Latest articles from SOCRadar
With the increasing adoption of cloud computing, cloud security has become a major concern for businesses that rely on cloud-based services to store, process, and manage their data. Cloud computing is a model for delivering computing services… Continue Reading
This blog is written with the help of OpenAI's ChatGPT. In November 2022, OpenAI -an Artificial Intelligence research and deployment company- released its chatbot, the ChatGPT. With the release, ChatGPT attracted the entire world's attention, and people… Continue Reading
By SOCRadar Research Security concerns grow day by day with the rise of cyberattacks. Among the threats, cyber espionage is one of the prominent activities. It can be used to get a hold of sensitive or classified… Continue Reading
At the BlackBerry Security Summit in 2022, four-fifths of IT decision-makers said they had been notified of an attack or vulnerability in their supply chain within the year. 77% of organizations stated that they had detected the… Continue Reading
In late November, security researchers found a critical vulnerability in Yith's WooCommerce Gift Cards plugin. Attackers can gain remote code execution through the vulnerability, identified as CVE-2022-45359 (CVSS score: 9.8), and ultimately take over WordPress websites. The Yith… Continue Reading
Gartner's report with comprehensive analysis and insights for endpoint security has been published. The Hype Cycle for Endpoint Security report aims to give organizations a perspective on why they should invest in these cybersecurity solutions while… Continue Reading
The Kyverno admission controller for container images has been found to have a high-severity security vulnerability. The vulnerability could let attackers introduce malicious code into cloud production environments. Users can define and enforce policies for their cluster and… Continue Reading
Powered by DarkMirror™ We're in the last week of the year. Most of us have already gone to visit our loved ones for a holiday. When thinking, "Oh, now I can get some relief," threat… Continue Reading
Five new vulnerabilities, one of which has a severity rating of 10 according to the Common Vulnerability Scoring System (CVSS), have been announced by the Zero Day Initiative (ZDI). What is the ZDI-22-1690 Vulnerability? The… Continue Reading
On December 23, 2022, a threat actor shared a post on a dark web forum monitored by SOCRadar, claiming to possess 400 million Twitter user data. While sharing some samples, the adversary states that Elon… Continue Reading
No matter the industry, cyberattacks can cause various problems, ranging from minor disruptions to significant losses or, even worse, lawsuits against your organization. Threat actors could target a business in any industry in hopes of… Continue Reading
Researchers have discovered a new security risk to a recently added feature in Amazon Web Services (AWS). Elastic IP transfer, an Amazon Virtual Private Cloud feature, is the attack vector. Moving Elastic IP addresses between AWS accounts is… Continue Reading
By SOCRadar Research The gaming industry has recently emerged as a preferred target for cyberattacks. The industry is constantly growing, with new platforms and products appearing daily. Changes in the social structure and globally unexpected circumstances like… Continue Reading
2022 was a year in which everyone worked to overcome the COVID-19 pandemic and a year in which threat actors simply tried to profit more from it. Threat actors have also been encouraged by national crises like… Continue Reading
By SOCRadar Research Critical infrastructures are the basis for the functioning of the countries' system, and they are essential to continue the country's operations, such as financial services, education, public health, food and agriculture, military, and… Continue Reading
According to reports, the zero-day vulnerabilities CVE-2022-41040 and CVE-2022-41082, dubbed ProxyNotShell, are still being actively exploited. Researchers published proof-of-concept (PoC) details after Microsoft patched the vulnerabilities in October Patch Tuesday. Since the patch, the attackers still target vulnerable MS Exchange Server… Continue Reading
By SOCRadar Research Like other critical infrastructures, the healthcare industry is frequently targeted by cyberattacks. The attacks in the healthcare vertical have begun to increase in recent years due to security vulnerabilities triggered by changes… Continue Reading
Threat actors need sensitive information to carry out most of their malicious activity. They typically obtain the information by conducting various cyberattacks or simply gathering it from unprotected platforms, accounts, or databases. When an attacker… Continue Reading
Powered by DarkMirror™ Threat actors always search for something profitable for their malicious activities, whether a government institute or a company from any industry. The most precious thing for them is personal data, even outdated… Continue Reading
Veeam has recently fixed two security vulnerabilities (CVE-2022-26500 and CVE-2022-26501) in the Backup & Replication software. With critical CVSS ratings of 9.8, the vulnerabilities permit remote code execution, which an attacker could use to take control of a target system.… Continue Reading