Blog

Latest articles from SOCRadar

SIM Swappers Collaborate with Ransomware Gangs
October 27, 2023

SIM Swappers Collaborate with Ransomware Gangs

In today's digital world, the landscape of cyber threats is changing rapidly. One of the latest developments in this arena is the alliance between SIM swappers — individuals known for manipulating telecommunications to hijack phone… Continue Reading

High-Severity VMware Tools and vCenter Server Vulnerabilities Addressed with Recent Patches (CVE-2023-34057, CVE-2023-34058, CVE-2023-34048) 
October 27, 2023

High-Severity VMware Tools and vCenter Server Vulnerabilities Addressed with Recent Patches (CVE-2023-34057, CVE-2023-34058, CVE-2023-34048) 

[Update] October 31, 2023: CISA has issued an alert regarding the VMware Tools vulnerabilities (CVE-2023-34057 and CVE-2023-34058), urging organizations to promptly apply patches. VMware has addressed two critical vulnerabilities in VMware Tools, CVE-2023-34057 and CVE-2023-34058,… Continue Reading

Critical Vulnerability in F5 BIG-IP Configuration Utility Allows Request Smuggling, Leads to RCE: CVE-2023-46747
October 27, 2023

Critical Vulnerability in F5 BIG-IP Configuration Utility Allows Request Smuggling, Leads to RCE: CVE-2023-46747

[Update] November 1, 2023: See the subheading: “F5 Reports Active Exploitation of CVE-2023-46747 in BIG-IP in Combination with CVE-2023-46748.” A recent discovery within F5 BIG-IP products reveals a critical vulnerability, identified as CVE-2023-46747, which permits… Continue Reading

October 26, 2023

KillNet Announces Launch of A New DDoS Service

During the cyberwarfare caused by the Israel-Palestine conflict and Russia's invasion of Ukraine in cybersecurity, it's paramount to stay updated on the latest threats to be alerted. Recently, KillNet, a Russian-speaking group that took a pro-Palestinian… Continue Reading

A malicious code found: New Magecart Campaign That’s Abusing 404 Pages
October 26, 2023

A malicious code found: New Magecart Campaign That’s Abusing 404 Pages

Magecart is a term used to describe a type of cyberattack that targets online retailers by injecting malicious code into their websites and stealing customers’ payment information and other personal data. Magecart attacks can have… Continue Reading

Dark Peep #3: Gone Phishing, We’ll Be Back!
October 25, 2023

Dark Peep #3: Gone Phishing, We’ll Be Back!

It is clear that the world of the dark web will never be still, but the shape and size of the waves can change, and sometimes, there are still areas in this vast sea of… Continue Reading

On Threat Actors' Radar: PoC Exploits for VMware Aria Operations Vulnerability (CVE-2023-34051), and More
October 25, 2023

On Threat Actors’ Radar: PoC Exploits for VMware Aria Operations Vulnerability (CVE-2023-34051), and More

Newly discovered vulnerabilities are a constant source of concern for the cybersecurity community, particularly when threat actors set their sights on them. In this ever-evolving landscape, threat actors remain vigilant, and they have honed in… Continue Reading

Security Breach in Okta Support System Continues Sparking Concerns: Cloudflare and 1Password Share Disclosures
October 24, 2023

Security Breach in Okta Support System Continues Sparking Concerns: Cloudflare and 1Password Share Disclosures

[Update] November 29, 2023: A recent audit uncovered a broader data theft scope in the October breach. Read more under the subheading: “Okta Security Breach Revealed to Impact All Support System Users: Warning for Administrators.”… Continue Reading

Dark Web Sales: Estée Lauder, Vivo Databases, and 2 Billion Lines of Stealer Logs
October 23, 2023

Dark Web Sales: Estée Lauder, Vivo Databases, and 2 Billion Lines of Stealer Logs

In the ever-evolving world of cyber threats, the SOCRadar Dark Web Team has unveiled a disconcerting series of illicit activities that threaten the digital realm. These incidents span across the globe and encompass well-known companies,… Continue Reading

Cyber Awakeness Month: Takedown of Trigona, Hive Ransomware Resurges, RansomedForum and New RaaS ‘qBit’
October 23, 2023

Cyber Awakeness Month: Takedown of Trigona, Hive Ransomware Resurges, RansomedForum and New RaaS ‘qBit’

From the takedown of Trigona to the resurgence of Hive Ransomware, and the emergence of a new hackers' hub, significant events have recently transpired in the ransomware ecosystem. In the ongoing cyber battle, it is… Continue Reading

