Latest articles from SOCRadar
A new malware has appeared on the frontlines, targeting online Redis servers. The malware, named HeadCrab by researchers, has been active since September 2021. The malware's primary goal is to create a botnet for Monero… Continue Reading
Threat actors stepped up their efforts to exploit a remote code execution vulnerability in the Realtek Jungle SDK between August and October 2022, according to researchers. A report from Palo Alto Networks noted that the attacks targeting… Continue Reading
Yandex, a Russian technology company and popular search engine, has had its source code repositories leaked on a hacker forum. According to Yandex, the repositories were stolen by a former employee. The hacker shared a magnet link with 44.7GB of data… Continue Reading
UPDATE (February 1, 2023): Proof-of-concept (PoC) code for a VMware vRealize Log Insight vulnerability chain has been made available by researchers. VMware patched several vulnerabilities found in its vRealize Log Insight appliance. The vulnerabilities are identified as… Continue Reading
Researchers discovered an RCE vulnerability in Microsoft Teams during Pwn2Own 2022. The application is used by a wide range of people, including professionals, and an exploit could cause significant harm to its users. Remote code execution (RCE)… Continue Reading
Researchers have discovered a sophisticated new BoldMove malware created specifically to operate on Fortinet's FortiGate firewalls after collecting data related to a recently disclosed zero-day vulnerability in the company's FortiOS SSL-VPN technology. A threat actor created the malware with a base… Continue Reading
PayPal has disclosed that it was hit by a credential stuffing attack last month. The online payment platform notifies all users whose data has been compromised due to the attack. Hackers carry out credential stuffing attacks using… Continue Reading
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns about multiple security vulnerabilities in GE Digital, Siemens, Contec, and Mitsubishi Electric products. The agency issued four ICS (Industry Control Systems) advisories for the vulnerabilities on January 17, 2023. The advisories mention… Continue Reading
Since its public release in November 2022, GitHub Codespaces has been a popular environment among developers; however, researchers believe threat actors could also use it to launch attacks. According to researchers, Codespaces has a feature that can be… Continue Reading
CVE-2022-47966, a critical vulnerability in a number of Zoho’s products, allows remote code execution without authentication. The use of a vulnerable third-party dependency called Apache Santuario is the root cause that enables the exploitation of the remote… Continue Reading
Software provider CircleCI confirmed that a data breach in December resulted in the theft of some of its customers' sensitive information. The breach occurred after an employee's computer was infected with data-stealing malware, which allowed access to the… Continue Reading
Update (16.01.2023): According to data gathered by researchers, the CVE-2022-46169 vulnerability in Cacti saw an increase in exploitation attempts, and the overall number is now less than two dozen. 6,427 Cacti hosts were found to… Continue Reading
Cacti patched a critical security flaw to prevent arbitrary code execution on Cacti-running servers. Cacti is an open-source, web-based network monitoring and graphing tool that offers users a framework for fault management and operational monitoring. What is… Continue Reading
Ransomware gangs are known to release stolen data in retaliation if the ransom is not paid after successful encryption. This worsens the victim's situation and exposes sensitive information to anyone on the internet. Recent ransomware data leaks… Continue Reading
On a well-known hacker forum, a data leak containing the email addresses of 235 million Twitter users was made public. Data from 5.4 million Twitter users collected from numerous threat actors and combined with information from other breaches were… Continue Reading
Taiwanese NAS device manufacturer Synology has released a security update to address a critical vulnerability with a CVSS score of 10. The vulnerability, tracked as CVE-2022-43931, affects Synology router products that can be set up as VPN servers to… Continue Reading
In late November, security researchers found a critical vulnerability in Yith's WooCommerce Gift Cards plugin. Attackers can gain remote code execution through the vulnerability, identified as CVE-2022-45359 (CVSS score: 9.8), and ultimately take over WordPress websites. The Yith… Continue Reading
The Kyverno admission controller for container images has been found to have a high-severity security vulnerability. The vulnerability could let attackers introduce malicious code into cloud production environments. Users can define and enforce policies for their cluster and… Continue Reading
Five new vulnerabilities, one of which has a severity rating of 10 according to the Common Vulnerability Scoring System (CVSS), have been announced by the Zero Day Initiative (ZDI). What is the ZDI-22-1690 Vulnerability? The… Continue Reading
On December 23, 2022, a threat actor shared a post on a dark web forum monitored by SOCRadar, claiming to possess 400 million Twitter user data. While sharing some samples, the adversary states that Elon… Continue Reading