Latest articles from SOCRadar
Powered by DarkMirror™ Threat actors can weaponize even the smallest scraps of information in large-scale attacks. This is why dark web posts that expose personal information, such as data leaks, account and access sales can… Continue Reading
[February 9, 2023] Update: Ransomware is updated to prevent recovery solutions. Added the subheading “New Version of ESXiArgs Ransomware Prevents Recovery.” The vulnerability, tracked as CVE-2021-21974, is caused by a stack overflow issue in the OpenSLP service that… Continue Reading
By SOCRadar Research The education industry covers a diverse range of organizations, including K-12 education, higher education, private and public education, science research institutes, and tutoring ranging from exam preparation to hobby courses. Furthermore, educational… Continue Reading
Powered by DarkMirror™ Former DDoS provider, nowadays a pro-Russian threat actor KillNet continues targeting western organizations. Since Russia's invasion of Ukraine started, the group added many victims to its list. Last week, multiple German companies… Continue Reading
Ransomware is one of the more common cyberattack types in the news. Behind the scenes of ransomware, there are numerous threat actors, each with a motive. Although the motive usually includes financial gain, the threat actors… Continue Reading
[Update] November 14, 2023: See the subheading: "New Era of Hive Ransomware Under Hunters International." by SOCRadar Research On November 8, 2021 electronics retail giant Media Markt has suffered a ransomware attack with an initial… Continue Reading
Powered by DarkMirror™ Threat actors cause cybercrime to spread to a broader base with databases and unauthorized access sales. Without the ability to obtain the database, attackers can purchase personal information from other threat actors… Continue Reading
By SOCRadar Research Russian-speaking Hydra Market was the biggest among darknet markets, with a $1B turnover in 2020. It was also the largest narcotic market among the countries of the former USSR. With the operation started by German… Continue Reading
Powered by DarkMirror™ Threat actors seek to acquire new capabilities by forming partnerships with their peers to ensure continuity in cybercrime operations. By adding a new member to the team, they can both expand their… Continue Reading
The concept of the dark web plays a key role in today's increasingly complex cybercrime ecosystem. Threat actors share the datasets obtained from attacks on dark web platforms, on forums here, or their leak sites. They plan attacks… Continue Reading
[Update] November 14, 2023: See the subheading: "CSA Update from CISA and FBI: Royal Ransomware’s Possible Rebranding to 'Blacksuit'" By SOCRadar Research Ransomware attacks have been rising in recent years, with the frequency of attacks… Continue Reading
Powered by DarkMirror™ Threat actors continue to target popular social networking platforms. Twitter was awash with two significant data breaches in two weeks. By the end of 2022, the attackers claimed to have obtained 400M… Continue Reading
In the last month, we have seen many cyber incidents, ranging from data breaches at retailers to various cyberattacks on cryptocurrency exchange platforms. These types of incidents can harm a company's reputation and lead to the theft of… Continue Reading
Powered by DarkMirror™ Entering the first week of the year, the most sensational incident on the dark web was the sale of 30M customer data allegedly belonging to Indian Railways. Again, LockBit did not sit… Continue Reading
[Update] April 19, 2023: Added subheading: “MuddyWater Uses SimpleHelp Tool for Persistence on Victim Devices” Security concerns grow day by day with the rise of cyberattacks. Among the threats, cyber espionage is one of the prominent activities.… Continue Reading
Powered by DarkMirror™ We're in the last week of the year. Most of us have already gone to visit our loved ones for a holiday. When thinking, "Oh, now I can get some relief," threat… Continue Reading
Threat actors need sensitive information to carry out most of their malicious activity. They typically obtain the information by conducting various cyberattacks or simply gathering it from unprotected platforms, accounts, or databases. When an attacker… Continue Reading
Powered by DarkMirror™ Threat actors always search for something profitable for their malicious activities, whether a government institute or a company from any industry. The most precious thing for them is personal data, even outdated… Continue Reading
[Update] November 22, 2023: See the subheading: "Unrest Within KillNet: Internal Conflict and Public Criticism." By SOCRadar Research The ongoing conflict between Ukraine and Russia has attracted the attention of various cybercriminal groups and pushed… Continue Reading
By SOCRadar Research One of the perpetrators of the ransomware attacks, which increased by 59% in the last year, is the Russian-speaking origin ransomware group, Black Basta. They emerged in April 2022 and became notorious for breaching nearly a… Continue Reading