SolarWinds Releases Crucial Fixes for ARM Security Vulnerabilities (CVE-2023-35182, CVE-2023-35185, and CVE-2023-35187)
October 20, 2023

SolarWinds Releases Crucial Fixes for ARM Security Vulnerabilities (CVE-2023-35182, CVE-2023-35185, and CVE-2023-35187)

In the ever-evolving landscape of cybersecurity, staying ahead of threats is paramount for security professionals. Recently, SolarWinds Access Rights Manager (ARM), a comprehensive access management solution, has been the focus due to multiple discovered vulnerabilities.… Continue Reading

Taking the Power of ChatGPT Behind You for Enhanced Cybersecurity: A Guide for CISOs
October 20, 2023

Taking the Power of ChatGPT Behind You for Enhanced Cybersecurity: A Guide for CISOs

In today's rapidly evolving digital landscape, Chief Information Security Officers (CISOs) face an uphill battle to safeguard their organizations from an ever-increasing array of cyber threats. The rise of Artificial Intelligence (AI) has not only… Continue Reading

New Cybersecurity Rules of SEC: What Businesses Need to Know
October 19, 2023

New Cybersecurity Rules of SEC: What Businesses Need to Know

The U.S. Securities and Exchange Commission (SEC), a regulatory body responsible for overseeing securities markets and protecting investors, has recently introduced new rules regarding the disclosure of cybersecurity incidents. As cybersecurity professionals, it is vital… Continue Reading

Zero-Day Vulnerabilities in Citrix NetScaler and WinRAR Are Under Active Exploitation (CVE-2023-4966, CVE-2023-38831)
October 19, 2023

Zero-Day Vulnerabilities in Citrix NetScaler and WinRAR Are Under Active Exploitation (CVE-2023-4966, CVE-2023-38831)

Serious vulnerabilities in Citrix NetScaler and WinRAR are currently being exploited by threat actors targeting various entities, including government organizations.  [Update] November 22, 2023: Read under the title: "Joint Cybersecurity Advisory on CISA: LockBit 3.0… Continue Reading

GhostLocker: A New Generation of Ransomware as a Service (RaaS)
October 18, 2023

GhostLocker: A New Generation of Ransomware as a Service (RaaS)

In recent times, we have witnessed a sharp uptick in ransomware attacks, a disconcerting trend that has alarmed both cybersecurity experts and organizations alike. This surge can be attributed to the growing frequency of attacks… Continue Reading

Threat Actor Profile: SiegedSec
October 18, 2023

Threat Actor Profile: SiegedSec

In the ever-changing digital landscape, new cyber adversaries continuously emerge. One of the latest entrants in this arena is SiegedSec, an emergent cyber threat group that gained momentum during Russia's invasion of Ukraine. Positioning themselves… Continue Reading

Essential CTI Capabilities for Effective SOC Operations
October 17, 2023

Essential CTI Capabilities for Effective SOC Operations

In the dynamically evolving threat landscape of the digital age, organizations must thwart sophisticated cyber threats that jeopardize their operations, sensitive personal and commercial data, and reputations. To shield organizations from such threats, Security Operations… Continue Reading

Dark Peep #2: War and a Piece of Hilarity
October 17, 2023

Dark Peep #2: War and a Piece of Hilarity

The Dark Web is not standing still, with the Israel-Palestine Conflict, the cyber world has become even more active, and we can say that interesting behaviors that attract our attention are on the rise. As… Continue Reading

Cisco Warns of Exploitation of a Maximum Severity Zero-Day Vulnerability in IOS XE: CVE-2023-20198
October 17, 2023

Cisco Warns of Exploitation of a Maximum Severity Zero-Day Vulnerability in IOS XE: CVE-2023-20198

[Update] October 24, 2023: “CISA Adds New IOS XE Vulnerability CVE-2023-20273 to Its Known Exploited Vulnerabilities Catalog.” [Update] October 23, 2023: Cisco has released a patch for vulnerabilities affecting IOS XE devices. Additional information has… Continue Reading

0-Day Sale, Swiss and US Data Leaks, Indian and Saudi Arabian Services’ Access Sales
October 17, 2023

0-Day Sale, Swiss and US Data Leaks, Indian and Saudi Arabian Services’ Access Sales

In the unceasing vigilance of the digital realm, the SOCRadar Dark Web Team has uncovered yet another series of alarming incidents this week. From a new 0-day exploit threatening major corporations to data leaks affecting… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo