
An Inherent Weakness: Critical Infrastructures in Gulf Countries
An Inherent Weakness: Critical Infrastructures in Gulf Countries One of the most devastating cyberattacks on critical infrastructure was the Colonial Pipeline attack in the United States in May 2021. ...

Active Exploitation of Serious Vulnerabilities in PaperCut, Veeam, and...
Active Exploitation of Serious Vulnerabilities in PaperCut, Veeam, and TP-Link [Update] July 11, 2024: “EstateRansomware Exploits CVE-2023-27532 in Veeam Systems” [Update] April 18, 2024:...

Dark Web Profile: LockBit 3.0 Ransomware
Dark Web Profile: LockBit 3.0 Ransomware [Update] August 31, 2023: See the subheading: “LockBit’s Operational Struggles, Empty Threats, and Sudden Surge.” [Update] July 03, 2023: LockBit claimed to h...

Apache Superset Default Configuration Vulnerability Could Lead to RCE
Apache Superset Default Configuration Vulnerability Could Lead to RCE [Update] January 9, 2024: “CISA Added Apache Superset Vulnerability (CVE-2023-27524) to the Known Exploited Vulnerabilities (KEV)...

AI vs. AI: Future of the Cybersecurity Battles
AI vs. AI: Future of the Cybersecurity Battles Attacks and security solutions tailored with the help of artificial intelligence (AI) have become a trending subject in the security industry as AI bots ...

Severe SLP Vulnerability Could Lead to Large DDoS Amplification Attack...
Severe SLP Vulnerability Could Lead to Large DDoS Amplification Attacks A new high-severity vulnerability was discovered, affecting Service Location Protocol (SLP). The vulnerability could allow ...

PyPI Packages Found Distributing Payloads in WhiteSnake Malware Campai...
PyPI Packages Found Distributing Payloads in WhiteSnake Malware Campaign Security researchers recently uncovered a new malware payload in the PyPI repository for Python packages. The payload...

AWS S3 Bucket Takeover Vulnerability: Risks, Consequences, and Detecti...
AWS S3 Bucket Takeover Vulnerability: Risks, Consequences, and Detection As the amount of data companies possesses grow, their costs can be optimized more efficiently. Thanks to the emergence of stora...

New Victims of BlackCat and LockBit, Gentex Data Breach, and Education...
New Victims of BlackCat and LockBit, Gentex Data Breach, and Education Institution Access Sales Powered by DarkMirror™ Ransomware is on the headlines again in SOCRadar’s weekly dark web summary....

EvilExtractor Stealer Malware Attacks Peaked in March 2023
EvilExtractor Stealer Malware Attacks Peaked in March 2023 EvilExtractor (or Evil Extractor), a data theft tool, is trending in Europe and the United States due to an uptick in attacks. EvilExtra...

Customer Story: How SOCRadar Stopped a BEC Attack on Track?
Customer Story: How SOCRadar Stopped a BEC Attack on Track? “Hello Alice, ABC company is one of our new business partners. The invoice attached needs to be taken care of today. This is high prio...

APT28 Exploits Cisco Vulnerability to Deploy Malware in Espionage Camp...
APT28 Exploits Cisco Vulnerability to Deploy Malware in Espionage Campaign Russian nation-state actors are using a patched remote code execution vulnerability in Cisco network appliances to ...

The Rise of Malicious Packages in DevOps
The Rise of Malicious Packages in DevOps [Update] July 21, 2023: On July 18, 2023, GitHub identified a social engineering campaign that targets the personal accounts of employees of technology firms, ...

What Happens on the Shadowy Lands of Vulnerability Brokers
What Happens on the Shadowy Lands of Vulnerability Brokers In the ever-growing world ofcybersecurity, vulnerability brokers have gained enough voice to be recognized as essential actors in the space. ...

Zaraza Bot: New Malware Uses Telegram for Command & Control
Zaraza Bot: New Malware Uses Telegram for Command & Control The Zaraza bot is a new type of malware that steals login information and uses Telegram as its command and control. This malware target...

The Royal Ransomware's Latest Victim, Micro-Star International, KuCoin...
The Royal Ransomware’s Latest Victim, Micro-Star International, KuCoin, and Kuwaiti Citizens Data Sales Powered by DarkMirror™ This week, KillNet announced a series of high-impact Distributed De...

Microsoft Products as an Attack Vector
Microsoft Products as an Attack Vector Microsoft is one of the big five American information technology companies and one of the leading companies in the information technology sector. With a wide ran...

Lockbit 3.0: Another Upgrade to World’s Most Active Ransomware
Lockbit 3.0: Another Upgrade to World’s Most Active Ransomware Last Update: April 17, 2023 LockBit Ransomware gang, also known as Bitwise Spider, are the cybercriminal masterminds behind the popular L...

Change of Tactic in DDoS: Attackers Now Use VPS for Improved Botnet At...
Change of Tactic in DDoS: Attackers Now Use VPS for Improved Botnet Attacks Cloudflare, a prominent internet security company, recently published a report on hyper-volumetric DDoS attacks ch...

Recapping Cyberwatch: Insights and Key Takeaways from April's Webinar
Recapping Cyberwatch: Insights and Key Takeaways from April’s Webinar In today’s digital world, cyberattacks are becoming increasingly frequent and sophisticated, posing a significant thre...