Feb 25, 2025
Categories
Top Articles
Sep 29, 2023
The Torrent Landscape: Understanding Security, Risks, and the Future
The Torrent Landscape: Understanding Security, Risks, and the Future In today’s digital age, the term “torrenting” often evokes images of pirated movies, music, or TV shows. However,...
Learn More
Sep 29, 2023
‘Nightmangle’ Telegram C2 Agent and New FUD Crypter with Windows Defen...
‘Nightmangle’ Telegram C2 Agent and New FUD Crypter with Windows Defender Bypass [Update] October 5, 2023: See the subheading: “SPCRYPTER’s Latest Update: No More Trials.” Hackers favor Te...
Learn More
Sep 29, 2023
WS_FTP Server Critical Vulnerabilities: What You Need to Know (CVE-202...
WS_FTP Server Critical Vulnerabilities: What You Need to Know (CVE-2023-40044, CVE-2023-42657) In the ever-changing landscape of cybersecurity, staying updated with current vulnerabilities is crucial....
Learn More
Sep 28, 2023
New Campaign Distributes Malicious npm and PyPI Packages to Pilfer Kub...
New Campaign Distributes Malicious npm and PyPI Packages to Pilfer Kubernetes Config, SSH Keys Researchers have discovered a concerning surge in deceptive npm and PyPI packages distributed as part of ...
Learn More
Sep 27, 2023
Critical Zero-Day Vulnerability in ‘libwebp’: CVE-2023-4863 Reassigned...
Critical Zero-Day Vulnerability in ‘libwebp’: CVE-2023-4863 Reassigned as CVE-2023-5129 [Update] October 18, 2023: See the subheading: “Fantom Foundation Breached: $550K Crypto Theft Linked to CVE-202...
Learn More
Sep 27, 2023
Microsoft SharePoint Server Elevation of Privilege Vulnerability Explo...
Microsoft SharePoint Server Elevation of Privilege Vulnerability Exploit (CVE-2023-29357) [Update] January 11, 2024: “SharePoint Vulnerability Has Been Added to the KEV Catalog by CISA” [Update] Sept...
Learn More
Sep 26, 2023
NIST Cybersecurity Framework 2.0: What You Need to Know
NIST Cybersecurity Framework 2.0: What You Need to Know In a previous SOCRadar blog post, we delved into the importance of cybersecurity frameworks for today’s organizations. In this installment, we p...
Learn More
Sep 26, 2023
What You Need to Know About the Alleged Sony Breach
What You Need to Know About the Alleged Sony Breach The RansomedVC group has announced that it successfully breached Sony, the renowned Japanese multinational electronics giant. The group claims to ha...
Learn More
Sep 26, 2023
New Botnet Sale and Recruitment Post, US and Canada RDP Access Sale, D...
New Botnet Sale and Recruitment Post, US and Canada RDP Access Sale, Dymocks Database In this week’s dark web update, the SOCRadar Dark Web Team has revealed a series of troubling developments; ...
Learn More
Sep 25, 2023
TeamCity Authentication Bypass Flaw: CVE-2023-42793
TeamCity Authentication Bypass Flaw: CVE-2023-42793 [Update] December 14, 2023: See the subheading: “CISA Alerts on APT29 Exploiting TeamCity Vulnerability, CVE-2023-42793.” [Update] October 6, 2023:...
Learn More
Sep 25, 2023
Over 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigura...
Over 400K Buckets and 10.4B Files Are Public Due to Cloud Misconfigurations In today’s cloud-centric era, the migration of digital assets to cloud storage has become widespread, driven by the de...
Learn More
Sep 22, 2023
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medic...
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records In a regular threat and vulnerability hunting activity, SOCRadar has discovered during their research that thousands of...
Learn More
Sep 21, 2023
Joint Advisory by CISA and FBI: Snatch Ransomware
Joint Advisory by CISA and FBI: Snatch Ransomware The FBI and CISA have recently issued a joint cybersecurity advisory (CSA) concerning the Snatch ransomware variant. The advisory provides comprehensi...
Learn More
Sep 20, 2023
Dark Web Profile: NoEscape Ransomware
Dark Web Profile: NoEscape Ransomware Avaddon, a notorious Ransomware-as-a-Service (RaaS) that emerged in early 2019 was known for its double-extortion tactics. It not only encrypted victims’ files bu...
Learn More
Sep 20, 2023
Dark Web Profile: USDoD
Dark Web Profile: USDoD [Update] October 17, 2024: See the subheading: “Brazilian Arrest Tied to USDoD” [Update] August 26, 2024: See the subheading: “Is USDoD’s Identity Revealed?” [Update] April 22,...
Learn More
Sep 20, 2023
Mastodon Vulnerabilities and Critical Zero-Day in TrendMicro’s Apex On...
Mastodon Vulnerabilities and Critical Zero-Day in TrendMicro’s Apex One, Fixed: CVE-2023-41179, CVE-2023-42451, CVE-2023-42452 Mastodon recently addressed two vulnerabilities, namely CVE-2023-42451 an...
Learn More
Sep 20, 2023
GitLab's Critical Security Update: What You Need to Know (CVE-2023-500...
GitLab’s Critical Security Update: What You Need to Know (CVE-2023-5009) GitLab is a widely-used DevOps platform that allows for code hosting, continuous integration, and other collaborative fea...
Learn More
Sep 19, 2023
Your Data Is Not Safe: 8Base Deanonymized
Your Data Is Not Safe: 8Base Deanonymized In the ever-evolving world of cybercrime, the 8Base ransomware group has recently come under the spotlight. Known for its victim-shaming website, th...
Learn More
Sep 19, 2023
Microsoft AI Repository Exposes 38TB of Data: A Tale in AI and Cloud S...
Microsoft AI Repository Exposes 38TB of Data: A Tale in AI and Cloud Security Wiz Research recently unveiled a startling incident involving Microsoft’s AI research team: an accidental exposure o...
Learn More
Sep 19, 2023
Remote Administration Tool Sale, Ledger Database Leak, and Dark Strom ...
Remote Administration Tool Sale, Ledger Database Leak, and Dark Strom DDoS Attack In this week’s dark web roundup, we bring you a series of concerning developments that the SOCRadar Dark Web Tea...
Learn More
