Jul 24, 2023
Zero-Days (CVE-2023-26077, CVE-2023-26078) in Atera Windows Installers

Zero-Days (CVE-2023-26077, CVE-2023-26078) in Atera Windows Installers Recent revelations have exposed critical zero-day vulnerabilities in Atera Windows installers. Cyber attackers could potentially ...

Learn More
Jul 24, 2023
300% Increase in the Number of Dark Web References to Manufacturing Or...

300% Increase in the Number of Dark Web References to Manufacturing Organizations SOCRadar’s Manufacturing Threat Landscape Report is out now! This report provides valuable insights into the cybersecu...

Learn More
Jul 24, 2023
A Snapshot of 2023 CWE Top 25 Most Dangerous Software Weaknesses

A Snapshot of 2023 CWE Top 25 Most Dangerous Software Weaknesses Figure 1: Top 25 CWE logo (MITRE) The 2023 CWE Top 25 Most Dangerous Software Weaknesses is a list that ranks the most widespread and c...

Learn More
Jul 24, 2023
Roblox Data Breach, Unauthorized Access Sales, and Global Leaks

Roblox Data Breach, Unauthorized Access Sales, and Global Leaks Welcome to SOCRadar’s weekly dark web news digest. This week, we spotlight several critical cybersecurity incidents: a significant...

Learn More
Jul 24, 2023
Google Partially Patches Cloud Build’s Critical Design Flaw: Bad.Build...

Google Partially Patches Cloud Build’s Critical Design Flaw: Bad.Build Researchers discovered a critical security design flaw in Google Cloud Build, which they dubbed as “Bad.Build”. The d...

Learn More
Jul 22, 2023
First-Known Targeted Open-Source Supply Chain Attacks Strike the Banki...

First-Known Targeted Open-Source Supply Chain Attacks Strike the Banking Sector The cybersecurity threat landscape continues to witness new and sophisticated threats, and the banking sector is no exce...

Learn More
Jul 21, 2023
Dark Web Threat Profile: CLOP Ransomware

Dark Web Threat Profile: CLOP Ransomware [Update] August 7, 2023: Clop ransomware has now adopted Torrents as a distribution method for the stolen data. See more under: “Clop Adopts New Extortion Appr...

Learn More
Jul 20, 2023
Fixed Critical Severity Vulnerabilities (CVE-2022-45788) in Schneider ...

Fixed Critical Severity Vulnerabilities (CVE-2022-45788) in Schneider Electric EcoStruxure Products, Modicon PLCs, and PACs In the realm of industrial control systems (ICS), vulnerabilities pose signi...

Learn More
Jul 20, 2023
An Ongoing DDoS Campaign Targeting Sweden

An Ongoing DDoS Campaign Targeting Sweden Following an Islamophobic incident where the Qur’an was burned in Stockholm, Sweden, a new wave of cyber attacks, named #OpSweden, has emerged with sign...

Learn More
Jul 20, 2023
WormGPT: Blackhat AI Module Surges to 5,000 Subscribers in Just Few Da...

WormGPT: Blackhat AI Module Surges to 5,000 Subscribers in Just Few Days Artificial Intelligence (AI) has brought groundbreaking innovations, and one of its remarkable subsets is generative AI. While ...

Learn More
Jul 19, 2023
High Severity Vulnerabilities Fixed by Chrome 115 Update (CVE-2023-372...

High Severity Vulnerabilities Fixed by Chrome 115 Update (CVE-2023-3727, CVE-2023-3728, CVE-2023-3730, CVE-2023-3732) Google recently announced the release of the latest Chrome update, Chrome 115, to ...

Learn More
Jul 19, 2023
Critical Patches for Oracle Products including MySQL (CVE-2023-20862),...

Critical Patches for Oracle Products including MySQL (CVE-2023-20862), WebLogic Server (CVE-2023-26119) and VirtualBox VM (CVE-2023-22018) with critical vulnerabilities Oracle has recently released 50...

Learn More
Jul 19, 2023
Underground Fully UnDetectable (FUD) Crypter Market

Underground Fully UnDetectable (FUD) Crypter Market The rapidly evolving threats in the field of cybersecurity are being met with sophisticated methods such as “FUD” (Fully UnDetectable) crypters, whi...

Learn More
Jul 19, 2023
Overview of Cloudflare’s 2023 Q2 DDoS Threat Report

Overview of Cloudflare’s 2023 Q2 DDoS Threat Report Cloudflare, a renowned internet security company, has recently released a comprehensive report concerning DDoS attacks (Distributed Denial-of-Servic...

Learn More
Jul 18, 2023
Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CV...

Critical and High Vulnerabilities in Citrix ADC and Citrix Gateway (CVE-2023-3519, CVE-2023-3466, CVE-2023-3467) ...

Learn More
Jul 18, 2023
Inside the Mind of a Ransomware Boss: An Interview with the LockBit Ad...

Inside the Mind of a Ransomware Boss: An Interview with the LockBit Administrator As the effectiveness of ransomware attacks continues to escalate, they have emerged as the most significant challenge ...

Learn More
Jul 18, 2023
Threat Landscape in the Aviation Industry for H1 of 2023

Threat Landscape in the Aviation Industry for H1 of 2023 The aviation industry relies on interconnected networks and systems to facilitate seamless operations. Airlines, airports, manufacturers of air...

Learn More
Jul 18, 2023
Critical WooCommerce Vulnerability Enables Admin Privileges on WordPre...

Critical WooCommerce Vulnerability Enables Admin Privileges on WordPress Sites (CVE-2023-28121) Researchers have observed an active exploit campaign targeting a newly disclosed vulnerability, CVE-2023...

Learn More
Jul 17, 2023
Critical Remote Code Execution Vulnerability in Adobe ColdFusion (CVE-...

Critical Remote Code Execution Vulnerability in Adobe ColdFusion (CVE-2023-29300) [Update] January 9, 2024: “CVE-2023-38203 and CVE-2023-29300 in Adobe ColdFusion Have Joined the CISA KEV Catalog” [Up...

Learn More
Jul 17, 2023
From Azure AD to Microsoft Entra ID: Navigating the Name Change and St...

From Azure AD to Microsoft Entra ID: Navigating the Name Change and Strengthening Phishing Defense Azure AD, now known as Microsoft Entra ID, is undergoing a name change announced by Microsoft on 11 J...

Learn More