician has done from the first day to the hundredth day. These "first 100 days" became iconic during Franklin… Continue Reading
By SOCRadar Research Stealer as a service is a marketing approach in which threat actors offer to sell or lease access to information-stealer tools designed to steal sensitive data from victims' devices. This model enables anyone… Continue Reading
Threat actors stepped up their efforts to exploit a remote code execution vulnerability in the Realtek Jungle SDK between August and October 2022, according to researchers. A report from Palo Alto Networks noted that the attacks targeting… Continue Reading
The year 2022 was challenging for global cybersecurity, with waves of cyberattacks during Russia's invasion of Ukraine setting the tone for the rest of the year. This has also made it a challenging year for… Continue Reading
Powered by DarkMirror™ Former DDoS provider, nowadays a pro-Russian threat actor KillNet continues targeting western organizations. Since Russia's invasion of Ukraine started, the group added many victims to its list. Last week, multiple German companies… Continue Reading
Yandex, a Russian technology company and popular search engine, has had its source code repositories leaked on a hacker forum. According to Yandex, the repositories were stolen by a former employee. The hacker shared a magnet link with 44.7GB of data… Continue Reading
Ransomware is one of the more common cyberattack types in the news. Behind the scenes of ransomware, there are numerous threat actors, each with a motive. Although the motive usually includes financial gain, the threat actors… Continue Reading
Today's SOC analyst has a lot to deal with. All kinds of challenges await these cybersecurity professionals, who undertake the critical task of keeping organizations safe. Some of these challenges are related to the changing cybercrime… Continue Reading
by SOCRadar Research On November 8, 2021 electronics retail giant Media Markt has suffered a ransomware attack with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to… Continue Reading
Cybersecurity has grown in importance as a geopolitical factor. Cyberattacks target public and private systems each day, and the variety of attacks has grown quickly. Cybercriminals are primarily driven by financial gain; they are looking for information… Continue Reading
UPDATE (February 1, 2023): Proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain has been made available by researchers. VMware patched several vulnerabilities found in its vRealize Log Insight appliance. The vulnerabilities are identified as… Continue Reading
Researchers discovered an RCE vulnerability in Microsoft Teams during Pwn2Own 2022. The application is used by a wide range of people, including professionals, and an exploit could cause significant harm to its users. Remote code execution (RCE)… Continue Reading
Powered by DarkMirror™ Threat actors cause cybercrime to spread to a broader base with databases and unauthorized access sales. Without the ability to obtain the database, attackers can purchase personal information from other threat actors… Continue Reading
By SOCRadar Research From time to time, news hit the front pages regarding cyberattacks on significant infrastructures, such as nuclear facilities, or major companies, such as SolarWinds. These attacks are carried out by cyber threat… Continue Reading
Researchers have discovered a sophisticated new BoldMove malware created specifically to operate on Fortinet's FortiGate firewalls after collecting data related to a recently disclosed zero-day vulnerability in the company's FortiOS SSL-VPN technology. A threat actor created the malware with a base… Continue Reading
