soc

📅 Kalender

< July 2026 >
Mo
Di
Mi
Do
Fr
Sa
So
12
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
soc

CVE-2026-20262: Cisco SD-WAN Manager Zero-Day Can Lead to Root Privilege Escalation

Cisco has released security updates for an SD-WAN vManage flaw exploited in zero-day attacks. The issue, tracked as CVE-2026-20262, affects Cisco Catalyst SD-WAN Manager and can allow an authenticated remote attacker to create or overwrite files on the underlying operating system, opening a path to root privilege escalation. Public reporting says the flaw was exploited […]

Mehr lesen →
soc

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-48907 Widget Factory Joomla Content Editor Improper Access Control Vulnerability This type of vulnerability is a frequent attack vector for malicious cyber actors and poses significant risks to the federal enterprise. Binding Operational Directive (BOD) 26-04: […]

Mehr lesen →
soc

Top 5 Phishing Domain Takedown Service

Top 5 Phishing Domain Takedown Service Phishing attacks remain one of the most persistent and scalable threats facing organizations today. In Q1 2026 alone, approximately 8.3 billion email-based phishing threats detected. Phishing-as-a-Service (PhaaS) platforms now account for a growing share of campaigns, enabling threat actors with minimal technical skill to launch credential-harvesting operations at an […]

Mehr lesen →
soc

CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root

CVE-2026-20262: Cisco Catalyst SD-WAN Manager Zero-Day Leads to Root CVE-2026-20262 is a zero-day vulnerability in Cisco Catalyst SD-WAN Manager (formerly SD-WAN vManage) that lets an authenticated attacker with low privileges (at least write access) write files to unintended locations on the server. The flaw sits in the web UI / API file upload flow, where […]

Mehr lesen →
soc

The Quarry: Inside the PhaaS Operation Behind Hundreds of IRS and SSA Phishing Campaigns

The Quarry: Inside the PhaaS Operation Behind Hundreds of IRS and SSA Phishing Campaigns What looks like a wave of disconnected phishing incidents – some impersonating the IRS, others mimicking the Social Security Administration or DocuSign – can trace back to a single developer selling a Phishing-as-a-Service (PhaaS) toolkit to nearly 200 operators. SOCRadar’s Threat […]

Mehr lesen →
soc

Dark Web Profile: Fox Kitten

Dark Web Profile: Fox Kitten Fox Kitten stands out among Iranian Advanced Persistent Threat (APT) groups for operating on two tracks simultaneously: collecting intelligence for the Iranian regime while brokering network access to ransomware affiliates for profit. That dual mission, combined with a persistent focus on exploiting internet-facing VPN and firewall devices, makes Fox Kitten […]

Mehr lesen →
soc

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation. CVE-2026-20262 Cisco Catalyst SD-WAN Manager Directory or Path Traversal Vulnerability CVE-2026-54420 LiteSpeed cPanel Plugin UNIX Symbolic Link (Symlink) Following Vulnerability These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant […]

Mehr lesen →
soc

Iran Hajj Organization Data Claim, Crypto Leads Sale, APT43 Tooling Claim, Sweden User Data, and Chrysler Breach Claim

Iran Hajj Organization Data Claim, Crypto Leads Sale, APT43 Tooling Claim, Sweden User Data, and Chrysler Breach Claim SOCRadar’s Dark Web Team identified several new underground posts, including an alleged 168 million-record database sale tied to Iran’s Hajj and Pilgrimage Organization and a separate listing offering large volumes of U.S. crypto-related leads. Other posts claimed […]

Mehr lesen →
soc

What the EU AI Act Actually Requires for Cybersecurity (And Where Enterprises Are Exposed)

What the EU AI Act Actually Requires for Cybersecurity (And Where Enterprises Are Exposed) The EU AI Act contains specific cybersecurity requirements. Article 15 names the threats. Article 73 sets reporting deadlines. Article 9 mandates continuous risk management. But most coverage of the Act buries the cybersecurity provisions inside a general compliance overview. That framing […]

Mehr lesen →
soc

Dark Web Profile: Rock

Dark Web Profile: Rock Most Phishing-as-a-Service operations are run by a faceless brand. Rock is the opposite: a single developer who builds, maintains, and sells an entire phishing and remote access toolkit, then sits in the middle of an ecosystem of up to roughly 200 operators running their own campaigns on top of it. SOCRadar […]

Mehr lesen →