Clop Serial Attacks, TP-Link Exploit & macOS Stealer
Clop Serial Attacks, TP-Link Exploit & macOS Stealer Powered by DarkMirror™ Last week, the dark web’s most spectacular news was the victims that Clop announced one after the other. The threa...
APT Profile: Sandworm
APT Profile: Sandworm Threat actors range from teenagers eager to earn quick cash to state-sponsored actors with agendas behind their operations. The agendas of these state-sponsored groups may includ...
LockBit and AlphVM Announce New Victims
LockBit and AlphVM Announce New Victims Powered by DarkMirror™ Last week, two notorious ransomware groups added two more names to their victim lists. AlphVM/BlackCat announced the Amazon-owned Ring on...
APT Profile: Cozy Bear / APT29
APT Profile: Cozy Bear / APT29 [Update] February 27, 2024: See the subheading: “Joint Advisory on APT29’s Recent Initial Cloud Access Tactics” [Update] November 16, 2023: See the subheading: “APT29 Ex...
Data of Many Governments are on Sale
Data of Many Governments are on Sale Powered by DarkMirror™ Data held by states is valuable to many threat actors. This information is sometimes used for fraud and sometimes for larger attacks. Data...
What is Malware as a service (MaaS)?
What is Malware as a service (MaaS)? In time, the hacker underworld creates a similar model of Software-as-a-Service (SaaS). Malware as a service and SaaS have a similar duty with one main difference;...
Evolution of Ransomware: So Far and Hereafter
Evolution of Ransomware: So Far and Hereafter By SOCRadar Research Ransomware attacks have become a potential threat to all enterprises, regardless of industry or size. Ransomware can target any indiv...
Major Cyberattacks in Review: February 2023
Major Cyberattacks in Review: February 2023 As we enter March 2023, the world continues to face a surge in cyberattacks that threaten individuals, businesses, and government agencies. The last month h...
Dark Web Profile: NoName057(16)
Dark Web Profile: NoName057(16) By SOCRadar Research [Update] July 11, 2023: NoName recently launched a cyber attack on Poland, targeting critical infrastructures such as the National Bank of Poland a...
BidenCash Leaked 2.1 Million Credit Card Information
BidenCash Leaked 2.1 Million Credit Card Information Powered by DarkMirror™ Credit card theft and the sale of credit card information are among the biggest revenue streams for threat actors on the dar...
The Week in Dark Web – February 27, 2023 – Access Sales and Data Leaks...
The Week in Dark Web – February 27, 2023 – Access Sales and Data Leaks Powered by DarkMirror™ The most sophisticated attacks can be based on data put up for sale on the dark web by threat actors. A pi...
The Week in Dark Web – February 20, 2023 – Access Sales and Data Leaks...
The Week in Dark Web – February 20, 2023 – Access Sales and Data Leaks Powered by DarkMirror™ Organizations’ worst nightmares are “data breaches” and “data leaks.” Atlass...
The Week in Dark Web – February 13, 2023 – Ransomware and Data Leaks...
The Week in Dark Web – February 13, 2023 – Ransomware and Data Leaks Powered by DarkMirror™ LockBit and Play ransomware groups continue their attacks in hacking spree mode. The attack that victimized ...
Malware Analysis: LummaC2 Stealer
Malware Analysis: LummaC2 Stealer By SOCRadar Research [Update] November 22, 2023: Read under title: “LummaC2 v4.0 Features Anti-Sandbox Technique Employing Trigonometry and Google Cookie Revival.” [U...
Why Ransomware Groups Switch to Rust Programming Language?
Why Ransomware Groups Switch to Rust Programming Language? By SOCRadar Research The Rust programming language, which was released in 2015, became popular in a short time. Continuing to increase in pop...
Major Cyberattacks in Review: January 2023
Major Cyberattacks in Review: January 2023 Cybersecurity is a constantly changing concern because threats always evolve and adapt to new technology and trends. The first month of 2023 has seen numerou...
The Week in Dark Web – February 5, 2023 – Access Sales and Data Leaks...
The Week in Dark Web – February 5, 2023 – Access Sales and Data Leaks Powered by DarkMirror™ Threat actors can weaponize even the smallest scraps of information in large-scale attacks. This is why dar...
ESXiArgs Ransomware Attack Targets VMware Servers Worldwide
ESXiArgs Ransomware Attack Targets VMware Servers Worldwide [February 9, 2023] Update: Ransomware is updated to prevent recovery solutions. Added the subheading “New Version of ESXiArgs Ransomware Pre...
Lessons Learned from Education Industry Attacks in 2022
Lessons Learned from Education Industry Attacks in 2022 By SOCRadar Research The education industry covers a diverse range of organizations, including K-12 education, higher education, private and pub...
The Week in Dark Web – 30 January 2023 – KillNet Targets Germany!
The Week in Dark Web – 30 January 2023 – KillNet Targets Germany! Powered by DarkMirror™ Former DDoS provider, nowadays a pro-Russian threat actor KillNet continues targeting western organizations. Si...