Blog

Latest articles from SOCRadar

Top 10 Cybersecurity Events You Must Follow
June 7, 2022

Top 10 Cybersecurity Events You Must Follow

Whether you work at a startup or in the information security department of a well-established company, you need to attend cybersecurity events to meet with the world's leading cybersecurity experts and vendors. These events, where… Continue Reading

Mandiant Leak Alleged: A PR Trial?
June 7, 2022

Mandiant Leak Alleged: A PR Trial? 

LockBit ransomware gang claimed that they had stolen Mandiant's data. The gang posted a countdown on their data leak site earlier today. They claimed to have hacked the cybersecurity company and stolen 356,841 files from their network. LockBit's… Continue Reading

What Do You Need To Know About Atlassian Confluence RCE Vulnerability?
June 6, 2022

What Do You Need To Know About Atlassian Confluence RCE Vulnerability? 

After it was disclosed that the RCE vulnerability with the code CVE-2022-26134, which affects Atlassian Confluence and Data Center servers, was exploited by multiple threat actors, detailed analyzes of the exploit continue to be published.… Continue Reading

What are Threat Hunting Tools?
June 2, 2022

What are Threat Hunting Tools?

Threat hunting is how computer security specialists aggressively seek out and eliminate cyber dangers that have infiltrated their computer network invisibly. Threat hunting is searching for new possible risks and vulnerabilities beyond recognized alerts or malicious… Continue Reading

Verizon 2022 DBIR: All Sizes of Businesses Suffer from Ransomware
June 1, 2022

Verizon 2022 DBIR: All Sizes of Businesses Suffer from Ransomware

Verizon has released the 15th Data Breach Investigations Report (DBIR), an in-depth analysis of trends in cyberattacks and data breaches for cybersecurity experts and leaders worldwide. The report includes reviews of around 24,000 cybersecurity incidents that… Continue Reading

On-Device Fraud Trend in Mobile Malware Campaigns
June 1, 2022

On-Device Fraud Trend in Mobile Malware Campaigns

According to the 2022 mobile threat landscape analysis published byThreatFabric, ODF (on-device fraud) banking trojans targeting Android devices are widespread, while Spain and Turkey are at the center of malware campaigns. The other most targeted countries are Poland, Australia,… Continue Reading

Workarounds for Microsoft Office Zero-Day RCE Vulnerability "Follina" has Released
May 31, 2022

Workarounds for Microsoft Office Zero-Day RCE Vulnerability “Follina” has Released

The Follina zero-day vulnerability in Microsoft Office allows threat actors to perform remote code execution. Cybersecurity researchers discovered the vulnerability when the Word document "05-2022-0438.doc" was uploaded to VirusTotal from an IP address in Belarus. Independent… Continue Reading

GitHub Announces 100,000 npm Users' Credentials Stolen
May 30, 2022

GitHub Announces 100,000 npm Users’ Credentials Stolen

GitHub has announced that 100,000 npm user information was stolen through OAuth tokens linked to Heroku and Travis CI. It was previously stated that there was a security breach in mid-April, but detailed information was not… Continue Reading

Deep Web Profile: REvil
May 27, 2022

Deep Web Profile: REvil

REvil is a ransomware hacking group, as its name suggests -REvil = "ransomware" + "evil"-. This ransomware group is thought to be centered in Russia. It is also named "Sodinokibi." Who is REvil? Their work… Continue Reading

PoC Released for Authentication Bypass Vulnerability in VMware
May 27, 2022

PoC Released for Authentication Bypass Vulnerability in VMware

Vulnerability-related PoC has been published that allows threat actors to bypass authentication across multiple VMware products. VMware previously shared patches for the vulnerability. VMware issued a security advisory on May 18, 2022, for vulnerabilities affecting Workspace ONE… Continue Reading

20 Interesting Facts About Ransomware
May 26, 2022

20 Interesting Facts About Ransomware

Ransomware attacks marked 2021 and continue to make a splash in 2022. We've compiled some interesting information about this type of attack that has frightened financial institutions, government agencies, and even NGOs worldwide. We know how… Continue Reading

How DNS Sinkholing Works?
May 25, 2022

How DNS Sinkholing Works?

What is a Domain Name System (DNS)?  The Domain Name System, or DNS, is a naming database that locates and translates internet domain names into IP addresses, similar to a phone’s contact list.  Web browsing… Continue Reading

Stop BEC Attacks with SOCRadar Takedown Processes
May 25, 2022

Stop BEC Attacks with SOCRadar Takedown Processes

Attacks such as phishing, business e-mail compromise (BEC), and malware infection, which are among the fraud activities, increasingly pose a serious threat to organizations. The numbers in the "Phishing Activity Trends Reports" of the last quarter… Continue Reading

What Do You Need To Know and Do About Compromised CTX Module in Python Package Repositories?
May 24, 2022

What Do You Need To Know and Do About Compromised CTX Module in Python Package Repositories?

According to a post on Reddit, evidence was presented that the CTX module in the Python package repositories is performing malicious activity. It is known that the CTX module was updated again after seven years,… Continue Reading

Turla's Reconnaissance Campaign Targets Eastern Europe
May 24, 2022

Turla Reconnaissance Campaign Targets Eastern Europe

The reconnaissance and espionage campaign of the Russia-linked Turla hacker group against the Austrian Economic Chamber, Baltic Defense College, and NATO's Joint Advanced Distributed Learning (JDAL) platform has emerged. Experts think that the recent economic… Continue Reading

Deep Web Profile: Karakurt Extortion Group
May 20, 2022

Deep Web Profile: Karakurt Extortion Group

Karakurt has extorted sensitive data from nearly 40 different organizations within a year, a Russian-originated cybercriminal organization. So what is the cause of the group's "success," and who are they? Karakurt: A Ransomware Gang or… Continue Reading

Conti Ransomware Ended: They Operate With Other Groups Now
May 20, 2022

Conti Ransomware Ended: They Operate With Other Groups Now

The Conti ransomware gang had taken its infrastructure offline and ceased operations. According to the news of Advanced Intel's Yelisey Boguslavskiy, the Tor admin panel, where Conti held the ransom negotiations and published new data leak… Continue Reading

Attack Surface Management (ASM) in 10 Questions
May 19, 2022

Attack Surface Management (ASM) in 10 Questions

The rise of working from home and access to cloud services and the expansion of businesses have increased attack surfaces. The attack surface is all hardware, software, and cloud assets that process or store information with access… Continue Reading

Top 10 Twitter Accounts to Follow for Threat Intelligence
May 18, 2022

Top 10 Twitter Accounts to Follow for Threat Intelligence

Threat intelligence feeds on such a broad spectrum that sometimes you'd be surprised to hear where you can get relevant information. Often, it can be nearly impossible to keep track of everything because of the… Continue Reading

New Botnet Discovered Exploiting Critical VMware Vulnerability
May 18, 2022

New Botnet Discovered Exploiting Critical VMware Vulnerability

The critical VMware vulnerability with code CVE-2022-22954 was discovered to be used by threat actors for remote code execution in botnet and Log4Shell-driven attacks. Although VMware has announced that the vulnerability has been fixed, cyber-attacks continue… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo