soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

FBI IC3 2025 Internet Crime Report: 10 Important Takeaways

FBI IC3 2025 Internet Crime Report: 10 Important TakeawaysThe FBI’s Internet Crime Complaint Center (IC3) has just released its 2025 Annual Report, and it’s a record-breaker in the worst way. For the first time in IC3’s 25-year history, complaints crossed the one-million mark, with total losses surpassing $20 billion. AI is making scams harder to […]

Mehr lesen →
soc

The Unknown Stealers: What’s Hidden Below the Radar

The Unknown Stealers: What’s Hidden Below the Radar The stealer ecosystem has matured into a professionalized criminal economy that most organizations are simply not monitoring closely enough. While the industry fixates on household names like Lumma and RedLine, a growing class of lesser-known, actively deployed stealers, Void, Datura, Misericorde, Saturn, and others, are quietly collecting […]

Mehr lesen →
soc

BlueHammer Windows Zero-Day: Privilege Escalation Risk

BlueHammer Windows Zero-Day: Privilege Escalation Risk A newly exposed Windows zero-day known as BlueHammer has become a serious concern because it can let an attacker move from a limited user account to SYSTEM-level control on a device. On its own, that may sound like a technical detail, but in practice, it means a threat actor […]

Mehr lesen →
soc

Alleged TrakCare Access, PowerLab Leak, U.S. Driver IDs, Hong Kong HA Data and More

Alleged TrakCare Access, PowerLab Leak, U.S. Driver IDs, Hong Kong HA Data and More SOCRadar’s Dark Web Team identified several new underground posts this week, including an alleged unauthorized access offering tied to TrakCare and InterSystems environments, a small French retailer database leak claim, and multiple high-risk datasets marketed with identity and healthcare-related fields. Another […]

Mehr lesen →
soc

Pro-Iran Cyberattacks on Financial Services: 144 Incidents

Pro-Iran Cyberattacks on Financial Services: 144 Incidents Financial services is the #2 most targeted sector in the entire campaign, and for reasons that are deliberate, documented, and rooted in more than a decade of Iranian cyber doctrine. Between February 28 and April 6, 2026, SOCRadar tracked 1,583 verified incidents across Operation Epic Fury. Of those, […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-35616 – Fortinet FortiClient EMS Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 22-01: Reducing […]

Mehr lesen →
soc

Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure

Advisory at a Glance Title Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure Original Publication April 7, 2026 Executive Summary Iran-affiliated advanced persistent threat (APT) actors are conducting exploitation activity targeting internet-facing operational technology (OT) devices, including programmable logic controllers (PLCs) manufactured by Rockwell Automation/Allen-Bradley. This activity has led to PLC disruptions […]

Mehr lesen →
soc

CVE-2026-35616: FortiClient EMS API Auth Bypass Enables Command Execution

CVE-2026-35616: FortiClient EMS API Auth Bypass Enables Command Execution Fortinet disclosed a critical vulnerability in Fortinet FortiClient EMS (Enterprise Management Server) tracked as CVE-2026-35616. Fortinet also says it has observed in-the-wild exploitation and released out-of-band hotfix guidance for affected builds. This post breaks down what CVE-2026-35616 is, who is affected, and what defenders should do […]

Mehr lesen →