Blog

Latest articles from SOCRadar

CVE-2022-47633 Vulnerability Allows Attackers to Bypass Kyverno Signature Verification
December 26, 2022

CVE-2022-47633 Vulnerability Allows Attackers to Bypass Kyverno Signature Verification

The Kyverno admission controller for container images has been found to have a high-severity security vulnerability. The vulnerability could let attackers introduce malicious code into cloud production environments.  Users can define and enforce policies for their cluster and… Continue Reading

December 26, 2022

The Week in Dark Web – 26 December 2022 – Data Leaks and Access Sales

Powered by DarkMirror™ We're in the last week of the year. Most of us have already gone to visit our loved ones for a holiday. When thinking, "Oh, now I can get some relief," threat… Continue Reading

All You Need to Know About the Linux Kernel ksmbd Remote Code Execution (ZDI-22-1690) Vulnerability
December 24, 2022

All You Need to Know About the Linux Kernel ksmbd Remote Code Execution (ZDI-22-1690) Vulnerability

Five new vulnerabilities, one of which has a severity rating of 10 according to the Common Vulnerability Scoring System (CVSS), have been announced by the Zero Day Initiative (ZDI). What is the ZDI-22-1690 Vulnerability? The… Continue Reading

December 24, 2022

400 Million Twitter Users Data Allegedly Breached for Extortion 

On December 23, 2022, a threat actor shared a post on a dark web forum monitored by SOCRadar, claiming to possess 400 million Twitter user data. While sharing some samples, the adversary states that Elon… Continue Reading

Top 10 Targeted Industries and Countries in 2022
December 23, 2022

Top 10 Targeted Industries and Countries in 2022

No matter the industry, cyberattacks can cause various problems, ranging from minor disruptions to significant losses or, even worse, lawsuits against your organization. Threat actors could target a business in any industry in hopes of… Continue Reading

AWS Elastic IP Transfer Feature Could Be Exploited in Attacks
December 23, 2022

AWS Elastic IP Transfer Feature Could Be Exploited in Attacks

Researchers have discovered a new security risk to a recently added feature in Amazon Web Services (AWS).  Elastic IP transfer, an Amazon Virtual Private Cloud feature, is the attack vector. Moving Elastic IP addresses between AWS accounts is… Continue Reading

Increasing Cyberattacks Targeting the Gaming Industry in 2022
December 22, 2022

Increasing Cyberattacks Targeting the Gaming Industry in 2022

By SOCRadar Research The gaming industry has recently emerged as a preferred target for cyberattacks. The industry is constantly growing, with new platforms and products appearing daily. Changes in the social structure and globally unexpected circumstances like… Continue Reading

Top 10 Cyber Incidents in 2022
December 22, 2022

Top 10 Cyber Incidents in 2022

2022 was a year in which everyone worked to overcome the COVID-19 pandemic and a year in which threat actors simply tried to profit more from it. Threat actors have also been encouraged by national crises like… Continue Reading

Why Have Central Banks Become the Target of Cyber Threat Actors?
December 21, 2022

An Analysis of Central Banks Hackings: Who is Next?

By SOCRadar Research Critical infrastructures are the basis for the functioning of the countries' system, and they are essential to continue the country's operations, such as financial services, education, public health, food and agriculture, military, and… Continue Reading

Reports of ProxyNotShell Vulnerabilities Being Actively Exploited (CVE-2022-41040 and CVE-2022-41082)
December 21, 2022

Reports of ProxyNotShell Vulnerabilities Being Actively Exploited (CVE-2022-41040 and CVE-2022-41082)

According to reports, the zero-day vulnerabilities CVE-2022-41040 and CVE-2022-41082, dubbed ProxyNotShell, are still being actively exploited. Researchers published proof-of-concept (PoC) details after Microsoft patched the vulnerabilities in October Patch Tuesday. Since the patch, the attackers still target vulnerable MS Exchange Server… Continue Reading

Top 10 Data Leaks in 2022
December 20, 2022

Top 10 Data Leaks in 2022

Threat actors need sensitive information to carry out most of their malicious activity. They typically obtain the information by conducting various cyberattacks or simply gathering it from unprotected platforms, accounts, or databases.  When an attacker… Continue Reading

December 19, 2022

The Week in Dark Web – 19 December 2022 – Access Sales and Leaks

Powered by DarkMirror™ Threat actors always search for something profitable for their malicious activities, whether a government institute or a company from any industry. The most precious thing for them is personal data, even outdated… Continue Reading

Veeam Fixes Critical Vulnerabilities in Backup & Replication Software (CVE-2022-26500 & CVE-2022-26501)
December 19, 2022

Veeam Fixes Critical Vulnerabilities in Backup & Replication Software (CVE-2022-26500 & CVE-2022-26501)

Veeam has recently fixed two security vulnerabilities (CVE-2022-26500 and CVE-2022-26501) in the Backup & Replication software. With critical CVSS ratings of 9.8, the vulnerabilities permit remote code execution, which an attacker could use to take control of a target system.… Continue Reading

December 16, 2022

Dark Web Profile: Killnet – Russian Hacktivist Group

[Update] November 22, 2023: See the subheading: "Unrest Within KillNet: Internal Conflict and Public Criticism." By SOCRadar Research The ongoing conflict between Ukraine and Russia has attracted the attention of various cybercriminal groups and pushed… Continue Reading

Dark Web Profile: Black Basta Ransomware
December 16, 2022

Dark Web Profile: Black Basta Ransomware

By SOCRadar Research One of the perpetrators of the ransomware attacks, which increased by 59% in the last year, is the Russian-speaking origin ransomware group, Black Basta. They emerged in April 2022 and became notorious for breaching nearly a… Continue Reading

Microsoft Reevaluates SPNEGO NEGOEX Security Vulnerability CVE-2022-37958 as Critical
December 16, 2022

Microsoft Reevaluates SPNEGO NEGOEX Vulnerability CVE-2022-37958 as Critical  

Microsoft reassessed the severity score of a vulnerability fixed in September 2022 Patch Tuesday. The vulnerability, tracked as CVE-2022-37958, was previously identified as an information disclosure vulnerability and had a CVSS score of 7.5. A researcher from IBM recently… Continue Reading

Top 5 Vulnerabilities Routinely Exploited by Threat Actors in 2022
December 15, 2022

Top 5 Vulnerabilities Routinely Exploited by Threat Actors in 2022

By SOCRadar Research Day by day, it becomes harder to maintain a good security posture. Threat actors are at every corner, searching for a way to breach defenses and expose what is underneath. During the Covid-19… Continue Reading

Gartner Recognized SOCRadar as a DRPS Vendor in 2 Reports
December 15, 2022

Gartner Recognized SOCRadar as a DRPS Vendor in 2 Reports

The digitalization process has become a norm in any business. Now, organizations' assets are highly increased, and there are many things to consider or manage. That's why companies from all industries started to invest in… Continue Reading

December 14, 2022

The Week in Dark Web – 14 December 2022 – Access Sales and Leaks

Powered by DarkMirror™ Just a few weeks remain to close 2022. We are all in the mood for the holiday season, but it seems threat actors continue their efforts on the dark web. Here's the… Continue Reading

APT5 Exploits Zero-Day Vulnerability on Citrix ADC and Gateway Devices
December 14, 2022

APT5 Exploits Zero-Day Vulnerability on Citrix ADC and Gateway Devices

Citrix has just released a patch to address a critical zero-day vulnerability affecting its products. The vulnerability is identified as CVE-2022-27518 (CVSS score: 9.8) and allows remote code execution for unauthenticated attackers. VP of Citrix, Peter Lefkowitz, stated on… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo