Recently, the notorious LockBit ransomware group has initiated a significant discussion among its affiliates regarding potential changes to their ransom payment policies. The group has expressed growing frustration with ransomware negotiators and their handling of payment demands. Currently,… Continue Reading
A cybercriminal gang employing a combination of impersonation and malware is the prime suspect behind the cyberattack that crippled the operations of MGM Resorts. MGM Resorts is a hospitality giant with numerous hotels and casinos… Continue Reading
[Update] September 15, 2023: See the subheading: “Ransomed.vc Interview.” [Update] September 4, 2023: The Ransomed team is collaborating with Everest Ransomware, read more under: "Old Ties, New Threats: Everest Echoes." [Update] August 24, 2023: Added… Continue Reading
While ransomware groups such as ALPHV and Lockbit 3.0 continue to hit big companies and make headlines with the large-sized files they steal, there are also actors who do not even have a TOR page… Continue Reading
The major cyberattacks of July 2023 included waves of data breaches, affecting both private and public sector entities, including healthcare organizations, financial institutions, and government agencies. However, the most attention-grabbing incident of the month was… Continue Reading
Researchers have observed an active exploit campaign targeting a newly disclosed vulnerability, CVE-2023-28121, in WooCommerce Payments plugin. There are more than 600,000 WordPress websites that use the plugin. Notably, this targeted exploit campaign distinguishes itself… Continue Reading
Due to the escalating illicit pursuits of cybercriminals seeking unlawful financial gains, particular sectors and specific types of cyber attacks tend to gain prominence. The financial sector, including the banking industry, consistently remains a primary… Continue Reading
Remote Desktop Protocol, or RDP, is a protocol developed by Microsoft. It allows the user to control another computer over a network connection. RDP is one of the most common tools for managing remote machines.… Continue Reading
The dark web, notorious for its illicit activities, has evolved into a bustling marketplace for various illegal purposes. It serves as a hub for cybercriminals, offering opportunities for stolen data transactions, hacking services, and collaborations… Continue Reading
Once upon a time, in cyberspace, a menacing threat emerged. It would forever change the landscape of digital security. This threat was ransomware. It is a wicked force capable of wreaking havoc on individuals, organizations,… Continue Reading
[Update] August 7, 2023: After officially rebranding as Knight, Cyclops has shared their new stealer named "Knight stealer" on a hacking forum. See more under: “Cyclops Advertises the New Knight Stealer.” [Update] August 3, 2023:… Continue Reading
[Update] August 28, 2023: A combination of leaked Babuk and LockBit variants became a common practice. Added the subheading “The Leaked LockBit Build Spawns New Ransomware Variants.” Ransomware continues to be a significant concern for… Continue Reading
Ransomware has been one of the most glaring threats against organizations in recent years. Since 2021 SOCRadar has detected around 5,600 ransomware attacks. There was a rise from 2021 to 2022 in the number of attacks… Continue Reading
Fraud refers to transactions made using card information without the knowledge of cardholders in the card payment sector in cybersecurity or purchases made by using fake or stolen credit cards. Today, with the advantages of the rapid digitalization… Continue Reading
In time, the hacker underworld creates a similar model of Software-as-a-Service (SaaS). Malware as a service and SaaS have a similar duty with one main difference; MaaS is an unlawful version of SaaS. MaaS gives… Continue Reading
By SOCRadar Research Ransomware attacks have become a potential threat to all enterprises, regardless of industry or size. Ransomware can target any individual or business that processes sensitive data as long as the threat actors… Continue Reading
As we enter March 2023, the world continues to face a surge in cyberattacks that threaten individuals, businesses, and government agencies. The last month has already witnessed some of the most significant cyber incidents, including data… Continue Reading
[February 9, 2023] Update: Ransomware is updated to prevent recovery solutions. Added the subheading “New Version of ESXiArgs Ransomware Prevents Recovery.” The vulnerability, tracked as CVE-2021-21974, is caused by a stack overflow issue in the OpenSLP service that… Continue Reading
by SOCRadar Research Cyber-attacks are rising worldwide, and the financial industry is among the most targeted ones. Cyber threats and attacks have become one of the sources of systemic risk for the financial industry. The… Continue Reading
What is Account Takeover? Account takeover occurs when fraudsters use stolen credentials to gain unauthorized access to a valid account. ATO attacks are used by fraudsters to move payments, steal information, and take advantage of… Continue Reading
