Blog

Latest articles from SOCRadar

March 28, 2022

The Week in Dark Web – 28 March 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

How to Identify Spear Phishing?
March 25, 2022

How to Identify Spear Phishing?

Successful spear phishing accounts for up to 95 percent of all attacks on enterprise networks. Because of the proliferation of COVID-19, attacks escalated in 2020, with hackers preying on stay-at-home workers who aren't protected by… Continue Reading

Automotive Industry Under Ransomware Attacks
March 25, 2022

Automotive Industry Under Ransomware Attacks

Although the automotive industry has begun to digitalize its manufacturing facilities, most businesses still treat cybersecurity as an afterthought. According to a recent analysis on threat trends, about half of the top 100 manufacturers are… Continue Reading

Telegram: A New Place for Hackers
March 24, 2022

Telegram: A New Place for Hackers

One of the most commonly used messaging apps, Telegram, has become more and more popular ever since the privacy policy scandal of WhatsApp in January 2021. WhatsApp announced that they have been sharing their customers’… Continue Reading

What is a Phishing Kit?
March 24, 2022

What is a Phishing Kit?

A phishing kit is a set of software tools, such as HTML, pictures, and code that fraudsters can use to construct and launch phishing attacks. Phishing kits allow anyone with little or no phishing experience to… Continue Reading

Lapsus$ Group Allegedly Breached Okta After Microsoft Source Code Leak
March 22, 2022

Lapsus$ Group Allegedly Breached Okta After Microsoft Source Code Leak

The Lapsus$ group has announced that they are responsible for authentication service provider Okta's digital breach. Threat actors posted screenshots on their Telegram channel, showing the internal system.  Cyber security experts think that the attack… Continue Reading

March 21, 2022

The Week in Dark Web – 21 March 2022 – Ransomware Attacks and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

AvosLocker Ransomware
March 21, 2022

Dark Web Profile: AvosLocker Ransomware

AvosLocker was first detected in 2021, and it usually appears as ransomware targeting Windows systems. After a variant targeting Linux environments emerged, striking attacks began to occur. The group, which operates as a ransomware-as-a-service (RaaS),… Continue Reading

Conti Leaks
March 18, 2022

An Overview on Conti Ransomware Leaks: Is This the End for Conti?

Along with Russia’s physical invasion of Ukraine on February 24th, 2022, Russia has targeted and attacked Ukraine in cyberspace. There has been a massive spike in cyberattacks parallel to physical aggression, affecting many Ukrainian organizations… Continue Reading

B1txor20 Malware Exploiting Log4J Vulnerability
March 16, 2022

B1txor20 Malware Exploiting Log4J Vulnerability

Since the Log4J vulnerability was discovered, some other malware showed up and exploited it. B1txor20 seems to take its place among the participants in this malware cluster. Let's take a closer look at B1txor20, which… Continue Reading

APT41 Double Dragon
March 15, 2022

Deep Web Profile: APT41/Double Dragon

APT41 (also known as Double Dragon) is a well-known cyber threat group that carries out Chinese state-sponsored espionage as well as financially motivated operations that may be outside the authority of the Chinese government. Explicit… Continue Reading

March 14, 2022

The Week in Dark Web – 14 March 2022 – Ransomware Attacks and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

what-should-we-learn-from-the-conti-hse-ireland-attack
March 11, 2022

What Should We Learn From the Conti’s HSE Ireland Attack?

Conti ransomware attacks can target almost any organization. The attack on HSE Ireland last year demonstrates that threat actors can even target critical sectors such as healthcare. A more proactive understanding of cyber security is… Continue Reading

who-is-stormous-ransomware-group
March 10, 2022

Deep Web Profile: Who is ‘Stormous Ransomware’ Claiming to Leak Epic Games Information

The Stormous ransomware group has touted itself as the actor behind some attacks since early 2022. Discussions began to revolve around some of these attacks being carried out by other threat actors, with the Stormous… Continue Reading

March 3, 2022

Dark Web Threat Profile: Cuba Ransomware Group

Cuba is a C++ based ransomware, and Cuba Ransomware group uses it as the final step payload for double extortion attacks. Operators utilize Cuba in combination with a data leak site that publishes information extracted… Continue Reading

March 2, 2022

Timeline: The Russian – Ukranian Cyber Space Wars

February 13: A file matching the DDoS attack IoCs was uploaded to VirusTotal. February 15 & 16: Some Ukrainian websites were not accessible due to heavy DDoS attacks. Both UK and US officials have attributed… Continue Reading

March 1, 2022

What Do Conti’s Leaks Tell Us about Ransomware Groups?

Conti, a dangerous ransomware gang that first appeared in December 2019, resided in Saint Petersburg, Russia, from the very beginning. During the actual conflict between Ukraine and Russia, eyes were naturally turned to the side… Continue Reading

February 28, 2022

The Week in Dark Web – 28 February 2022 – Ransomware Attacks and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

What Happened on the Deep Web in 2021?
February 15, 2022

SOCRadar’s First Year-End Report: What Happened on the Deep Web in 2021? 

In 2021, we saw that deep web monitoring and cybersecurity are essential to large corporations, governments, and ordinary people. While the Log4j vulnerability allowed threat actors to attack all java-based web servers, resounding attacks such… Continue Reading

January 31, 2022

The Week in Dark Web – 31 January 2022 – Ransomware Attacks and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo