Blog

Latest articles from SOCRadar

February 4, 2023

ESXiArgs Ransomware Attack Targets VMware Servers Worldwide

The vulnerability, tracked as CVE-2021-21974, is caused by a stack overflow issue in the OpenSLP service that unauthenticated threat actors in low-complexity attacks can exploit. According to available research, CERT-FR claims that this type of… Continue Reading

Lessons Learned from Education Industry Attacks in 2022
February 3, 2023

Lessons Learned from Education Industry Attacks in 2022

By SOCRadar Research The education industry covers a diverse range of organizations, including K-12 education, higher education, private and public education, science research institutes, and tutoring ranging from exam preparation to hobby courses. Furthermore, educational… Continue Reading

January 30, 2023

The Week in Dark Web – 30 January 2023 – KillNet Targets Germany!

Powered by DarkMirror™ Former DDoS provider, nowadays a pro-Russian threat actor KillNet continues targeting western organizations. Since Russia's invasion of Ukraine started, the group added many victims to its list. Last week, multiple German companies… Continue Reading

Malicious Actors in Dark Web: December 2022 Ransomware Landscape
January 27, 2023

Malicious Actors in Dark Web: December 2022 Ransomware Landscape

Ransomware is one of the more common cyberattack types in the news. Behind the scenes of ransomware, there are numerous threat actors, each with a motive. Although the motive usually includes financial gain, the threat actors… Continue Reading

January 26, 2023

Dark Web Profile: Hive Ransomware Group

by SOCRadar Research On November 8, 2021 electronics retail giant Media Markt has suffered a ransomware attack with an initial ransom demand of $240 million, causing IT systems to shut down and store operations to… Continue Reading

January 24, 2023

The Week in Dark Web – 24 January 2023 – Access Sales and Data Leaks

Powered by DarkMirror™ Threat actors cause cybercrime to spread to a broader base with databases and unauthorized access sales. Without the ability to obtain the database, attackers can purchase personal information from other threat actors… Continue Reading

Hydra Aftermath and the Future of Dark Web Marketplaces
January 19, 2023

Hydra Aftermath and the Future of Dark Web Marketplaces

By SOCRadar Research Russian-speaking Hydra Market was the biggest among darknet markets, with a $1B turnover in 2020. It was also the largest narcotic market among the countries of the former USSR.  With the operation started by German… Continue Reading

January 18, 2023

The Week in Dark Web – 18 January 2023 – Partnership Posts, Data Leaks, and Requests

Powered by DarkMirror™ Threat actors seek to acquire new capabilities by forming partnerships with their peers to ensure continuity in cybercrime operations. By adding a new member to the team, they can both expand their… Continue Reading

SOCRadar Free Dark Web Training: Learn How to Navigate in the Shadows
January 11, 2023

SOCRadar Free Dark Web Training: Learn How to Navigate in the Shadows

The concept of the dark web plays a key role in today's increasingly complex cybercrime ecosystem. Threat actors share the datasets obtained from attacks on dark web platforms, on forums here, or their leak sites. They plan attacks… Continue Reading

Dark Web Profile: Royal Ransomware
January 9, 2023

Dark Web Profile: Royal Ransomware

By SOCRadar Research Ransomware attacks have been rising in recent years, with the frequency of attacks increasing. In 2021, several high-profile ransomware attacks made headlines, such as the attack on the Colonial Pipeline. This attack resulted… Continue Reading

January 9, 2023

The Week in Dark Web – 9 January 2023 – Access Sales and Data Leakes

Powered by DarkMirror™ Threat actors continue to target popular social networking platforms. Twitter was awash with two significant data breaches in two weeks. By the end of 2022, the attackers claimed to have obtained 400M… Continue Reading

Major Cyberattacks in Review: December 2022
January 6, 2023

Major Cyber Attacks in Review: December 2022

In the last month, we have seen many cyber incidents, ranging from data breaches at retailers to various cyberattacks on cryptocurrency exchange platforms. These types of incidents can harm a company's reputation and lead to the theft of… Continue Reading

January 4, 2023

The Week in Dark Web – 4 January 2023 – Access Sales, Data, and Malware Leakes

Powered by DarkMirror™ Entering the first week of the year, the most sensational incident on the dark web was the sale of 30M customer data allegedly belonging to Indian Railways. Again, LockBit did not sit… Continue Reading

Dark Web Profile: MuddyWater APT Group
January 2, 2023

Dark Web Profile: MuddyWater APT Group

By SOCRadar Research Security concerns grow day by day with the rise of cyberattacks. Among the threats, cyber espionage is one of the prominent activities. It can be used to get a hold of sensitive or classified… Continue Reading

December 26, 2022

The Week in Dark Web – 26 December 2022 – Data Leaks and Access Sales

Powered by DarkMirror™ We're in the last week of the year. Most of us have already gone to visit our loved ones for a holiday. When thinking, "Oh, now I can get some relief," threat… Continue Reading

Top 10 Data Leaks in 2022
December 20, 2022

Top 10 Data Leaks in 2022

Threat actors need sensitive information to carry out most of their malicious activity. They typically obtain the information by conducting various cyberattacks or simply gathering it from unprotected platforms, accounts, or databases.  When an attacker… Continue Reading

December 19, 2022

The Week in Dark Web – 19 December 2022 – Access Sales and Leaks

Powered by DarkMirror™ Threat actors always search for something profitable for their malicious activities, whether a government institute or a company from any industry. The most precious thing for them is personal data, even outdated… Continue Reading

December 16, 2022

Dark Web Profile: Killnet – Russian Hacktivist Group

By SOCRadar Research Killnet is a pro-Russian hacktivist group known for its DDoS campaigns against countries supporting Ukraine, especially NATO countries since the Russia-Ukraine war broke out last year. DDoS is the primary type of… Continue Reading

Dark Web Profile: Black Basta Ransomware
December 16, 2022

Dark Web Profile: Black Basta Ransomware

By SOCRadar Research One of the perpetrators of the ransomware attacks, which increased by 59% in the last year, is the Russian-speaking origin ransomware group, Black Basta. They emerged in April 2022 and became notorious for breaching nearly a… Continue Reading

December 14, 2022

The Week in Dark Web – 14 December 2022 – Access Sales and Leaks

Powered by DarkMirror™ Just a few weeks remain to close 2022. We are all in the mood for the holiday season, but it seems threat actors continue their efforts on the dark web. Here's the… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo