FARGO Ransomware Targets Vulnerable Microsoft SQL Servers
FARGO Ransomware Targets Vulnerable Microsoft SQL Servers Microsoft SQL database servers are the target of a new ransomware attack campaign called FARGO ransomware. FARGO, also known as TargetCom...
Sophos Firewall Patch Released for Actively Exploited Zero-Day RCE Vul...
Sophos Firewall Patch Released for Actively Exploited Zero-Day RCE Vulnerability Sophos released a patch for a flaw discovered in their firewall product. Tracked as CVE-2022-3236 (CVSS score...
A New Attack Wave Targeting Critical Magento Vulnerability
A New Attack Wave Targeting Critical Magento Vulnerability E-commerce platform Magento has become a frequent target for hackers. More attempts have been made to exploit CVE-2022-24086&n...
CISA Urges to Patch ManageEngine Against RCE Vulnerability
CISA Urges to Patch ManageEngine Against RCE Vulnerability CISA has added a new critical vulnerability to its Known Exploited Vulnerabilities Catalog. The flaw exists in several ManageEngine prod...
Python Flaw Unfixed for 15 Years: 350,000 Projects Deemed Vulnerable
Python Flaw Unfixed for 15 Years: 350,000 Projects Deemed Vulnerable A flaw in the Python tarfile module has gone unfixed for 15 years. 350,000 open-source projects are considered vulnerable. The fla...
Threat Actors Exploit Atlassian Confluence RCE Flaw to Install Crypto ...
Threat Actors Exploit Atlassian Confluence RCE Flaw to Install Crypto Miners Unpatched Atlassian Confluence Server instances are vulnerable to a critical RCE flaw. The flaw, tracked as CVE-2...
$162M Stolen from Digital Asset Trader Wintermute
$162M Stolen from Digital Asset Trader Wintermute Evgeny Gaevoy, the CEO of Wintermute, said earlier today that the company had been hacked and had lost $162.2 million in DeFi operations. The Profani...
Cobalt Strike Rolls Out an Update for XSS Vulnerability
Cobalt Strike Rolls Out an Update for XSS Vulnerability Cobalt Strike 4.7.1 out-of-band update fixed an issue in version 4.7 that the affected users reported. There was no workaround for the problem. ...
Highlights from SOCRadar Cyberwatch September Webinar
Highlights from SOCRadar Cyberwatch September Webinar The first of SOCRadar’s Cyberwatch webinar series took place yesterday. Cyberwatch September, which covers significant cyber incidents, emer...
Microsoft and VMware Warn of Ongoing Chromeloader Malware Campaign
Microsoft and VMware Warn of Ongoing Chromeloader Malware Campaign Microsoft and VMware cautioned users about a widely spread Chromeloader malware campaign. The malware is said to have evolv...
Diplomatic Crisis: Cyber Attack from Iran to Albania
Diplomatic Crisis: Cyber Attack from Iran to Albania On September 7, Edi Rama –the Prime Minister of Albania– released a video message on the website of the Government of Albania. Accordin...
Why are Threat Actors Targeting Indonesia?
Why are Threat Actors Targeting Indonesia? On September 3, Indonesia hiked fuel prices by 30%, stating that petrol and diesel prices are still low by world standards, but subsidies are unsustainable. ...
Trend Micro Warnes for Actively Exploited RCE Flaw in Apex One
Trend Micro Warnes for Actively Exploited RCE Flaw in Apex One Trend Micro recently released a patch for an actively exploited flaw in its endpoint security platform, Apex One. The security software p...
Hacker Breached Nearly Entire Uber IT System
Hacker Breached Nearly Entire Uber IT System Transportation provider giant Uber is currently investigating a cyberattack. Following a network intrusion, multiple instances used by the company have bee...
WordPress Sites Compromised Due to FishPig Supply Chain Attack
WordPress Sites Compromised Due to FishPig Supply Chain Attack Numerous attack scenarios were observed targeting WordPress recently. These attacks abused WordPress plugins and tools to exploit website...
Loader Malware Emotet is Now Led by Quantum and BlackCat
Loader Malware Emotet is Now Led by Quantum and BlackCat Emotet (also known as SpmTools) is a sophisticated, modular banking trojan. Emotetmostly serves as a downloader or dropper of other bankin...
September Patch Tuesday Fixes Actively Exploited Zero Day and RCE Flaw...
September Patch Tuesday Fixes Actively Exploited Zero Day and RCE Flaws Microsoft’s September Patch Tuesday update includes fixes for 63 vulnerabilities. There are five high-severity remote code...
Vote for SOCRadar at the Computing Security Awards 2022!
Vote for SOCRadar at the Computing Security Awards 2022! SOCRadar is proud to be among the finalists in the “Threat Intelligence Award” category this year at the Computing Security Awards ...
High-Severity Firmware Flaws in HP Devices Yet to Be Patched
High-Severity Firmware Flaws in HP Devices Yet to Be Patched Specific HP PC models’ BIOS has flaws that could allow arbitrary code execution, escalation of privilege, denial of service, and info...
Lampion Banking Malware Reappears in WeTransfer Phishing Attacks
Lampion Banking Malware Reappears in WeTransfer Phishing Attacks Lampion malware operators use the free file-sharing platform WeTransfer to perform phishing attacks. This way, attackers can avoid secu...