Latest articles from SOCRadar
Microsoft has released the May 2023 Patch Tuesday update and it addresses 40 security vulnerabilities. The patch addresses six critical vulnerabilities and three zero-day vulnerabilities, two of which are actively exploited. The following is a… Continue Reading
In today's digital age, cyber threats are becoming increasingly common, and one of the most prevalent types of attacks is phishing. Phishing involves tricking people into giving away their personal or confidential information by posing… Continue Reading
[Update] July 5, 2023: In a recent cyber attack, Anonymous Sudan claimed to have targeted the login portal of Riot Games Inc. Added under the subheading: “Recent Cyber Activities: Microsoft Hacking, UAE-Israel Alliance, and Targeted Attacks.” [Update]… Continue Reading
MSI, a leading Taiwanese PC manufacturer, suffered a ransomware attack last month. The threat actors behind the attack, the Money Message gang, published the company's private code signing keys on a dark website last week for double extortion. In… Continue Reading
This week, we have some troubling news to share, like always. We've learned that half a million credit cards belonging to Brazilians are up for sale on the dark web. In addition, an American shop… Continue Reading
Researchers discovered a new ransomware group called Cactus, operating since at least March 2023. Cactus steals data and encrypts files like other ransomware operations but uses a different method to avoid detection. Cactus, according to researchers,… Continue Reading
The RSA Conference 2023 is set to be one of the biggest and most exciting cybersecurity events of the year. With over 500 sessions scheduled, attendees will have plenty of opportunities to learn from some of the brightest minds… Continue Reading
The recent cyber attacks on Bluefield University and University Urology highlight the increasing risk of cybercrime targeting organizations in the education and healthcare industries. As organizations become more reliant on technology for storing and processing data, they must remain vigilant and… Continue Reading
The world has changed rapidly since the invention of the Internet. One of the most important aspects it affected is using the Internet for banking. According to Forbes, as of 2022, 78% of adults in the U.S. prefer… Continue Reading
Sandworm (UAC-0165), a Russian hacking group, has been linked to an attack on Ukrainian state networks that involved wiping data from government devices using WinRAR, according to an advisory from the Ukrainian Government Computer Emergency Response Team… Continue Reading
[May 4, 2023] Update: Brightline, a mental health provider, was among the organizations targeted by the Clop ransomware group in March. Read the subheading "Data Breach of Brightline Impacts Over 780K Patients." The Department of Health… Continue Reading
Cybersecurity researchers have discovered a new malware, called 'LOBSHOT,' distributed through Google ads. This malware allows cybercriminals to take over infected Windows devices by using hVNC. The hVNC is a type of VNC remote access… Continue Reading
Ransomware has been one of the most glaring threats against organizations in recent years. Since 2021 SOCRadar has detected around 5,600 ransomware attacks. There was a rise from 2021 to 2022 in the number of attacks… Continue Reading
SOCRadar's first technical white paper is out! Here are some highlights: Threat actors created fake data to increase the number of records. Stealer software commonly runs in the Downloads folder and AppData/temp directories. Corporate credentials… Continue Reading
A global malverposting campaign that has been ongoing for the past three months has been traced back to a Vietnamese threat actor. Malverposting is the practice of distributing malware to a large number of people through promoted social… Continue Reading
We are experiencing a period in which threat actors are increasingly outsourcing and growing the cybercrime network. SOCRadar researchers have previously addressed these issues in their initial access and vulnerability brokers articles. The larger this network, the easier attackers… Continue Reading
One of the most devastating cyberattacks on critical infrastructure was the Colonial Pipeline attack in the United States in May 2021. This attack caused chaos nationwide and was considered a national security threat affecting consumers, airlines, and public transportation. … Continue Reading
[Update] May 15, 2023: The Bl00dy Ransomware gang has started exploiting the CVE-2023-27350 vulnerability. Added the subheading: “Bl00dy Ransomware Exploits PaperCut RCE in Education Industry.” [Update] May 9, 2023: State-sponsored threat actors named Mint Sandstorm… Continue Reading
[Update] August 31, 2023: See the subheading: “LockBit’s Operational Struggles, Empty Threats, and Sudden Surge.” [Update] July 03, 2023: LockBit claimed to hack Taiwan Semiconductor Manufacturing Company (TSMC), but TSMC clarified that only one of… Continue Reading
Developers of Apache Superset, an open-source data visualization software, have released patches to fix a vulnerability in the default configuration settings. The vulnerability, identified as CVE-2023-27524, has a high severity CVSS score of 8.9. An unauthenticated attacker who… Continue Reading