SOCRadar? Extended Threat Intelligence

Only a few days left! SOCRadar is gearing up to meet YOU in Kentucky, USA, from March 27-29! We’ll be discussing the cybersecurity challenges that come with the growth of connected transportation. Be sure to visit us to learn about how we’re helping the trucking industry combat rising cyber threats and secure their digital infrastructure. ?? Meet our cybersecurity experts ?? Learn how to protect your fleet and systems from cyber risks Location: The Mid-America Trucking Show 2025, Kentucky, USA Date: March 27-29, 2025 #Trucking #CyberSecurity #SOCRadar #MidAmericaTruckingShow #CyberDefense #TruckingIndustry

?? New Podcast Alert! ??? We're thrilled to announce the latest episode of SOCRadar’s AI-Powered Podcast: Major Cyber Attacks of February 2025. February witnessed significant cybersecurity incidents, from disruptive ransomware attacks to targeted breaches affecting critical infrastructures worldwide. Join us as we break down the month's most impactful cyber threats through AI-driven insights and expert analysis. ?? Key Takeaways: ? Detailed analysis of February's top cyber attacks ? Evolving threat actor tactics targeting critical sectors ? Strategic advice to strengthen cybersecurity resilience ?? Listen now: ?? YouTube: https://lnkd.in/dCa4Nn-y ?? Spotify: https://lnkd.in/d8BvRsu8 ?? Stay Ahead of Cyber Threats with SOCRadar: ?? Dark Web Monitoring – Real-time detection of compromised credentials and leaked data ? Threat Intelligence Reports – Actionable insights on emerging cyber threats ?? Which February cyber incident impacted your sector most? Share your thoughts below! ?? Protect your digital assets—stay informed, stay secure! #CyberSecurity #ThreatIntelligence #CyberAttacks #DataBreach #SOCRadar #DarkWebMonitoring

?? Confirmed Exploitation: #Cisco CSLU Vulnerabilities CVE-2024-20439 & CVE-2024-20440 As of March 2025, researchers report active targeting of these flaws—threat actors are chaining the hardcoded #credential with log file exposure to access and exfiltrate sensitive data. ?? Exposed #CSLU instances running outdated versions are being scanned aggressively. ?? Cisco hasn’t confirmed successful breaches, but #exploitation attempts are rising. Organizations must #patch now to stay ahead of threat actors. ?? Learn more in SOCRadar’s updated breakdown: https://lnkd.in/g8bD67UA #CyberSecurity #Vulnerability #PatchNow #ThreatIntelligence #Infosec

?? Critical #Veeam Vulnerability (CVE-2025-23120) Puts Backup Infrastructure at Risk! A deserialization flaw (CVSS 9.9) in #Veeam Backup & Replication allows any domain user to execute remote code—potentially gaining full control over backup servers. ?? Affected version: 12.3.0.310 & earlier ? Fixed in 12.3.1.1139 – update now! ?? The flaw is exploitable in domain-joined environments, a common but risky config. ?? Learn how attackers exploit this flaw and why your backup environment needs urgent attention. ?? Gain full visibility into vulnerabilities like this with SOCRadar’s #VulnerabilityIntelligence and #AttackSurfaceManagement. ??: https://lnkd.in/dPFv6fr6 #CyberSecurity #RCE #PatchNow #ThreatIntel #BackupSecurity

?? FSociety (Flocker) Ransomware: A Rising RaaS Threat FSociety ransomware, active since 2024, enables cybercriminals to execute double extortion attacks with ease. Affiliating with FunkSec, the group expands its reach, targeting finance, retail, government, and tech sectors. ?? How it works: FSociety operates as Ransomware-as-a-Service (RaaS), encrypting victims' data and leaking stolen info. Their Flocker V5 malware includes C2, crypto stealers, keyloggers & RATs, making attacks more sophisticated. ?? Mitigation: Defend against FSociety with MFA, zero trust, proactive patching, and dark web monitoring. Stay ahead of ransomware threats with SOCRadar’s Threat Intelligence. ?? Full analysis here: https://lnkd.in/dh_TVjyF #CyberSecurity #Ransomware #ThreatIntel #FSociety #DarkWeb #RaaS

?? ???? Spain’s Cyber Threat Landscape 2025: Key Insights Cybercriminals are increasingly targeting retail, finance, and e-commerce sectors in Spain, with over 35% of attacks hitting these industries. Ransomware, phishing, and dark web activities continue to evolve, posing significant risks to organizations. ?? Ransomware: Manufacturing remains the top target, with #RansomHub leading attacks. ?? Phishing: Banking is the most affected, making up 47.47% of incidents. ?? Dark Web: Stolen credentials, government database breaches, and illicit access sales are on the rise. ?? Data breaches account for nearly 47% of cyber threats, reinforcing the need for stronger security measures and proactive threat intelligence. ?? Stay ahead of cyber threats – read the full report: https://lnkd.in/ekEcqhUB #CyberSecurity #ThreatIntelligence #Spain #Ransomware #Phishing #DarkWeb

SOCRadar is heading to Black Hat Asia 2025! We’re excited to announce that SOCRadar will be participating in Black Hat Asia 2025. Our team of cybersecurity experts will be there to share insights, discuss the latest threats, and showcase how we’re helping businesses stay secure in an ever-evolving landscape. Meet us there and learn how we can help protect your organization from emerging threats! #BlackHatAsia2025 #CyberSecurity #SOCRadar #ThreatIntelligence #CyberProtection #APACCyber

?? #GitHub Supply Chain Attack – #CISA Issues Alert! ?? A high-severity flaw (CVE-2025-30066, CVSS 8.6) in tj-actions/changed-files has been exploited to steal secrets like #AWS keys, GitHub tokens, and private RSA keys. The attack, linked to a broader #supplychain compromise, manipulates CI/CD workflows to leak sensitive data. ?? Attackers used a compromised GitHub Personal Access Token (PAT) to inject malicious code into repositories. ?? Affected? Update to tj-actions/changed-files v46.0.1 by April 4, 2025. ?? Mitigate risk: Audit past workflows, rotate secrets, and pin GitHub Actions to commit hashes instead of version tags. ?? Stay ahead of emerging cyber threats with SOCRadar XTI. Get real-time insights into supply chain attacks, #vulnerabilities, and threat actor activity. https://lnkd.in/d8MKuxvK #CyberSecurity #SupplyChainSecurity #DevSecOps #ThreatIntel #GitHubSecurity

?? Windows Shortcut Zero-Day Exploited Since 2017! ?? State-backed APTs from North Korea, Iran, Russia, and China have secretly used ZDI-CAN-25373 for years, targeting governments, finance, telecom, and defense. This Windows shortcut exploit allows stealthy execution of malicious commands, bypassing detection. ?? No patch from Microsoft! Organizations must take immediate action: ?? Restrict .lnk file execution from untrusted sources ?? Strengthen endpoint protection against hidden command-line execution ?? Monitor network activity for suspicious shortcut behavior Stay ahead with SOCRadar’s XTI and get the latest insights: ?? Read more: https://lnkd.in/dHuKc7FQ #CyberSecurity #ZeroDay #ThreatIntel #APT #WindowsExploit

?? Master Threat Intelligence & Build Hyper-Resilient Cyber Defense! ?? In today's ever-evolving threat landscape, securing hybrid and multi-cloud environments is more critical than ever. Join us for an exclusive SOCRadar webinar, where Ali Marwani, Senior Solutions Engineer, will discuss the role of Threat Intelligence in modern cybersecurity strategies. ?? Date: March 25, 2025 (Tuesday) ? Time: 11:00 AM ET ?? Speaker: Ali Marwani Don't miss this chance to stay ahead of cyber threats! Secure your spot now ?? https://lnkd.in/dHpBjhTf #CyberSecurity #ThreatIntelligence #CloudSecurity #MultiCloud #CyberDefense