Blog

Latest articles from SOCRadar

Exploit Code Available for Critical RCE Vulnerability in Microsoft Word (CVE-2023-21716)
March 7, 2023

PoC Available for Critical RCE Vulnerability in Microsoft Word (CVE-2023-21716)

CVE-2023-21716 was discovered in Microsoft Word last year. It is a critical remote code execution (RCE) vulnerability in Microsoft Office, with a CVSS score of 9.8.  Joshua Drake, a researcher, had reported the vulnerability to… Continue Reading

Dark Web Profile: NoName057(16)
March 6, 2023

Dark Web Profile: NoName057(16)

By SOCRadar Research [Update] July 11, 2023: NoName recently launched a cyber attack on Poland, targeting critical infrastructures such as the National Bank of Poland and the Polish Computer Security Incident Response Team (CSIRT GOV)… Continue Reading

March 6, 2023

BidenCash Leaked 2.1 Million Credit Card Information

Powered by DarkMirror™ Credit card theft and the sale of credit card information are among the biggest revenue streams for threat actors on the dark web. This information is sometimes used for fraud and sometimes… Continue Reading

How to Stop a DDoS Attack
March 3, 2023

How to Stop a DDoS Attack? (2023 Edition)

What is a DDoS Attack? A DDoS attack, also known as distributed denial of service attack, is a type of web attack aiming to cripple a web system's servers and make the servers unreachable to… Continue Reading

Educational Institutions Face 234% Increase in Ransomware Attacks
March 2, 2023

Educational Institutions Face 234% Increase in Ransomware Attacks

As the world becomes increasingly digital, educational institutions face a growing cyberattack threat. In 2022, cybersecurity researchers expected these attacks to increase in frequency and complexity as cybercriminals seek to exploit vulnerabilities in school systems… Continue Reading

Aruba Networks Fixes Six Critical RCE Vulnerabilities Affecting ArubaOS
March 2, 2023

Aruba Networks Fixes Six Critical RCE Vulnerabilities Affecting ArubaOS

In a recent security advisory, Aruba Networks disclosed thirty-three vulnerabilities. Six of them were rated as critical. The vulnerabilities were discovered through a bug bounty program and affect several ArubaOS versions in Aruba Mobility Conductor,… Continue Reading

Growing Cybercrime Outsourcing Model: Initial Access Brokers
March 1, 2023

Growing Cybercrime Outsourcing Model: Initial Access Brokers

By SOCRadar Research The initial access market has shown a dramatic increase in 2022 compared to the previous year. While SOCRadar observed 2309 sales advertisements in 2021, the number of ads in 2022 was 3168,… Continue Reading

How SOCRadar Helps You Improve Your CTEM Program
February 28, 2023

How SOCRadar Helps You Improve Your CTEM Program

Gartner published a report at the beginning of December 2022 and predicted how enterprises should implement a cybersecurity understanding for 2023 and beyond. The report's main argument was that organizations should expand their cybersecurity strategy… Continue Reading

Security Misconfigurations Caused 35% of All Time Cyber Incidents
February 28, 2023

Security Misconfigurations Caused 35% of All Time Cyber Incidents

By SOCRadar Research Security misconfiguration is the vulnerability that arises when systems or applications are not configured properly, resulting in potential security risks. According to OWASP, in 90% of the applications they examined, they found… Continue Reading

February 27, 2023

The Week in Dark Web – February 27, 2023 – Access Sales and Data Leaks

Powered by DarkMirror™ The most sophisticated attacks can be based on data put up for sale on the dark web by threat actors. A piece of simple information seemingly insignificant to an ordinary person can… Continue Reading

Fix Available for Double Free Vulnerability in OpenSSH 9.1 (CVE-2023-25136)
February 27, 2023

Fix Available for Double Free Vulnerability in OpenSSH 9.1 (CVE-2023-25136)

CVE-2023-25136, a pre-authentication double-free vulnerability, has been fixed in OpenSSH version 9.2p1. The vulnerability is highly severe, with a CVSS score of 9.8, and could be used to cause a denial-of-service (DoS) or remote code execution (RCE).  OpenSSH is… Continue Reading

Education Threat Landscape Report: Education Industry Threat Posts Increased by 61%
February 24, 2023

Education Threat Landscape Report: Threat Posts 61% Increased

The education industry is experiencing a digital transformation process as technology becomes more prevalent in the world. This shift is particularly relevant for students, parents, teachers, administrators, and consultants who make up the diverse user… Continue Reading

An Analysis of Emerging Fortinet Vulnerabilities Trend
February 23, 2023

An Analysis of Emerging Fortinet Vulnerabilities Trend

By SOCRadar Research Fortinet is one of the major cybersecurity companies and offers 56 cybersecurity products. But, such a wide range of products and services means that the attack surface is vast, and being widely used… Continue Reading

VMware Fixes Critical Vulnerability in Carbon Black App Control (CVE-2023-20858)
February 22, 2023

VMware Fixes Critical Vulnerability in Carbon Black App Control (CVE-2023-20858)

VMware has recently rolled out a patch to address a critical vulnerability in its Carbon Black App Control product, which could result in full access to the operating system. The VMware vulnerability is identified as CVE-2023-20858 and has a CVSS… Continue Reading

February 20, 2023

The Week in Dark Web – February 20, 2023 – Access Sales and Data Leaks

Powered by DarkMirror™ Organizations' worst nightmares are "data breaches" and "data leaks." Atlassian is one of the companies that has had a large share of such cyber incidents in recent years. Last week we saw… Continue Reading

Fortinet Patched Critical RCE Vulnerabilities in FortiNAC and FortiWeb: CVE-2022-39952 and CVE-2021-42756
February 20, 2023

Fortinet Patched Critical RCE Vulnerabilities in FortiNAC and FortiWeb: CVE-2022-39952 and CVE-2021-42756

[February 23, 2023] Update: The vulnerability has been exploited. Added the subheading“FortiNAC Vulnerability is Under Exploitation.” [February 22, 2023] Update: Proof-of-concept exploit has been published. Added the subheading “Proof-of-Concept is Available.” Fortinet has issued security… Continue Reading

Atlassian Hacked: SiegedSec Hacker Group Leaks Company's Data
February 16, 2023

Atlassian Hacked: SiegedSec Hacker Group Leaks Company’s Data

As a late Valentine's Day hack, a hacker group called "SiegedSec" claims to have hacked software company Atlassian. The group leaked the company's floorplans and information about 13,000 employees. Atlassian has also acknowledged the hack, although it… Continue Reading

Microsoft Fixes 3 Actively Exploited Zero-Day in February Patch Tuesday
February 15, 2023

Microsoft Fixes 3 Actively Exploited Zero-Day in February Patch Tuesday

Three actively exploited zero-day vulnerabilities and a total of 75 flaws are fixed by Microsoft's security updates and Patch Tuesday for February 2023.  These updates are separate from the 22 vulnerabilities the company recently addressed… Continue Reading

Cloudflare Thwarts Largest DDoS Attack on Record: 71M Requests per Second
February 14, 2023

Cloudflare Thwarts Largest DDoS Attack on Record: 71M Requests

Cloudflare has blocked dozens of hyper-volumetric DDoS attacks aimed at its customers over the weekend. With 71 million requests per second (rps), one of the attacks is described as the largest volumetric distributed denial-of-service (DDoS) attack to date, while… Continue Reading

February 13, 2023

The Week in Dark Web – February 13, 2023 – Ransomware and Data Leaks

Powered by DarkMirror™ LockBit and Play ransomware groups continue their attacks in hacking spree mode. The attack that victimized the UK's leading postal service, Royal Mail, became the hottest cyber incident of the past week.… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo