Latest articles from SOCRadar
IBM has published the Cost of a Data Breach report, which reveals how organizations from different industries are affected by data breaches and set future cybersecurity predictions. According to the report, financial losses incurred by… Continue Reading
With the security update released Tuesday, VMware fixed ten vulnerabilities affecting some of its products. One is the authentication bypass vulnerability, which is critical with a CVSS score of 9.8. Three RCE vulnerabilities are also… Continue Reading
In this article, we will look at the reconnaissance techniques from the MITRE ATT&CK framework’s point of view and discuss how to detect cyberattacks using MITRE ATT&CK Framework, and how we can protect ourselves and… Continue Reading
Cybersecurity researchers have uncovered a new campaign to distribute banking trojans on the Google Play Store. These "Droppers" make it difficult to detect threat actors and are highly effective for malware distribution. This software, becoming increasingly… Continue Reading
The annual Cost of a Data Breach Report, featuring research by Ponemon Institute, offers insights from 550 actual breaches to help you understand cyber risk in a changing world. Research shows that insider threats cause… Continue Reading
The critical hard-coded credentials flaw in Atlassian's Questions For Confluence app (CVE-2022-26138) has been actively exploited in the wild a week after the patches were made available for it. The flaw only exists on servers that enabled… Continue Reading
Attack surface management is the continual identification, monitoring, assessment, prioritizing, and remediation of attack vectors within an organization's IT infrastructure. What is Attack Surface Management? While similar in nature to asset discovery or asset management, frequently… Continue Reading
Microsoft associates the private sector offensive actor (PSOA) Knotweed with the Austrian spyware distributor DSIRF. DSIRF, founded in 2016, advertises itself as an information research company that performs security and analysis tasks for the red team while… Continue Reading
Killnet is a pro-Russian hacktivist group known for its DoS and DDoS attacks on government institutions and companies in multiple countries while the Russian invasion of Ukraine in 2022. The group even declared war on… Continue Reading
A new phishing attempt with the codename Ducktail is in progress and targets LinkedIn users who work in the field to hijack Facebook business accounts that control the firm's advertising. It has been reported that… Continue Reading
Domain hijacking attacks can have many damaging consequences, such as the exposure of sensitive data and financial and reputational damage to organizations. These attacks can result in major data breaches and leaks. This article tells… Continue Reading
Attackers discovered a way to exploit a vulnerability in PrestaShop servers. The actively exploited zero-day, CVE-2022-36408, allows attackers to execute arbitrary code in an SQL injection attempt and possibly steal customer payment information. Nearly 300,000… Continue Reading
Phishing attacks have victimized many users and companies for years, and it seems they will continue to do so. Many security measures have been taken against such attacks. However, the attackers develop new TTPs with the… Continue Reading
A severe SQL injection vulnerability has been reported by network security vendor SonicWall in their security advisory. It affects the GMS (Global Management System) and Analytics On-Prem products. Which SonicWall Products Are Affected? Product Affected Versions Fixed Versions GMS 9.3.1-SP2-Hotfix1… Continue Reading
There are a variety of network monitoring and perimeter protection solutions available for both personal and commercial networks. Nevertheless, even the most protected businesses may fall prey to a cyber assault. The terrifying aspect of this… Continue Reading
Cisco announced that it has released security updates for vulnerabilities detected in the Nexus Dashboard. The security flaws include a high-risk arbitrary command execution vulnerability. By exploiting this vulnerability, threat actors can connect to the system remotely and… Continue Reading
[Update] June 26, 2023: BreachForums was seized by the FBI three months after the arrest of its administrator. Added the subheading “FBI Seizes BreachForums After Arrest of Admin.” [Update] June 20, 2023: Rival forums leak… Continue Reading
BEC attack is a type of social engineering attack that takes place over email and the attacker aims for financial gain. Often, attackers aim to trick employees into sending money or valuable personal data (PII)… Continue Reading
Atlassian announced that it has released an update for a critical vulnerability affecting its Confluence Server and Data Center products. The vulnerability, which allows unauthenticated actors to gain remote access, is tracked with the code… Continue Reading
In the context of cybersecurity, spoofing is the act of impersonating another entity to earn our trust, obtain access to our systems, steal data, steal money, or transmit malware. How Does Spoofing Work? Spoofing often consists of… Continue Reading
