Blog

Latest articles from SOCRadar

Microsoft September Patch Tuesday Fixes Critical RCE Flaws and an Actively Exploited Zero Day
September 14, 2022

September Patch Tuesday Fixes Actively Exploited Zero Day and RCE Flaws

Microsoft's September Patch Tuesday update includes fixes for 63 vulnerabilities. There are five high-severity remote code execution vulnerabilities along with an actively exploited zero-day vulnerability.  Products that include the critical RCE vulnerabilities are as follows: … Continue Reading

Vote for SOCRadar at the Computing Security Awards 2022
September 13, 2022

Vote for SOCRadar at the Computing Security Awards 2022!

SOCRadar is proud to be among the finalists in the "Threat Intelligence Award" category this year at the Computing Security Awards 2022, where companies operating in different fields of the cybersecurity industry compete! Held since… Continue Reading

September 13, 2022

The Week in Dark Web – 13 September 2022 – Database Leaks

Powered by DarkMirror™ Threat actors mostly sold leaked databases last week. Among them were datasets that included important government data. Some Chinese, Italian, and Iranian companies were also among the victims. Find out if your… Continue Reading

High-Severity Firmware Flaws in HP Devices Yet to Be Patched
September 12, 2022

High-Severity Firmware Flaws in HP Devices Yet to Be Patched

Specific HP PC models' BIOS has flaws that could allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. Firmware vulnerabilities are especially harmful since they can enable long-term breaches that would… Continue Reading

Lampion Banking Malware Reappears in WeTransfer Phishing Attacks
September 12, 2022

Lampion Banking Malware Reappears in WeTransfer Phishing Attacks

Lampion malware operators use the free file-sharing platform WeTransfer to perform phishing attacks. This way, attackers can avoid security alerts since they are tricking users into downloading from a trustworthy service.  Threat actors used hacked… Continue Reading

Recent Attack Types Against Cloud Infrastructures
September 9, 2022

Recent Attack Types Against Cloud Infrastructures

Overview of Cloud Security Cloud security, in short, is the application of the best technology and best practices aimed at objectives such as data and brand protection, preventing disruption of services, and protecting the infrastructure within… Continue Reading

Patch Released for RCE Vulnerability in pfSense Firewall
September 9, 2022

Patch Released for RCE Vulnerability in pfSense Firewall

A critical vulnerability has been discovered in a plugin of Netgate's pfSense firewall. The flaw is tracked as CVE-2022-31814 and can expose the affected instances to unauthenticated remote code execution attacks. pfSense is an open-source firewall and router… Continue Reading

Cisco Released Patches for Vulnerabilities Affecting Several Products
September 8, 2022

Cisco Released Patches for Vulnerabilities Affecting Several Products

Three security issues impacting Cisco products were patched on Wednesday, including a high-severity vulnerability discovered in NVIDIA Data Plane Development Kit (MLNX DPDK) last month.  The vulnerability, identified as CVE-2022-28199 (CVSS 8.6), is due to improper error handling in the network… Continue Reading

Zyxel NAS Devices are Affected by a Critical RCE Vulnerability
September 8, 2022

Zyxel NAS Devices are Affected by a Critical RCE Vulnerability

Zyxel has announced fixes for a severe format string issue in its network attached storage products. The Taiwanese network giant's affected products are listed as:  NAS326 (V5.21(AAZF.11)C0 and earlier)  NAS540 (V5.21(AATB.8)C0 and earlier)  NAS542 (V5.21(ABAG.8)C0… Continue Reading

How XDR Powers Rapid Attack Detection and Response
September 7, 2022

How XDR Powers Rapid Attack Detection and Response

A McKinsey article states that today’s organizations are expected to suffer from three major trends for the next three to five years. These trends can be expressed simply as follows; Increase in the on-demand ubiquitous data access &… Continue Reading

Criminal Marketplace WT1SHOP Taken Down After Nearly 6M Records Compromised
September 7, 2022

Illegal Marketplace WT1SHOP Seized After Nearly 6M Records Compromised 

A global law enforcement operation has taken down the website and domains for WT1SHOP. WT1SHOP is an illegal marketplace often used by threat actors who are looking for information or want to sell it. The… Continue Reading

Mirai Variant MooBot Targets RCE Vulnerabilities in D-Link Routers
September 7, 2022

Mirai Variant MooBot Targets RCE Vulnerabilities in D-Link Routers

MooBot botnet is back for new attacks. The variant of the Mirai malware started a new campaign last month to exploit critical vulnerabilities (CVSS 9.8) in D-Link routers.  MooBot was first identified in December 2021,… Continue Reading

September 6, 2022

The Week in Dark Web – 6 September 2022 – Access and Vulnerability Sales

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Threat actors mostly sold access to victims' systems last week on the dark web. We observed that some of… Continue Reading

TikTok Denies Allegations of a 2.05 Billion Record Data Breach
September 6, 2022

TikTok Denies Allegations of a 2.05 Billion Record Data Breach

Popular social media platform TikTok rejected claims that it had been compromised by threat actors who claimed to have obtained access to an insecure cloud server.  The denial comes in response to suspected hacking posts… Continue Reading

QNAP Fixes Zero-Day Recently Leveraged by DeadBolt Ransomware
September 6, 2022

QNAP Fixes Zero-Day Recently Leveraged by DeadBolt Ransomware

The Taiwanese company QNAP cautions customers about DeadBolt ransomware attacks upon exploiting a zero-day vulnerability in Photo Station. QNAP detected the issue on September 3.  The DeadBolt ransomware gang has been allegedly exploiting the zero-day vulnerability on QNAP NAS… Continue Reading

What is Account Takeover and How to Prevent It?
September 5, 2022

What is Account Takeover and How to Prevent It?

What is Account Takeover?  Account takeover occurs when fraudsters use stolen credentials to gain unauthorized access to a valid account. ATO attacks are used by fraudsters to move payments, steal information, and take advantage of… Continue Reading

Major Cyberattacks in Review: August 2022
September 5, 2022

Major Cyberattacks in Review: August 2022 

Threat actors did not stay idle in August, and as always, they continued their attacks on small or large companies, government organizations, and critical infrastructures that could disrupt daily life. While ransomware attacks remained popular,… Continue Reading

Attackers Targeting Banking Credentials: American Express and Google Play Users at Risk
September 5, 2022

Attackers Targeting Banking Credentials: American Express and Google Play Users at Risk

Phishing has changed significantly over the past ten years, and scammers now have sophisticated tools to use fake emails and websites to access the banking information of unwary victims. These cutting-edge strategies and alluring lures… Continue Reading

What is Malvertising & How to Stop Ad Malware?
September 2, 2022

What is Malvertising & How to Stop Ad Malware?

What is a Malvertising Attack?  Malvertising, also known as malicious advertising, refers to criminally controlled advertisements within Internet-connected programs, typically web browsers (there are exceptions), that intentionally harm individuals and businesses by distributing malware, potentially… Continue Reading

1,800 Mobile Apps with Hardcoded AWS Credentials Show Supply Chain Risks
September 2, 2022

1,800 Apps with Hardcoded AWS Credentials Show Supply Chain Risks

More than 1,800 mobile applications have hardcoded AWS credentials, according to Symantec, which has issued a warning about the possible risks of poor security measures.  An analysis of Android and iOS apps revealed that most apps… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo