Blog

Latest articles from SOCRadar

Main Analytical Frameworks for Cyber Threat Intelligence
September 6, 2023

Main Analytical Frameworks for Cyber Threat Intelligence

Threat intelligence is a cyber-security discipline focusing on detailed knowledge about the cyber threats targeting an organization. Threat Intelligence Platforms create intelligence information by gathering raw threat data and security-related information from multiple sources, both… Continue Reading

ASUS Routers Under Risk of RCE Attacks: Critical Vulnerabilities Found (CVE-2023-39238, CVE-2023-39239, CVE-2023-39240)
September 6, 2023

ASUS Routers Under Risk of RCE Attacks: Critical Vulnerabilities Found (CVE-2023-39238, CVE-2023-39239, CVE-2023-39240)

Security researchers have recently unearthed three security vulnerabilities affecting several ASUS router models. ASUS, renowned as one of the leading networking manufacturers, boasts a substantial global user base of gamers, streamers, and various other consumers… Continue Reading

Dark Web Profile: Medusa Ransomware (MedusaLocker)
September 5, 2023

Dark Web Profile: Medusa Ransomware (MedusaLocker)

In ancient Greek mythology, Medusa stands as one of the most iconic and feared figures. With a head full of venomous snakes in place of hair, she had the power to turn anyone who gazed… Continue Reading

Sales of International IDs, UK Bank Leads, Fully Undetectable Crypter, US Instagram Database Leak
September 5, 2023

Sales of International IDs, UK Bank Leads, Fully Undetectable Crypter, US Instagram Database Leak

Introducing our weekly Dark Web digest, where we explore the most recent occurrences in the online underworld. Our dedicated SOCRadar Dark Web Team has been hard at work unearthing critical discoveries that demand your attention. … Continue Reading

Threat Actors Accessed UK Military Data From Weakest Link
September 5, 2023

Threat Actors Accessed UK Military Data From Weakest Link

On the 13th of August, The LockBit Ransomware group added a new victim to its list. The victim supplier, manufacturing company Zaun, expressed its belief that no classified information had been downloaded. However, reports suggested… Continue Reading

MalDoc in PDF: A Novel Method to Distribute Malicious Macros
September 5, 2023

MalDoc in PDF: A Novel Method to Distribute Malicious Macros

Since Microsoft disabled Macros by default, threat actors have actively experimented with alternative attack methods. They utilize various other file structures to distribute malicious content to their victims. Notably, notorious malware strains like Emotet, QakBot,… Continue Reading

Top 10 Best Free Cyber Threat Intelligence Sources and Tools in 2023
September 4, 2023

Top 10 Best Free Cyber Threat Intelligence Sources and Tools in 2023

Keeping abreast of cybersecurity developments has become a challenge, given the constantly evolving landscape. This includes newly discovered vulnerabilities, new attack methodologies, and the tactics, techniques, and procedures (TTPs) used by emerging cyber attackers. Consequently,… Continue Reading

Cyber Threat Intelligence (CTI) Roles for Ransomware Protection
September 4, 2023

Cyber Threat Intelligence (CTI) Roles for Ransomware Protection

Ransomware attacks remain one of the most significant cyber threats against organizations today. Despite numerous countries launching coordinated efforts to combat ransomware groups through law enforcement takedowns, cryptocurrency seizures, and indictments, the crime continues to… Continue Reading

Don't be Blinded by What You See: Demystifying Homograph Attacks
September 1, 2023

Don’t be Blinded by What You See: Demystifying Homograph Attacks

From Nigerian Princes to Crafty Codes: The Evolution of Phishing Remember the days when our inboxes were graced by those endearing messages from a distant "Nigerian Prince"? Ah, good times, right? If you're thinking, "What… Continue Reading

QakBot, One of The Most Observed Malware
August 31, 2023

QakBot, One of The Most Observed Malware

Qakbot, a versatile second-stage malware endowed with backdoor capabilities, was initially designed as a credential stealer. Remarkably, it remained operational till present day. It is so relevant that in ProofPoint's 2022 Phishing report, along with… Continue Reading

Ferrari Breach, 8.3M French Citizen Data Leak, Jeeves Card Leak & More
August 28, 2023

Ferrari Breach, 8.3M French Citizen Data Leak, Jeeves Card Leak & More

Welcome to this week's Dark Web roundup, where we delve into the latest unsettling incidents that have emerged from the depths of the hidden online realm. Our SOCRadar Dark Web Team has been busy digging… Continue Reading

Chain Reactions: Footprints of Major Supply Chain Attacks
August 28, 2023

Chain Reactions: Footprints of Major Supply Chain Attacks

In today's interconnected digital ecosystem, supply chain attacks have emerged as one of the most potent threats. A supply chain attack occurs when threat actors target organizations by focusing on weaker links in their supply… Continue Reading

Guarding the Gates: An Exploration of the Top Supply Chain Attacks
August 28, 2023

Guarding the Gates: An Exploration of the Top Supply Chain Attacks

Once upon a time, an anxious emperor, having heard a prophecy of his daughter's demise by a snakebite, ordered the construction of an isolated fortress. This was the Maiden's Tower, rising from the heart of… Continue Reading

Over 1,000 Zimbra Servers Compromised by Auth Bypass Vulnerability
August 25, 2023

A One-Click Security Vulnerability in Zimbra Collaboration Suite: CVE-2023-41106

In the realm of digital communication and collaboration, Zimbra Collaboration Suite has been a trusted ally for many. However, a shadow has been cast over its security recently. A one-click security vulnerability, capable of granting… Continue Reading

Navigating the Cyber Threat Landscape with SOCRadar's Vulnerability Intelligence and CVERadar
August 25, 2023

Navigating the Cyber Threat Landscape with SOCRadar’s Vulnerability Intelligence and CVERadar

In the world of cybersecurity, vulnerability intelligence is like a guiding light for experts dealing with online threats. So, what is it? Vulnerability intelligence focuses on gathering and sharing information about software vulnerabilities. Its main… Continue Reading

Telekopye Telegram Bot: 8 Year Old Phishing Kit Mimicking eBay and Other E-Commerce Sites
August 25, 2023

Telekopye Telegram Bot: 8 Year Old Phishing Kit Mimicking eBay and Other E-Commerce Sites

Telekopye is a Telegram bot, named by combining the words Telegram and "kopye," which means “spear” in Russian. The bot acts as an accomplice for threat actors, including those with limited technical knowledge. Its operation… Continue Reading

Navigating Cloud Vulnerabilities: Challenges and Solutions
August 24, 2023

Navigating Cloud Vulnerabilities: Challenges and Solutions

The cloud, in its simplest form, is a system of servers that store data and applications over the internet rather than on a computer's hard drive. It has become an integral part of modern organizations,… Continue Reading

Raccoon Stealer Resurfaces with New Enhancements
August 24, 2023

Raccoon Stealer Resurfaces with New Enhancements

The developers behind the information-stealing malware, Raccoon Stealer, have broken their six-month silence on hacker forums. They are now promoting an updated version of the 2.3.0 (2.3.0.1 since August 15, 2023) malware to potential cybercriminals.… Continue Reading

Top 10 DDoS Attacks
August 23, 2023

Top 10 DDoS Attacks

While the concept of a "DDoS attack" might seem intricate, its core essence is actually relatively straightforward. A common strategy involves overwhelming a targeted server with a barrage of communication requests originating from numerous machines.… Continue Reading

Exploring the NIST Cybersecurity Framework: Strengthening Digital Resilience
August 23, 2023

Exploring the NIST Cybersecurity Framework: Strengthening Digital Resilience

In today's rapidly evolving digital landscape, the term "cybersecurity" has become synonymous with safeguarding our most valuable assets: information and data. As we continue to witness an increasing number of cyber threats and attacks, ranging… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo