Dark Web Profile: Sandworm
Dark Web Profile: Sandworm Threat actors range from teenagers eager to earn quick cash to state-sponsored actors with agendas behind their operations. The agendas of these state-sponsored groups may i...
LockBit and AlphVM Announce New Victims
LockBit and AlphVM Announce New Victims Powered by DarkMirror™ Last week, two notorious ransomware groups added two more names to their victim lists. AlphVM/BlackCat announced the Amazon-owned Ring on...
Dark Web Profile: Cozy Bear / APT29
Dark Web Profile: Cozy Bear / APT29 [Update] October 11, 2024: “Joint Advisory Warns of Mass Exploitation of Zimbra and TeamCity Servers by APT29” [Update] February 27, 2024: See the subheading: “Join...
Data of Many Governments are on Sale
Data of Many Governments are on Sale Powered by DarkMirror™ Data held by states is valuable to many threat actors. This information is sometimes used for fraud and sometimes for larger attacks. Data...
What is Malware as a service (MaaS)?
What is Malware as a service (MaaS)? In time, the hacker underworld creates a similar model of Software-as-a-Service (SaaS). Malware as a service and SaaS have a similar duty with one main difference;...
Evolution of Ransomware: So Far and Hereafter
Evolution of Ransomware: So Far and Hereafter By SOCRadar Research Ransomware attacks have become a potential threat to all enterprises, regardless of industry or size. Ransomware can target any indiv...
Major Cyberattacks in Review: February 2023
Major Cyberattacks in Review: February 2023 As we enter March 2023, the world continues to face a surge in cyberattacks that threaten individuals, businesses, and government agencies. The last month h...
Dark Web Profile: NoName057(16)
Dark Web Profile: NoName057(16) By SOCRadar Research [Update] July 16, 2025: “Global Law Enforcement Cracks Down on NoName057(16): Operation Eastwood” [Update] July 11, 2023: NoName recently launche...
BidenCash Leaked 2.1 Million Credit Card Information
BidenCash Leaked 2.1 Million Credit Card Information Powered by DarkMirror™ Credit card theft and the sale of credit card information are among the biggest revenue streams for threat actors on the dar...
The Week in Dark Web – February 27, 2023 – Access Sales and Data Leaks...
The Week in Dark Web – February 27, 2023 – Access Sales and Data Leaks Powered by DarkMirror™ The most sophisticated attacks can be based on data put up for sale on the dark web by threat actors. A pi...
The Week in Dark Web – February 20, 2023 – Access Sales and Data Leaks...
The Week in Dark Web – February 20, 2023 – Access Sales and Data Leaks Powered by DarkMirror™ Organizations’ worst nightmares are “data breaches” and “data leaks.” Atlassian is one of the companies th...
The Week in Dark Web – February 13, 2023 – Ransomware and Data Leaks...
The Week in Dark Web – February 13, 2023 – Ransomware and Data Leaks Powered by DarkMirror™ LockBit and Play ransomware groups continue their attacks in hacking spree mode. The attack that victimized ...
Malware Analysis: LummaC2 Stealer
Malware Analysis: LummaC2 Stealer By SOCRadar Research [Update] November 22, 2023: Read under title: “LummaC2 v4.0 Features Anti-Sandbox Technique Employing Trigonometry and Google Cookie Revival.” [U...
Why Ransomware Groups Switch to Rust Programming Language?
Why Ransomware Groups Switch to Rust Programming Language? By SOCRadar Research The Rust programming language, which was released in 2015, became popular in a short time. Continuing to increase in pop...
Major Cyberattacks in Review: January 2023
Major Cyberattacks in Review: January 2023 Cybersecurity is a constantly changing concern because threats always evolve and adapt to new technology and trends. The first month of 2023 has seen numerou...
The Week in Dark Web – February 5, 2023 – Access Sales and Data Leaks...
The Week in Dark Web – February 5, 2023 – Access Sales and Data Leaks Powered by DarkMirror™ Threat actors can weaponize even the smallest scraps of information in large-scale attacks. This is why dar...
ESXiArgs Ransomware Attack Targets VMware Servers Worldwide
ESXiArgs Ransomware Attack Targets VMware Servers Worldwide [February 9, 2023] Update: Ransomware is updated to prevent recovery solutions. Added the subheading “New Version of ESXiArgs Ransomware Pre...
Lessons Learned from Education Industry Attacks in 2022
Lessons Learned from Education Industry Attacks in 2022 By SOCRadar Research The education industry covers a diverse range of organizations, including K-12 education, higher education, private and pub...
The Week in Dark Web – 30 January 2023 – KillNet Targets Germany!
The Week in Dark Web – 30 January 2023 – KillNet Targets Germany! Powered by DarkMirror™ Former DDoS provider, nowadays a pro-Russian threat actor KillNet continues targeting western organizations. Si...
Malicious Actors in Dark Web: December 2022 Ransomware Landscape
Malicious Actors in Dark Web: December 2022 Ransomware Landscape Ransomware is one of the more common cyberattack types in the news. Behind the scenes of ransomware, there are numerous threat actors, ...