Latest articles from SOCRadar
Microsoft has released new security updates on the Patch Tuesday April 2023, to address 97 vulnerabilities. One of these flaws is a zero-day vulnerability, which has been exploited in ransomware attacks, making it particularly concerning. Seven vulnerabilities are… Continue Reading
Apple released patches on April 7 to address two zero-day vulnerabilities, CVE-2023-28205 and CVE-2023-28206. The vendor acknowledges a report of these vulnerabilities possibly being actively exploited for code execution on vulnerable devices. Because the vulnerabilities also affect older… Continue Reading
One can desire the forbidden, as is the narrative in the Genesis chapter of the Old Testament. In today's digital world, the means of approaching the forbidden are underground markets. One of the most important… Continue Reading
Cybersecurity remains a major concern for organizations of all sizes as cyberattacks become more sophisticated and frequent. Despite efforts to enhance security measures, cybercriminals continue to find new ways to breach networks and systems. Organizations must stay… Continue Reading
[April 19, 2023] Update: Added subheading: “Patches Released for New Vulnerabilities: CVE-2023-29199 and CVE-2023-30547.” The vm2 library's author recently released a patch for a critical vulnerability that affects all previous versions. The vulnerability, tracked as CVE-2023-29017, has… Continue Reading
Powered by DarkMirror™ Ransomware attacks continue to be a nightmare for organizations. The Money Message group made a name for itself for a while and performed a shocking attack last week. The threat actor targeting… Continue Reading
Country cyber threat landscape means the perspective of distinct cybersecurity threats targeting the related country. The threat landscape of a country could change accordingly since cyber threats constantly evolve through time. A detailed country threat… Continue Reading
Cisco, this week released updates to fix various security vulnerabilities in its products. These updates also cover serious issues affecting Secure Network Analytics and Identity Services Engine (ISE) products. The vendor disclosed 25 vulnerabilities, including one critical vulnerability… Continue Reading
A phishing kit is a set of software tools, such as HTML, pictures, and code that fraudsters can use to construct and launch phishing attacks. Phishing kits allow anyone with little or no phishing experience to… Continue Reading
As a cyber threat intelligence company, SOCRadar's mission is to use every possible piece of information to identify and prevent cyber threats targeting our customers. SOCRadar performs several scanning/security checks by detecting the attack surface… Continue Reading
Researchers have discovered a new ransomware strain called Rorschach. This sophisticated and fast form of malware was used to target a company based in the United States. Rorschach is also among the fastest ransomware ever seen in terms of encryption speed due… Continue Reading
Fraud refers to transactions made using card information without the knowledge of cardholders in the card payment sector in cybersecurity or purchases made by using fake or stolen credit cards. Today, with the advantages of the rapid digitalization… Continue Reading
Threat actors exploit WinRAR self-extracting (SFX) archives containing decoy files by adding malicious functionality to install backdoors in target systems without detection. SFX archives involve a decompressor stub allowing users to decompress and view the contents without… Continue Reading
Threat actors are actively exploiting security vulnerabilities in Zimbra, IBM Aspera Faspex, Cacti, and Realtek products. Respective vendors have previously fixed the vulnerabilities used in attacks and have varying CVSS scores between 6.1 and 9.8. Winter Vivern… Continue Reading
This article briefly explains threat hunting and SOCRadar’s ability to use the feature. If you are still reading this, we invite you to try SOCRadar XTI Free Edition, which has the full capabilities of the… Continue Reading
Powered by DarkMirror™ In the dark web summary of the previous week, we talked about the victims that the Clop ransomware group has repeatedly revealed. Probably they also inspired other threat actors because we saw… Continue Reading
Recently, cybersecurity company Wiz discovered a misconfiguration issue in Azure Active Directory (AAD) that resulted in unauthorized access to several applications, which could have also led to a Bing.com takeover. Azure Active Directory (AAD) is a cloud-based… Continue Reading
Cybercriminals are using a new toolkit called AlienFox to steal login credentials and sensitive data from cloud-based email services by scanning for misconfigured servers. The toolkit is available for purchase through a private Telegram channel.… Continue Reading
The birth and growth of social media were one of the events shaping the last decades. It started with a straightforward idea (connecting with your school buddies), but social media affected people's lives and nations`… Continue Reading
Advanced Persistent Threat groups are known for their sophisticated attacks and ability to stealthily stay in a system for a long time. These groups are commonly nation-state-sponsored, and they carry out various espionage or sabotage attacks for the… Continue Reading