Latest articles from SOCRadar
A modern-day SOC is made from three components: people, processes, and technologies. In the people factor, a SOC team accounts for the provision of IT security services via detecting potential cyber threats and attacks actively,… Continue Reading
FIFA World Cup 2022 will be organized in Qatar from November 20 to December 18, 2022. Predictions show that 1.5 million people will travel to Qatar to watch the tournament, which national teams from 32… Continue Reading
Powered by DarkMirror™ November is the time of year when shopping sites are most targeted by threat actors. Just two weeks have passed, but there are many shopping sites' databases and access sales on the… Continue Reading
The past five years have witnessed the evolution of threat actors in ransomware. These developments, both operationally and technically, have significantly increased the damage done by ransomware groups. Ransomware gangs are no longer content with… Continue Reading
In an environment where attack methods are diversified, threat actors are constantly improving, massive attacks, data breaches, digital frauds, and ransomware attacks continue unabated. And it becomes more challenging to secure cyberspace. To cope with… Continue Reading
Researchers have discovered three different vulnerabilities, two of which are assigned a high severity rating and respectively used in the attack chain in the OpenLiteSpeed web server. According to some sources, it could be ranked… Continue Reading
A password strength checker is an online application that assesses the security of a user’s password in real-time by analyzing its grammar and highlighting possible vulnerabilities. The program verifies the usage of certain sequences of… Continue Reading
OSINT is a term that refers to the process of gathering information from publically accessible sources. These sources include but are not limited to newspapers, television, blogs, tweets, social media, photos, podcasts, and videos that… Continue Reading
Major cyberattacks of the last month include data leaks, security breaches, phishing attacks, and much more. Here are the top cyber incidents of October 2022. The MyDeal Data Breach Affects 2.2M Customers, and Stolen Data… Continue Reading
Every day, new vulnerabilities emerge, and multiplying proliferating vulnerabilities throughout today's complex technology contexts yield a never-ending risk hamster wheel. That's why vulnerability management has been a crucial component of any organization's security program for… Continue Reading
What are the Vulnerabilities? Microsoft November 2022 Patch Tuesday has been released with patches for a total of 68 vulnerabilities, which include 6 actively exploited zero days and 11 critical vulnerabilities. The number for each… Continue Reading
In a security bulletin on November 08, 2022, Citrix warned its customers using Citrix ADC and Citrix Gateway to install updates to patch three vulnerabilities, one of which was assessed as critical. The three vulnerabilities could allow attackers to bypass… Continue Reading
Recent research by John Sakellariadis for the Atlantic Council delves deeper into the emergence of ransomware over the past ten years. It is well worth reading for CISOs trying to comprehend this sector. The Rise of Ransomware … Continue Reading
As ransomware attacks have grown in popularity recently, researchers have begun compiling an easy-to-follow list of vulnerabilities exploited by ransomware groups. So organizations would be aware of which security flaws ransomware gangs use to gain… Continue Reading
Powered by DarkMirror™ Threat actors continued to sell databases and access to organizations' systems on hacker forums last week. Check out the latest dark web summary and see what's happening on the dark side. Find… Continue Reading
Iran's Atomic Energy Organization announced on Sunday, October 23, that foreign country-backed hackers had hacked an email system belonging to the organization's subsidiaries. On the other hand, the Iranian hacktivist group Black Reward claimed responsibility… Continue Reading
Including six vulnerabilities with a high severity rating, Fortinet warned customers on Tuesday (1 November) of 16 vulnerabilities found in the company's devices. Improper neutralization of input during web page generation vulnerability (CVE-2022-35842) in FortiADC… Continue Reading
DoS (Denial-of-service attacks) are frequently encountered in the cyber world and result in violation of the availability of online services. When this attack is made with the help of many computers (botnets), it is called… Continue Reading
On November 1, Version 3.0.7 of OpenSSL was released to fix two high-severity vulnerabilities (CVE-2022-3602 and CVE-2022-3786). Despite the initial announcement, the severity of both vulnerabilities was assessed as high rather than critical. The vulnerabilities affect the OpenSSL version 3.0.0… Continue Reading
In the first eight months of 2022, the SOCRadar CTIA Team examined 1,700 ransomware threats published on dark web forums and hacker channels. 4.5% of these posts were related to the financial industry, targeting financial… Continue Reading