Latest articles from SOCRadar
The Apache Foundation announced on March 7, 2023, that they had addressed CVE-2023-25690 in Apache HTTP Server 2.4.56. The fix, implemented on March 5, prevents control characters from being included in a proxied request. This vulnerability had a CVSS score… Continue Reading
Luxottica, the world's largest eyewear company, has revealed that it was the victim of a major cyber attack. The attack exposed the personal information of over 70 million customers on hacking forums. The major brands Luxottica owns include… Continue Reading
Researchers have been tracking a financially motivated threat group known as GUI-vil (aka p0-LUCR-1), based in Indonesia, which engages in unauthorized cryptocurrency mining. Researchers first observed this threat actor in November 2021, and recently in… Continue Reading
Malicious actors frequently resort to alternative techniques to gain initial access, such as employing diverse file formats and payloads. It is important to highlight that they still actively use VBA macros embedded within Office documents… Continue Reading
The G7 Cybersecurity Summit 2023 is just around the corner and is being held in Hiroshima, Japan, which is a city that was devastated by an atomic bomb attack in 1945, now serves as a… Continue Reading
A vulnerability in the open-source password manager tool KeePass could allow retrieval of the master password. The vulnerability tracked as CVE-2023-32784 has a proof-of-concept (PoC) exploit available before its patch. The KeePass 2.X branch for… Continue Reading
The attacks targeting European foreign affairs entities since January 2023 have been attributed to a Chinese cyber espionage group, Mustang Panda. The attackers use a TP-Link firmware implant that contains a backdoor malware called "Horse Shell."… Continue Reading
Data breaches have become increasingly common, with recent incidents impacting companies like Capita, Toyota and Discord, exposing the sensitive information of customers. Such breaches can have severe financial and reputational consequences, making it essential for… Continue Reading
A popular WordPress plugin called Essential Addons for Elementor has a security vulnerability, tracked as CVE-2023-32243, which could allow hackers to gain administrator privileges on affected websites. The plugin, which has over one million active… Continue Reading
Scamming campaigns frequently involve threat actors impersonating businesses or significant individuals. However, a recent trend of Facebook ad scams has been especially threatening, with scammers potentially infecting a large number of people with malware. Several… Continue Reading
Data from the US government shows that there has been a significant increase in healthcare security breaches. At least 125 data breaches of healthcare organizations have been reported since the beginning of April, according to a list… Continue Reading
Microsoft has released the May 2023 Patch Tuesday update and it addresses 40 security vulnerabilities. The patch addresses six critical vulnerabilities and three zero-day vulnerabilities, two of which are actively exploited. The following is a… Continue Reading
In today's digital age, cyber threats are becoming increasingly common, and one of the most prevalent types of attacks is phishing. Phishing involves tricking people into giving away their personal or confidential information by posing… Continue Reading
MSI, a leading Taiwanese PC manufacturer, suffered a ransomware attack last month. The threat actors behind the attack, the Money Message gang, published the company's private code signing keys on a dark website last week for double extortion. In… Continue Reading
Researchers discovered a new ransomware group called Cactus, operating since at least March 2023. Cactus steals data and encrypts files like other ransomware operations but uses a different method to avoid detection. Cactus, according to researchers,… Continue Reading
The RSA Conference 2023 is set to be one of the biggest and most exciting cybersecurity events of the year. With over 500 sessions scheduled, attendees will have plenty of opportunities to learn from some of the brightest minds… Continue Reading
The recent cyber attacks on Bluefield University and University Urology highlight the increasing risk of cybercrime targeting organizations in the education and healthcare industries. As organizations become more reliant on technology for storing and processing data, they must remain vigilant and… Continue Reading
Sandworm (UAC-0165), a Russian hacking group, has been linked to an attack on Ukrainian state networks that involved wiping data from government devices using WinRAR, according to an advisory from the Ukrainian Government Computer Emergency Response Team… Continue Reading
[May 4, 2023] Update: Brightline, a mental health provider, was among the organizations targeted by the Clop ransomware group in March. Read the subheading "Data Breach of Brightline Impacts Over 780K Patients." The Department of Health… Continue Reading
Cybersecurity researchers have discovered a new malware, called 'LOBSHOT,' distributed through Google ads. This malware allows cybercriminals to take over infected Windows devices by using hVNC. The hVNC is a type of VNC remote access… Continue Reading