Zero-Days (CVE-2023-26077, CVE-2023-26078) in Atera Windows Installers
Zero-Days (CVE-2023-26077, CVE-2023-26078) in Atera Windows Installers Recent revelations have exposed critical zero-day vulnerabilities in Atera Windows installers. Cyber attackers could potentially ...
300% Increase in the Number of Dark Web References to Manufacturing Or...
300% Increase in the Number of Dark Web References to Manufacturing Organizations SOCRadar’s Manufacturing Threat Landscape Report is out now! This report provides valuable insights into the cybersecu...
A Snapshot of 2023 CWE Top 25 Most Dangerous Software Weaknesses
A Snapshot of 2023 CWE Top 25 Most Dangerous Software Weaknesses Figure 1: Top 25 CWE logo (MITRE) The 2023 CWE Top 25 Most Dangerous Software Weaknesses is a list that ranks the most widespread and c...
Roblox Data Breach, Unauthorized Access Sales, and Global Leaks
Roblox Data Breach, Unauthorized Access Sales, and Global Leaks Welcome to SOCRadar’s weekly dark web news digest. This week, we spotlight several critical cybersecurity incidents: a significant...
Google Partially Patches Cloud Build’s Critical Design Flaw: Bad.Build...
Google Partially Patches Cloud Build’s Critical Design Flaw: Bad.Build Researchers discovered a critical security design flaw in Google Cloud Build, which they dubbed as “Bad.Build”. The d...
First-Known Targeted Open-Source Supply Chain Attacks Strike the Banki...
First-Known Targeted Open-Source Supply Chain Attacks Strike the Banking Sector The cybersecurity threat landscape continues to witness new and sophisticated threats, and the banking sector is no exce...
Dark Web Threat Profile: CLOP Ransomware
Dark Web Threat Profile: CLOP Ransomware [Update] August 7, 2023: Clop ransomware has now adopted Torrents as a distribution method for the stolen data. See more under: “Clop Adopts New Extortion Appr...
Fixed Critical Severity Vulnerabilities (CVE-2022-45788) in Schneider ...
Fixed Critical Severity Vulnerabilities (CVE-2022-45788) in Schneider Electric EcoStruxure Products, Modicon PLCs, and PACs In the realm of industrial control systems (ICS), vulnerabilities pose signi...
An Ongoing DDoS Campaign Targeting Sweden
An Ongoing DDoS Campaign Targeting Sweden Following an Islamophobic incident where the Qur’an was burned in Stockholm, Sweden, a new wave of cyber attacks, named #OpSweden, has emerged with sign...
WormGPT: Blackhat AI Module Surges to 5,000 Subscribers in Just Few Da...
WormGPT: Blackhat AI Module Surges to 5,000 Subscribers in Just Few Days Artificial Intelligence (AI) has brought groundbreaking innovations, and one of its remarkable subsets is generative AI. While ...
High Severity Vulnerabilities Fixed by Chrome 115 Update (CVE-2023-372...
High Severity Vulnerabilities Fixed by Chrome 115 Update (CVE-2023-3727, CVE-2023-3728, CVE-2023-3730, CVE-2023-3732) Google recently announced the release of the latest Chrome update, Chrome 115, to ...
Critical Patches for Oracle Products including MySQL (CVE-2023-20862),...
Critical Patches for Oracle Products including MySQL (CVE-2023-20862), WebLogic Server (CVE-2023-26119) and VirtualBox VM (CVE-2023-22018) with critical vulnerabilities Oracle has recently released 50...
Underground Fully UnDetectable (FUD) Crypter Market
Underground Fully UnDetectable (FUD) Crypter Market The rapidly evolving threats in the field of cybersecurity are being met with sophisticated methods such as “FUD” (Fully UnDetectable) crypters, whi...
Overview of Cloudflare’s 2023 Q2 DDoS Threat Report
Overview of Cloudflare’s 2023 Q2 DDoS Threat Report Cloudflare, a renowned internet security company, has recently released a comprehensive report concerning DDoS attacks (Distributed Denial-of-Servic...
Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CV...
Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) ...
Inside the Mind of a Ransomware Boss: An Interview with the LockBit Ad...
Inside the Mind of a Ransomware Boss: An Interview with the LockBit Administrator As the effectiveness of ransomware attacks continues to escalate, they have emerged as the most significant challenge ...
Threat Landscape in the Aviation Industry for H1 of 2023
Threat Landscape in the Aviation Industry for H1 of 2023 The aviation industry relies on interconnected networks and systems to facilitate seamless operations. Airlines, airports, manufacturers of air...
Critical WooCommerce Vulnerability Enables Admin Privileges on WordPre...
Critical WooCommerce Vulnerability Enables Admin Privileges on WordPress Sites (CVE-2023-28121) Researchers have observed an active exploit campaign targeting a newly disclosed vulnerability, CVE-2023...
Critical Remote Code Execution Vulnerability in Adobe ColdFusion (CVE-...
Critical Remote Code Execution Vulnerability in Adobe ColdFusion (CVE-2023-29300) [Update] January 9, 2024: “CVE-2023-38203 and CVE-2023-29300 in Adobe ColdFusion Have Joined the CISA KEV Catalog” [Up...
From Azure AD to Microsoft Entra ID: Navigating the Name Change and St...
From Azure AD to Microsoft Entra ID: Navigating the Name Change and Strengthening Phishing Defense Azure AD, now known as Microsoft Entra ID, is undergoing a name change announced by Microsoft on 11 J...