Latest articles from SOCRadar
Microsoft associates the private sector offensive actor (PSOA) Knotweed with the Austrian spyware distributor DSIRF. DSIRF, founded in 2016, advertises itself as an information research company that performs security and analysis tasks for the red team while… Continue Reading
Killnet is a pro-Russian hacktivist group known for its DoS and DDoS attacks on government institutions and companies in multiple countries while the Russian invasion of Ukraine in 2022. The group even declared war on… Continue Reading
A new phishing attempt with the codename Ducktail is in progress and targets LinkedIn users who work in the field to hijack Facebook business accounts that control the firm's advertising. It has been reported that… Continue Reading
Domain hijacking attacks can have many damaging consequences, such as the exposure of sensitive data and financial and reputational damage to organizations. These attacks can result in major data breaches and leaks. This article tells… Continue Reading
Attackers discovered a way to exploit a vulnerability in PrestaShop servers. The actively exploited zero-day, CVE-2022-36408, allows attackers to execute arbitrary code in an SQL injection attempt and possibly steal customer payment information. Nearly 300,000… Continue Reading
Phishing attacks have victimized many users and companies for years, and it seems they will continue to do so. Many security measures have been taken against such attacks. However, the attackers develop new TTPs with the… Continue Reading
A severe SQL injection vulnerability has been reported by network security vendor SonicWall in their security advisory. It affects the GMS (Global Management System) and Analytics On-Prem products. Which SonicWall Products Are Affected? Product Affected Versions Fixed Versions GMS 9.3.1-SP2-Hotfix1… Continue Reading
There are a variety of network monitoring and perimeter protection solutions available for both personal and commercial networks. Nevertheless, even the most protected businesses may fall prey to a cyber assault. The terrifying aspect of this… Continue Reading
Cisco announced that it has released security updates for vulnerabilities detected in the Nexus Dashboard. The security flaws include a high-risk arbitrary command execution vulnerability. By exploiting this vulnerability, threat actors can connect to the system remotely and… Continue Reading
[March 22, 2023] Update: The BreachForums has been shut down. Added the subheading “Fearing Compromise, BreachForums Shuts Down.” [March 20, 2023] Update: The BreachForums admin Pompompurin has been seized by law. Added the subheading "Authorities… Continue Reading
BEC attack is a type of social engineering attack that takes place over email and the attacker aims for financial gain. Often, attackers aim to trick employees into sending money or valuable personal data (PII)… Continue Reading
Atlassian announced that it has released an update for a critical vulnerability affecting its Confluence Server and Data Center products. The vulnerability, which allows unauthenticated actors to gain remote access, is tracked with the code… Continue Reading
In the context of cybersecurity, spoofing is the act of impersonating another entity to earn our trust, obtain access to our systems, steal data, steal money, or transmit malware. How Does Spoofing Work? Spoofing often consists of… Continue Reading
Construction materials manufacturer Knauf announced it was the target of a cyberattack by the Black Basta ransomware. The company declared that some of its operations were interrupted due to the attack, and the IT team… Continue Reading
Some standard cybersecurity measures are endpoint security tools, such as VPNs, proxies, antimalware, and employee cybersecurity awareness training. Despite all these precautions, sometimes employees can fall victim to social engineering attacks due to unawareness and ignorance.… Continue Reading
Microsoft discovered a new zero-day vulnerability in Windows products and released a patch. The vulnerability lets attackers with a foothold already established on a targeted system run code with SYSTEM privileges. After the discovery, CISA… Continue Reading
CISA advised users and administrators to apply recently released fixes in Juniper Networks products due to several critical vulnerabilities and stated, "An attacker could exploit some of these vulnerabilities to take control of an affected system."… Continue Reading
As the most extensive worldwide system that stores information on everything (and almost everyone), the Internet comprises three distinct layers: the visible, the deep, and the dark web. Some layers contain significantly more information than… Continue Reading
Cybersecurity helps to reduce the risk of cyber-attacks and to eliminate the risks. Finding out the best solution to prevent the attacks is very important. However, how can it be possible to reach the maximum potential of… Continue Reading
Every company with an online component to its business needs cyber awareness; it also requires a Security Operations Center (SOC) if the online part is big enough. A SOC team requires reliable cyber threat intelligence to… Continue Reading
