Unauthorized Fortinet VPN Access, Chrome Extension Loader, New macOS S...
Unauthorized Fortinet VPN Access, Chrome Extension Loader, New macOS Stealer, and More Explore the latest revelations from the SOCRadar Dark Web Team; our latest discoveries involve unauthorized VPN s...
Major Cyber Attacks in Review: January 2024
Major Cyber Attacks in Review: January 2024 As January 2024 dawned, the digital atmosphere braced itself for another year’s cybersecurity challenges. Throughout the month, organizations experien...
Dark Web Profile: Sandman APT
Dark Web Profile: Sandman APT The Sandman APT group has garnered massive attention in 2023 for its targeted attacks against telecommunications providers in regions including Europe and Asia. As reveal...
Dark Bounty – From Out of Scope to Out of Interest
Dark Bounty – From Out of Scope to Out of Interest The digital realm thrives on the continuous push and pull between cybersecurity experts and malicious actors. Within this dynamic ecosystem, bug boun...
RCEs in FortiOS SSL VPN, ‘shim’; Latest Ivanti Flaw Possibly Exploited...
RCEs in FortiOS SSL VPN, ‘shim’; Latest Ivanti Flaw Possibly Exploited (CVE-2024-21762, CVE-2023-40547, CVE-2024-22024) [Update] March 20, 2024: “Technical Documentation and Detailed Exploit Code on C...
Retrospective – SOCRadar in 2023
Retrospective – SOCRadar in 2023 2023 has been a year we left behind with bitter and sweet memories. Although it will leave its mark on the long journey of humanity as a year marked by natural disaste...
Cybersecurity Challenges in Indonesia’s 2024 Elections
Cybersecurity Challenges in Indonesia’s 2024 Elections ...
How to Combat Fraud with Threat Intelligence: Cutting-Edge Pathway
How to Combat Fraud with Threat Intelligence: Cutting-Edge Pathway Organizations have increasingly moved significant portions of their operations online to streamline customer service processes. Inste...
Cisco Fixed Critical CSRF Flaws in Expressway Gateways (CVE-2024-20252...
Cisco Fixed Critical CSRF Flaws in Expressway Gateways (CVE-2024-20252 and CVE-2024-20254) Cisco patched multiple security vulnerabilities, including critical ones, affecting its Expressway Series gat...
Dark Peep #10: The Cold of Russia 2.0
Dark Peep #10: The Cold of Russia 2.0 Gear up, digital explorers! You’re about to dive into the latest edition of “Dark Peep #10” where we decode the mysteries of the cyber universe with a sprinkle of...
Critical JetBrains TeamCity Authentication Bypass (CVE-2024-23917); CI...
Critical JetBrains TeamCity Authentication Bypass (CVE-2024-23917); CISA Adds Chrome Type Confusion to KEV (CVE-2023-4762) JetBrains recently discovered a critical authentication bypass vulnerability ...
2024 Elections: Cybersecurity Challenges in Spain and Beyond
2024 Elections: Cybersecurity Challenges in Spain and Beyond As Spain prepares for its crucial 2024 European Parliament and local/municipal elections, the landscape of cybersecurity threats – from sop...
Latest Vulnerabilities in FortiSIEM, Oracle WebLogic, Apache Tomcat: C...
Latest Vulnerabilities in FortiSIEM, Oracle WebLogic, Apache Tomcat: CVE-2024-23108, CVE-2024-23109, CVE-2024-20931, CVE-2024-21733 The ever-evolving landscape of cybersecurity presents new challenges...
Barracuda Disclosed Critical Vulnerabilities in WAF, Affecting File Up...
Barracuda Disclosed Critical Vulnerabilities in WAF, Affecting File Upload and JSON Protection Barracuda recently issued a security advisory confirming the presence of 7 security vulnerabilities, rang...
Impact of CL0P Ransomware on the Cyber Threat Landscape in 2023: An An...
Impact of CL0P Ransomware on the Cyber Threat Landscape in 2023: An Analysis of Cyber Tactics and Threat Evolution Over the Year In the intricate web of cybersecurity threats, the CL0P ransomware grou...
Using Threat Intelligence to Monitor Industry-Specific Threats
Using Threat Intelligence to Monitor Industry-Specific Threats Threat intelligence (TI) is essential to today’s cybersecurity practice because it enables organizations to gain insight into the motivat...
Sales of American and Brazilian Companies’ RDP Access, UK and India Go...
Sales of American and Brazilian Companies’ RDP Access, UK and India Government Site Databases In the past week, SOCRadar’s Dark Web Team uncovered concerning findings from hacker forums. Threat actors...
Dark Web Profile: CyberNiggers
Dark Web Profile: CyberNiggers The cybersecurity landscape is in a state of flux, marked by flow of illicit activities within hacker forums. Not so recent events surrounding the shutdown and subsequen...
AnyDesk Production Server Breach and Dark Web Sale of 18,000 Accounts
AnyDesk Production Server Breach and Dark Web Sale of 18,000 Accounts AnyDesk, a prominent remote desktop software provider, reported a security breach affecting its production systems on February 2, ...
Latest Critical Vulnerabilities in Juniper Secure Analytics and Mastod...
Latest Critical Vulnerabilities in Juniper Secure Analytics and Mastodon: CVE-2023-37920, CVE-2021-4048, CVE-2024-23832 The latest serious issues demanding attention include severe vulnerabilities fou...