Blog

Latest articles from SOCRadar

All You Need to Know About Endpoint Security
August 29, 2022

All You Need to Know About Endpoint Security

Endpoint Security products are responsible for a market size of approximately 14 million in 2021. Regarding this market's compound annual growth rate (CAGR), it is estimated that the market will double in 9 years. According… Continue Reading

Critical RCE Vulnerability in the Atlassian Bitbucket Server and Data Center
August 29, 2022

Critical RCE Vulnerability in the Atlassian Bitbucket Server and Data Center

Atlassian recently issued a security advisory to notify Bitbucket Server and Data Center users about a critical vulnerability. Labeled CVE-2022-36804 is a command injection flaw with a CVSS score of 9.9. On vulnerable systems, the vulnerability could allow attackers… Continue Reading

Dark Web Profile: BlackCat (ALPHV)
August 26, 2022

Dark Web Profile: BlackCat (ALPHV)

[Update] August 18, 2023: Microsoft has detected a recent version of BlackCat ransomware equipped with the Impacket communication framework tool. Added the subheading “New BlackCat Ransomware Variant Using Impacket.” [Update] July 05, 2023: BlackCat has… Continue Reading

Twilio and MailChimp Attackers Hit 130 Organizations With Okta Phishing Campaign
August 26, 2022

Twilio and MailChimp Attackers Hit 130 Organizations with Okta Phishing Campaign 

A larger phishing campaign that targeted 136 organizations and resulted in the theft of 9,931 account login credentials has been linked to the hackers behind a series of recent hacks, including those on Twilio, MailChimp, and Cloudflare. These… Continue Reading

Threat Actors Stole LastPass Source Code Through a Compromised Developer Account
August 26, 2022

Threat Actors Stole LastPass Source Code Through a Compromised Developer Account

On 25th August, LastPass announced a breach and stated that its source code was stolen, along with some technical information. The incident happened two weeks ago, and the password management company only recently confirmed it.… Continue Reading

Dark Web Stories: Escrow
August 25, 2022

Dark Web Stories: Escrow

Have you ever heard of the term dark web? Besides sheltering various individuals from spies to threat actors in its highly private environment, the dark web also hosts black markets of different sizes. According to… Continue Reading

IBM Fixes Security Bypass Vulnerabilities Discovered in MQ Software
August 25, 2022

IBM Fixes Security Bypass Vulnerabilities Discovered in MQ Software

IBM released security updates for two critical vulnerabilities in its message-oriented middleware IBM MQ. The vulnerabilities, identified as CVE-2022-27780 and CVE-2022-30115, allow for security bypass and exposure of sensitive data.  The flaws were both discovered… Continue Reading

Patch Available for Important LPE Vulnerability in VMware Tools
August 25, 2022

Patch Available for Important LPE Vulnerability in VMware Tools

A security flaw identified in VMware Tools could lead to local privilege escalation attacks. A remote attacker with initial access can steal sensitive data and take complete control over virtual machines. The flaw has a… Continue Reading

Top 10 TLDs Threat Actors Use for Phishing
August 24, 2022

Top 10 TLDs Threat Actors Use for Phishing

[Update] May 18, 2023: Google has released eight new top-level domains (TLDs). Added the subheading: "Google's New TLDs: Commercial Opportunities and Security Risks" A TLD is the last character of a domain name, such as… Continue Reading

Critical RCE Flaw Fixed in New Versions of GitLab
August 24, 2022

Critical RCE Flaw Fixed in New Versions of GitLab

GitLab released patches where they fixed a critical remote code execution vulnerability. It is labeled CVE-2022-2884 with a CVSS score of 9.9. This critical vulnerability in the GitHub Import API can be exploited by an attacker who… Continue Reading

August 23, 2022

Hackers Utilize AWS to Launch Phishing Attacks

Phishing attacks are being launched by hackers using a tactic called Static Expressway. The newly-spread tactic lets hackers get their emails past Amazon Web Services (AWS) automated security scanners.  Email security provider Avanan claims that scammers can… Continue Reading

August 23, 2022

The Week in Dark Web – 23 August 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. This week's headlines are government leaks, dark web access sales, and vast databases of user information. Find out if… Continue Reading

Spain Threat Landscape Report Released
August 22, 2022

Spain Threat Landscape Report: E-Commerce & Finance Industries Under Attack

SOCRadar's Threat Landscape Report this month aims to provide organizations located in Spain with a region-based understanding of evolving and emerging cyber threats. We hope our intelligence will help companies and nonprofits in their future… Continue Reading

Major Cyberattacks in Review: July 2022
August 22, 2022

Major Cyberattacks in Review: July 2022 

Today's world has many cyberattack targets, including large organizations, small businesses, and individuals. Any action, no matter how small, can put you in danger. Most of the cyber incidents from last month involved situations in… Continue Reading

LockBit Is Allegedly DDoSed After Leaking Entrust Data
August 22, 2022

LockBit Allegedly DDoSed After Leaking Entrust’s Data

IT security company Entrust suffered a cyberattack on June 18. Attackers gained unauthorized access to the company's network to reach internal data. Despite the theft of some files, Entrust's workflow was unaffected. The company later notified… Continue Reading

Fixed Flaw in Fishbowl Inventory Could Lead to RCE
August 19, 2022

Fixed Flaw in Fishbowl Inventory Could Lead to RCE

Researchers identified a Java deserialization flaw in a Fishbowl Inventory instance that could result in remote code execution. The vulnerability is tracked as CVE-2022-29805.  Fishbowl Inventory assists businesses in managing their inventory. The software is… Continue Reading

New Zero-Day Vulnerabilities in Apple and Google Products
August 18, 2022

New Zero-Day Vulnerabilities in Apple and Google Products

Apple issued security updates to fix zero-day vulnerabilities that were reportedly being actively exploited. The vulnerabilities could let an attacker execute arbitrary code on iPhone, iPad, and Mac devices and even take control of them. … Continue Reading

Top 10 Threat Intelligence Browser Extensions for SOC Analysts
August 18, 2022

Top 10 Threat Intelligence Browser Extensions for SOC Analysts

Browser extensions simplify several tasks. They are not limited to standard web surfing but may also be helpful for cybersecurity specialists.  It takes less time for security experts to research a website or online service,… Continue Reading

Dark Web Stories: How Hackers Advertising on Black Market?
August 17, 2022

Dark Web Stories: How Hackers Advertising on Black Market?

It is highly possible to come across the term black market in movies, news, debates, etc. In real life, the black market is a vast concept that includes various players, from criminal individuals to countries… Continue Reading

New Zero-Day Vulnerabilities in Apple and Google Products
August 17, 2022

Exploit Code of Critical Realtek SDK Vulnerability Released

An exploit code is accessible for the Realtek eCos SDK's high severity security flaw. The flaw could allow unauthenticated remote attackers to: Execute arbitrary code  Crash networking devices  Create backdoors Intercept network traffic  Modify network… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo