Latest articles from SOCRadar
Powered by DarkMirror™ Last week, the dark web's most spectacular news was the victims that Clop announced one after the other. The threat actor, who targeted brands such as Rubrik and Hitachi with his attacks… Continue Reading
On March 8, 2023, SOCRadar announced that it received a $5 million Series A investment from 212, a leading equity fund investing in B2B technology start-ups. Then it has become the target of cyber fraudsters. As… Continue Reading
Online transactions ease our daily lives but also pose a serious risk to both businesses and their customers. Magecart attacks are one of them. Magecart is a type of malware that can steal credit card information from eCommerce websites.… Continue Reading
The recent advisories issued by the US Cybersecurity and Infrastructure Security Agency (CISA) highlight the serious vulnerabilities in industrial control systems (ICS) used by organizations across multiple critical infrastructure industries. 49 vulnerabilities have been identified in eight ICS… Continue Reading
[Update] September 1, 2023: Sandworm targets Ukrainian military in new campaign, see the subheading: “Sandworm Targets Ukrainian Military with “Infamous Chisel” Malware.” Threat actors range from teenagers eager to earn quick cash to state-sponsored actors… Continue Reading
Cybercriminals employ many ways to distribute malware, including taking advantage of legitimate services. Recently, security researchers discovered that cybercriminals have started using Adobe Acrobat Sign service to spread the RedLine information stealer malware. Adobe Acrobat Sign is an online… Continue Reading
'By 2024, a cyberattack will so damage critical infrastructure that a member of the G20 will reciprocate with a declared physical attack' is one of Gartner's strategic planning assumptions about critical infrastructure. Cyberattacks on critical infrastructure… Continue Reading
Powered by DarkMirror™ Last week, two notorious ransomware groups added two more names to their victim lists. AlphVM/BlackCat announced the Amazon-owned Ring on their leak site. The company has denied this for now. LockBit, one… Continue Reading
On December 6, 2022, Telegram shared a new update blog on its blog page. In this blog post, specific topics attract attention, primarily based on privacy, and will attract cybercriminals. Telegram is known to be… Continue Reading
[Update] November 16, 2023: See the subheading: “APT29 Exploits WinRAR Vulnerability (CVE-2023-38831) in European Embassy Attacks.” [Update] August 3, 2023: Microsoft identified a new wave of social engineering attacks by APT29. See the subheading: “APT29's… Continue Reading
SAP has recently fixed 19 vulnerabilities as part of its March 2023 patch day. Five vulnerabilities are rated critical and have also been labeled "hot news" by the vendor. The critical vulnerabilities affect several versions of the… Continue Reading
[Update] December 5, 2023: Microsoft has officially attributed the exploitation of CVE-2023-23397 to APT28.* Microsoft has released its Patch Tuesday update for March 2023, which includes fixes for 80 security vulnerabilities. Eight vulnerabilities have critical severity ratings, and two zero-day vulnerabilities are under… Continue Reading
Powered by DarkMirror™ Data held by states is valuable to many threat actors. This information is sometimes used for fraud and sometimes for larger attacks. Data from missile systems companies such as NATO, Italian Ministry… Continue Reading
In time, the hacker underworld creates a similar model of Software-as-a-Service (SaaS). Malware as a service and SaaS have a similar duty with one main difference; MaaS is an unlawful version of SaaS. MaaS gives… Continue Reading
Recently, AT&T revealed that a data breach in January compromised the personal information of about 9 million of their customers. The breach was caused by a marketing vendor's hack, and as a result, some Customer Proprietary Network Information (CPNI) was accessed.… Continue Reading
Funding will support the expansion of SOCRadar’s single-platform early warning system that offers external attack surface management, cyber threat intelligence, and digital risk protection SOCRadar, one of the fastest-growing cyber security companies in the world,… Continue Reading
By SOCRadar Research Ransomware attacks have become a potential threat to all enterprises, regardless of industry or size. Ransomware can target any individual or business that processes sensitive data as long as the threat actors… Continue Reading
Fortinet has revealed a critical severity vulnerability, tracked as CVE-2023-25610, in a new advisory. It is a buffer underwrite vulnerability in FortiOS and FortiProxy that occurs when a program attempts to read more data than is available from… Continue Reading
As we enter March 2023, the world continues to face a surge in cyberattacks that threaten individuals, businesses, and government agencies. The last month has already witnessed some of the most significant cyber incidents, including data… Continue Reading
Not many sane persons in the US will go against the (Internal Revenue Service) IRS. Even some crazies like Batman's supervillain Joker will stay out of the way of the IRS. However, the IRS's frightening… Continue Reading
