Major Cyber Attacks in Review: March 2025
Apr 30, 2025
Categories
Top Articles
Google’s 2024 Zero-Day Report: Key Trends, Targets, and Exploits
Apr 30, 2025
Critical SAP NetWeaver Vulnerability (CVE-2025-31324) Allows Unauthorized Upload of Malicious Executables
Apr 26, 2025
Blue Shield’s Google Analytics Error Exposes 4.7 Million Health Records
Apr 24, 2025
GitLab Issues Security Patch in April 2025
Apr 24, 2025
Jan 12, 2024
CISA Issues ICS Advisories for Vulnerabilities Affecting Siemens, Schn...
CISA Issues ICS Advisories for Vulnerabilities Affecting Siemens, Schneider Electric, Rapid Software, Horner Automation CISA has released new advisories concerning security vulnerabilities in Industri...
Learn More
Jan 11, 2024
Attackers Exploit Ivanti Connect Secure Zero-Day Vulnerabilities to De...
Attackers Exploit Ivanti Connect Secure Zero-Day Vulnerabilities to Deploy Webshells (CVE-2023-46805, CVE-2024-21887) [Update] May 8, 2024: Read under “Mirai Botnet Propagates by Exploiting Ivanti Vul...
Learn More
Jan 11, 2024
High Severity Vulnerability in Cisco Unity Connection Could Enable Roo...
High Severity Vulnerability in Cisco Unity Connection Could Enable Root Privileges (CVE-2024-20272) Cisco has resolved a high-severity security vulnerability in Unity Connection that opens the door fo...
Learn More
Jan 10, 2024
CISA Warned of Critical Fortinet Vulnerability (CVE-2023-44250) and Is...
CISA Warned of Critical Fortinet Vulnerability (CVE-2023-44250) and Issued a New ICS Advisory In a recent alert, the Cybersecurity and Infrastructure Security Agency (CISA) has urged users and adminis...
Learn More
Jan 10, 2024
January 2024 – Microsoft Patch Tuesday & SAP Security Patch Day Highli...
January 2024 – Microsoft Patch Tuesday & SAP Security Patch Day Highlights Microsoft has released its January 2024 Patch Tuesday, addressing a total of 48 security vulnerabilities, with two classi...
Learn More
Jan 05, 2024
Your Data is Secure and Private with SOC 2 Type 2 Compliant SOCRadar
Your Data is Secure and Private with SOC 2 Type 2 Compliant SOCRadar We are pleased to share an important update regarding the security and privacy of your data with SOCRadar. Upholding the highest da...
Learn More
Jan 05, 2024
Ivanti Released a Patch in Endpoint Manager Solution (EPM) for a Criti...
Ivanti Released a Patch in Endpoint Manager Solution (EPM) for a Critical Vulnerability, CVE-2023-39336 Ivanti has addressed a critical vulnerability in its Endpoint Manager (EPM) solution, identified...
Learn More
Jan 05, 2024
CISA Issues ICS Advisories for Vulnerabilities Affecting Rockwell Auto...
CISA Issues ICS Advisories for Vulnerabilities Affecting Rockwell Automation, Mitsubishi Electric, and Unitronics CISA has issued three advisories on Industrial Control Systems (ICS), addressing the l...
Learn More
Jan 03, 2024
CISA Issues Alert for Juniper Secure Analytics Vulnerabilities (CVE-20...
CISA Issues Alert for Juniper Secure Analytics Vulnerabilities (CVE-2023-46604, CVE-2023-40787, CVE-2023-44487, and More) In a recent alert, the Cybersecurity and Infrastructure Security Agency (C...
Learn More
Dec 29, 2023
Misconfigurations in Google Kubernetes Engine (GKE) Lead to a Privileg...
Misconfigurations in Google Kubernetes Engine (GKE) Lead to a Privilege Escalation Exploit Chain A recent Unit 42 investigation revealed a dual privilege escalation chain impacting Google Kubernetes E...
Learn More
Dec 29, 2023
Operation Triangulation: ‘’Most Sophisticated Attack Chain Ever Seen"...
Operation Triangulation: ‘’Most Sophisticated Attack Chain Ever Seen” The cyber security landscape has recently been abuzz with discussions about Operation Triangulation, a sophisticated and mul...
Learn More
Dec 28, 2023
Excel's Blind Spot: The Strategic Deployment of Agent Tesla Malware by...
Excel’s Blind Spot: The Strategic Deployment of Agent Tesla Malware by Cyberattackers In the ever-evolving landscape of cyber threats, a notable trend has emerged: the exploitation of a longstan...
Learn More
Dec 28, 2023
Latest Zero-Day Vulnerabilities: UNC4841 Targets Barracuda ESG with CV...
Latest Zero-Day Vulnerabilities: UNC4841 Targets Barracuda ESG with CVE-2023-7102, Apache OFBiz Authentication Bypass (CVE-2023-51467) The UNC4841 group, linked to China, is targeting Barracuda Email ...
Learn More
Dec 27, 2023
Weekly Vulnerability Summary by CISA: Ivanti Avalanche, Apache Dubbo, ...
Weekly Vulnerability Summary by CISA: Ivanti Avalanche, Apache Dubbo, OpenSSH, and More The Cybersecurity and Infrastructure Security Agency (CISA) has released a new vulnerability summary for the lat...
Learn More
Dec 26, 2023
Challenge of Protecting PII, Hunters Become the Hunt: OpenAI Vulnerabi...
Challenge of Protecting PII, Hunters Become the Hunt: OpenAI Vulnerability, Blackmailing of Bounty Hunters A paradox emerges: those who protect us from cyber threats are themselves becoming the hunted...
Learn More
Dec 22, 2023
CISA Updates: Microsoft 365 Guidance, SCuBAGear Tool, Mozilla Alert, Q...
CISA Updates: Microsoft 365 Guidance, SCuBAGear Tool, Mozilla Alert, QNAP & FXC Vulnerabilities Enter KEV CISA has officially released the Microsoft 365 Secure Configuration Baselines, aiming to a...
Learn More
Dec 21, 2023
Massive Data Leak by BidenCash: 1.9M Credit Card Details Exposed on Ha...
Massive Data Leak by BidenCash: 1.9M Credit Card Details Exposed on Hacker Forum The SOCRadar Dark Web Team detected a significant data breach on a hacker forum, revealing the leak of 1.9 million cred...
Learn More
Dec 21, 2023
Over a Dozen Critical RCE Vulnerabilities in Ivanti Avalanche; Activel...
Over a Dozen Critical RCE Vulnerabilities in Ivanti Avalanche; Actively Exploited Chrome Zero-Day, CVE-2023-7024 Ivanti has issued security updates to address a total of 22 vulnerabilities identified...
Learn More
Dec 20, 2023
ALPHV Seized, Unseized, Decrypted; Pandora's Box May Be Reopened
ALPHV Seized, Unseized, Decrypted; Pandora’s Box May Be Reopened Emerging as a significant player in the ransomware landscape, ALPHV (BlackCat) has established itself through sophisticated ranso...
Learn More
Dec 19, 2023
Microsoft Alerts of RCE and DoS Vulnerabilities in Perforce Server: CV...
Microsoft Alerts of RCE and DoS Vulnerabilities in Perforce Server: CVE-2023-45849, CVE-2023-35767, CVE-2023-45319, CVE-2023-5759 During a security review of its game development studios, Microsoft fo...
Learn More
