OWASP Top 10 for LLMs: An Overview with SOCRadar
OWASP Top 10 for LLMs: An Overview with SOCRadar Large Language Models (LLMs) are artificial intelligence models that generate human-like text. They have become increasingly prevalent in today’s...
Zimbra Zero-Day Vulnerability Actively Exploited, Apply the Fix Now
Zimbra Zero-Day Vulnerability Actively Exploited, Apply the Fix Now [Update] November 17, 2023: See the subheading: “Google Reports Four Campaigns Exploiting the Zimbra Zero-Day: CVE-2023-37580.” Zimb...
Multiple Critical (CVE-2023-29308) Vulnerabilities Discovered in Adobe...
Multiple Critical (CVE-2023-29308) Vulnerabilities Discovered in Adobe InDesign A series of important zero-day vulnerabilities in Adobe InDesign has been discovered recently, and promptly reported to ...
Chinese Threat Actors Target European Ministries and Embassies with HT...
Chinese Threat Actors Target European Ministries and Embassies with HTML Smuggling in Smugx Campaign The re-emergence of HTML smuggling can be linked to the global increase in remote work due to the p...
Top 10 Malware Analysis Platforms & Tools
Top 10 Malware Analysis Platforms & Tools While cyberspace constantly expands, some dangers like malware come to the surface in parallel. A mail attachment, an innocent-looking application downloa...
Threat Actor Profile: BianLian, The Shape-Shifting Ransomware Group
Threat Actor Profile: BianLian, The Shape-Shifting Ransomware Group Nowadays, there is a rise in the number of ransomware groups with names that mean something. For example, Yanluowang is a deity in C...
Critical Auth Bypass Vulnerabilities: SonicWall Urges Immediate Patchi...
Critical Auth Bypass Vulnerabilities: SonicWall Urges Immediate Patching for GMS/Analytics SonicWall has issued an urgent security notice regarding critical vulnerabilities impacting their Global Mana...
Joint CISA and FBI Advisory: APT Activity Targeting Outlook Online
Joint CISA and FBI Advisory: APT Activity Targeting Outlook Online In a recent joint advisory, the Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI)...
Critical RCE Vulnerability (CVE-2023-33308) in FortiOS and FortiProxy:...
Critical RCE Vulnerability (CVE-2023-33308) in FortiOS and FortiProxy: Immediate Security Update Required Fortinet has recently addressed a critical Remote Code Execution (RCE) vulnerability that affe...
Microsoft's July 2023 Patch Tuesday Fixes Five Zero-Days, Nine Critica...
Microsoft’s July 2023 Patch Tuesday Fixes Five Zero-Days, Nine Critical Vulnerabilities Microsoft has released the July 2023 Patch Tuesday update, which includes 130 security vulnerabilities and...
Ransomware Attacks on Banking Industry
Ransomware Attacks on Banking Industry Due to the escalating illicit pursuits of cybercriminals seeking unlawful financial gains, particular sectors and specific types of cyber attacks tend to gain pr...
Critical RCE Vulnerability in ShareFile: PoC Exploit Available
Critical RCE Vulnerability in ShareFile: PoC Exploit Available [Update] August 1, 2023: Researchers from Greynoise warn of the first attempts to exploit the vulnerability in Citrix ShareFile. Added th...
Navigating the Assets Discovery Journey with SOCRadar XTI EASM
Navigating the Assets Discovery Journey with SOCRadar XTI EASM The attack surface is the sum of all potential entry points an attacker can use to gain unauthorized access to an organization’s as...
Apple Addresses Critical Zero-Day Exploit (CVE-2023-37450) with Rapid ...
Apple Addresses Critical Zero-Day Exploit (CVE-2023-37450) with Rapid Security Response Updates Apple has released Rapid Security Response (RSR) updates to tackle a zero-day vulnerability that has bee...
Newly Emerged Ransom Threats: Big Head and Rancoz
Newly Emerged Ransom Threats: Big Head and Rancoz July is the official Ransomware Awareness Month and it serves as a poignant reminder of the ever-growing danger presented by ransomware attacks. In li...
Major Cyberattacks in Review: June 2023
Major Cyberattacks in Review: June 2023 In today’s interconnected world, cybersecurity incidents, including the entrance of major cyberattacks in June 2023, have become an unfortunate reality, a...
Fortinet and Linux Kernel Exploit Shares, iCloud Checker Tool, and Cit...
Fortinet and Linux Kernel Exploit Shares, iCloud Checker Tool, and Citrix Access Sales This week, as always, we bring you these startling narratives not to alarm but to inform and prompt action. So jo...
New Critical and High-Severity Vulnerabilities Found in MOVEit Transfe...
New Critical and High-Severity Vulnerabilities Found in MOVEit Transfer In recent security disclosures, a total number of three critical and high-severity vulnerabilities have been identified in Progr...
Threads and BlueSky Could Be a New Playground for Scammers
Threads and BlueSky Could Be a New Playground for Scammers In today’s digital landscape, social media has become essential for businesses to connect with their audience and promote their brand. ...
Understanding the Type Confusion Vulnerability
Understanding the Type Confusion Vulnerability In early June 2023, a zero-day, exploited in the wild, emerged regarding Google Chrome, Microsoft Edge, and many more Chromium-based browsers, ...