soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

Blue Origin Leak Claim, iOS Zero Day Sale, VPN and AWS Access Listings, and Ticketmaster Database Post

Blue Origin Leak Claim, iOS Zero Day Sale, VPN and AWS Access Listings, and Ticketmaster Database Post SOCRadar Dark Web Team identified several new underground posts, including a claim of leaked Blue Origin documents tied to a ransom demand, a separate listing advertising an alleged full-chain iOS exploit, and access sales marketed with elevated privileges. […]

Mehr lesen →
soc

WormGPT: The Blueprint for Malicious AI

WormGPT: The Blueprint for Malicious AI The story of WormGPT is about what happens when a proof-of-concept becomes a brand and is one of the first examples of how AI is used in cyberattacks. Origins and the Original Version On June 28, 2023, a user on a popular hacking forum introduced WormGPT, marketing it as […]

Mehr lesen →
soc

OSINT Tools for Cybersecurity: A Practical Guide for Security Teams

OSINT Tools for Cybersecurity: A Practical Guide for Security Teams Attackers are already running open source intelligence operations against your organization. They are mapping your exposed infrastructure, harvesting employee credentials from breach databases, and identifying unpatched systems, all before writing a single line of exploit code. The question is whether your security team is doing […]

Mehr lesen →
soc

CISA Adds Four Known Exploited Vulnerabilities to Catalog

CISA has added four new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2024-7399 Samsung MagicINFO 9 Server Path Traversal Vulnerability CVE-2024-57726 SimpleHelp Missing Authorization Vulnerability CVE-2024-57728 SimpleHelp Path Traversal Vulnerability CVE-2025-29635 D-Link DIR-823X Command Injection Vulnerability  These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks to the federal enterprise.  Binding Operational Directive (BOD) 22-01: […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-39987 Marimo Remote Code Execution Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk […]

Mehr lesen →
soc

CVE-2026-40372: Critical ASP.NET Core Flaw May Let Attackers Gain SYSTEM Privileges

Microsoft has released out-of-band updates for CVE-2026-40372, a high-impact ASP.NET Core privilege-escalation vulnerability tied to the platform’s Data Protection cryptographic APIs. Public reporting says the flaw carries a CVSS score of 9.1 and could allow an unauthenticated attacker to forge authentication material and ultimately obtain SYSTEM privileges on affected systems. The issue stands out not […]

Mehr lesen →
soc

How OSINT is Used in Cybersecurity (Real-World Use Cases)

How OSINT is Used in Cybersecurity (Real-World Use Cases) In 2018, investigators at Bellingcat unmasked 305 officers from Russia’s military intelligence unit, GRU Unit 26165, using nothing but a public vehicle registration database and a Moscow address. No classified leaks. No hacking. Just open-source data, read carefully. That story captures what OSINT is and why […]

Mehr lesen →
soc

How AI Changed Vishing: Case of PlugValley

How AI Changed Vishing: Case of PlugValley Vishing or voice phishing is not a new attack. Fraudsters have been calling people and pretending to be banks, government agencies, and tech support for decades. What has changed is not the concept. Running a vishing operation used to demand a lot from an attacker. A convincing voice. […]

Mehr lesen →