Blog

Latest articles from SOCRadar

Microsoft and SAP Release Security Updates to Address Critical Vulnerabilities
April 12, 2023

Microsoft and SAP Release Security Updates to Address Critical Vulnerabilities

Microsoft has released new security updates on the Patch Tuesday April 2023, to address 97 vulnerabilities. One of these flaws is a zero-day vulnerability, which has been exploited in ransomware attacks, making it particularly concerning. Seven vulnerabilities are… Continue Reading

CISA Warns: Patch Apple Zero-Day Vulnerabilities Until May
April 11, 2023

CISA Warns: Patch Apple Zero-Day Vulnerabilities Until May

Apple released patches on April 7 to address two zero-day vulnerabilities, CVE-2023-28205 and CVE-2023-28206. The vendor acknowledges a report of these vulnerabilities possibly being actively exploited for code execution on vulnerable devices. Because the vulnerabilities also affect older… Continue Reading

What's Next for Cybercrime Ecosystem After Genesis Market Takedown?
April 11, 2023

What’s Next for Cybercrime Ecosystem After Genesis Market Takedown?

One can desire the forbidden, as is the narrative in the Genesis chapter of the Old Testament. In today's digital world, the means of approaching the forbidden are underground markets. One of the most important… Continue Reading

Major Cyberattacks in Review: March 2023
April 10, 2023

Major Cyberattacks in Review: March 2023

Cybersecurity remains a major concern for organizations of all sizes as cyberattacks become more sophisticated and frequent. Despite efforts to enhance security measures, cybercriminals continue to find new ways to breach networks and systems. Organizations must stay… Continue Reading

Critical Vulnerability in vm2 JavaScript Sandbox Library: Exploit Code Available
April 10, 2023

Critical Vulnerability in vm2 JavaScript Sandbox Library: Exploit Code Available

[April 19, 2023] Update: Added subheading: “Patches Released for New Vulnerabilities: CVE-2023-29199 and CVE-2023-30547.” The vm2 library's author recently released a patch for a critical vulnerability that affects all previous versions. The vulnerability, tracked as CVE-2023-29017, has… Continue Reading

April 10, 2023

MSI Breach, Operation Cookie Monster & Data Sales

Powered by DarkMirror™ Ransomware attacks continue to be a nightmare for organizations. The Money Message group made a name for itself for a while and performed a shocking attack last week. The threat actor targeting… Continue Reading

April 7, 2023

Meet Our Country Threat Landscape Reports to Know Your Cyber Territory

Country cyber threat landscape means the perspective of distinct cybersecurity threats targeting the related country. The threat landscape of a country could change accordingly since cyber threats constantly evolve through time. A detailed country threat… Continue Reading

Cisco Releases Patches for Vulnerabilities in Multiple Products
April 7, 2023

Cisco Releases Patches for Vulnerabilities in Multiple Products

Cisco, this week released updates to fix various security vulnerabilities in its products. These updates also cover serious issues affecting Secure Network Analytics and Identity Services Engine (ISE) products. The vendor disclosed 25 vulnerabilities, including one critical vulnerability… Continue Reading

What is a Phishing Kit?
April 6, 2023

What is a Phishing Kit?

A phishing kit is a set of software tools, such as HTML, pictures, and code that fraudsters can use to construct and launch phishing attacks. Phishing kits allow anyone with little or no phishing experience to… Continue Reading

LearnWorlds Users at Risk: Numerous Vulnerabilities Uncovered
April 6, 2023

LearnWorlds Users at Risk: Numerous Vulnerabilities Uncovered

As a cyber threat intelligence company, SOCRadar's mission is to use every possible piece of information to identify and prevent cyber threats targeting our customers. SOCRadar performs several scanning/security checks by detecting the attack surface… Continue Reading

New Rorschach Ransomware: The Fastest Encryptor
April 5, 2023

New Rorschach Ransomware: The Fastest Encryptor

Researchers have discovered a new ransomware strain called Rorschach. This sophisticated and fast form of malware was used to target a company based in the United States. Rorschach is also among the fastest ransomware ever seen in terms of encryption speed due… Continue Reading

How Can SOCRadar Help Fraud Teams
April 4, 2023

How SOCRadar Can Help Fraud Teams?

Fraud refers to transactions made using card information without the knowledge of cardholders in the card payment sector in cybersecurity or purchases made by using fake or stolen credit cards. Today, with the advantages of the rapid digitalization… Continue Reading

Hackers Exploit WinRAR SFX Archives to Install Backdoors Undetected
April 4, 2023

Hackers Exploit WinRAR SFX Archives to Install Backdoors Undetected

Threat actors exploit WinRAR self-extracting (SFX) archives containing decoy files by adding malicious functionality to install backdoors in target systems without detection.  SFX archives involve a decompressor stub allowing users to decompress and view the contents without… Continue Reading

Attackers Actively Exploit Vulnerabilities in Unpatched Products: Zimbra, IBM Aspera Faspex, Cacti, Realtek
April 3, 2023

Attackers Actively Exploit Vulnerabilities in Unpatched Products: Zimbra, IBM Aspera Faspex, Cacti, Realtek

Threat actors are actively exploiting security vulnerabilities in Zimbra, IBM Aspera Faspex, Cacti, and Realtek products. Respective vendors have previously fixed the vulnerabilities used in attacks and have varying CVSS scores between 6.1 and 9.8. Winter Vivern… Continue Reading

Step by Step Threat Hunting
April 3, 2023

How SOCRadar Can Help You with Threat Hunting?

This article briefly explains threat hunting and SOCRadar’s ability to use the feature. If you are still reading this, we invite you to try SOCRadar XTI Free Edition, which has the full capabilities of the… Continue Reading

April 3, 2023

Notorious Ransomware Gangs on Attack Spree

Powered by DarkMirror™ In the dark web summary of the previous week, we talked about the victims that the Clop ransomware group has repeatedly revealed. Probably they also inspired other threat actors because we saw… Continue Reading

Misconfigured Azure Active Directory (AAD) Could Lead to Unauthorized Access and Bing Takeover
March 31, 2023

Misconfigured Azure Active Directory (AAD) Could Lead to Unauthorized Access and Bing Takeover

Recently, cybersecurity company Wiz discovered a misconfiguration issue in Azure Active Directory (AAD) that resulted in unauthorized access to several applications, which could have also led to a Bing.com takeover. Azure Active Directory (AAD) is a cloud-based… Continue Reading

AlienFox Toolkit Targets Cloud Web Hosting Frameworks to Steal Credentials
March 31, 2023

AlienFox Toolkit Targets Cloud Web Hosting Frameworks to Steal Credentials

Cybercriminals are using a new toolkit called AlienFox to steal login credentials and sensitive data from cloud-based email services by scanning for misconfigured servers. The toolkit is available for purchase through a private Telegram channel.… Continue Reading

Customer Story: Social Media Takedown in the Gulf Region
March 31, 2023

Customer Story: Social Media Takedown in the Gulf Region

The birth and growth of social media were one of the events shaping the last decades. It started with a straightforward idea (connecting with your school buddies), but social media affected people's lives and nations`… Continue Reading

APT Profile: APT-C-35 / DoNot Team
March 30, 2023

APT Profile: APT-C-35 / DoNot Team

Advanced Persistent Threat groups are known for their sophisticated attacks and ability to stealthily stay in a system for a long time. These groups are commonly nation-state-sponsored, and they carry out various espionage or sabotage attacks for the… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo