#socradar — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #socradar, aggregated by home.social.
-
US businesses in the crosshairs of Dark Web threats! Cyber attacks on the rise, putting sensitive data at risk. https://jpmellojr.blogspot.com/2025/07/us-now-top-target-for-dark-web.html #DarkWeb #Cybercrime #USBusinesses #SOCRadar #Cyberthreats
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing – Source:hackread.com https://ciso2ciso.com/russias-storm-2372-hits-orgs-with-mfa-bypass-via-device-code-phishing-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Hackread #Phishing #security #SOCRadar #Russia #Scam #MFA
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing – Source:hackread.com https://ciso2ciso.com/russias-storm-2372-hits-orgs-with-mfa-bypass-via-device-code-phishing-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Hackread #Phishing #security #SOCRadar #Russia #Scam #MFA
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing – Source:hackread.com https://ciso2ciso.com/russias-storm-2372-hits-orgs-with-mfa-bypass-via-device-code-phishing-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Hackread #Phishing #security #SOCRadar #Russia #Scam #MFA
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing – Source:hackread.com https://ciso2ciso.com/russias-storm-2372-hits-orgs-with-mfa-bypass-via-device-code-phishing-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Hackread #Phishing #security #SOCRadar #Russia #Scam #MFA
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing https://hackread.com/russia-storm-2372-hit-mfa-bypass-device-code-phishing/ #Cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Security #Phishing #SOCRadar #Russia #Scam #MFA
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing https://hackread.com/russia-storm-2372-hit-mfa-bypass-device-code-phishing/ #Cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Security #Phishing #SOCRadar #Russia #Scam #MFA
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing https://hackread.com/russia-storm-2372-hit-mfa-bypass-device-code-phishing/ #Cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Security #Phishing #SOCRadar #Russia #Scam #MFA
-
Russia’s Storm-2372 Hits Orgs with MFA Bypass via Device Code Phishing https://hackread.com/russia-storm-2372-hit-mfa-bypass-device-code-phishing/ #Cybersecurity #CyberAttacks #PhishingScam #CyberAttack #Storm2372 #Security #Phishing #SOCRadar #Russia #Scam #MFA
-
This notification from HIPB about the Not SOCRadar breach made me think how damn hard of a job @troyhunt is doing.
My first reaction was "why would he load this" but after reading the #socradar report I think I understand.
But if my understanding is correct there is so many levels of infosec-meta here.
I think (correct me if I'm wrong) that this breach is actually a indication of the email being in a stealer log.
Which is bad.
And nither the SOCRadar writeup nor Troy's description of the breach explain this.
So I thought I would write up a suggestion for how to improve the description to include this.
But I very quickly got stuck because there is actually very little known about this and assumption and guesses are likely to add to the confusion.
We have no idea if the email/credentials was stolen last month, or five years ago, or if it was just in some random compilation of public emails in a telegram channel.
So in the end, I think keeping it to "known" facts like Troy does makes sense.
But... what is the value then? If the goal is to help people know if they are breached, knowing that it was in this report gives absolutely zero info to anyone.
Except if this is the ONLY breach the email was in. Because that might indicate the breach is actually recent.
But figuring this out is again so many levels down that I doubt many can draw that conclusion.
So was it worth loading this or not? I don't know. The fact that there was 19% new emails seems to indicate it was indeed worth it as those people have not previously received any notification. But for the 81% that were already in, the additional notification seems to provide very little value.
So in the end, I think where I'm ending up is that it would be useful if the notification email had a bit more information. That would save me having to HIPB, send verification, log-in, Ctrl+F the new breach and try to figure out if this is a new breach or a repacking.
-
This notification from HIPB about the Not SOCRadar breach made me think how damn hard of a job @troyhunt is doing.
My first reaction was "why would he load this" but after reading the #socradar report I think I understand.
But if my understanding is correct there is so many levels of infosec-meta here.
I think (correct me if I'm wrong) that this breach is actually a indication of the email being in a stealer log.
Which is bad.
And nither the SOCRadar writeup nor Troy's description of the breach explain this.
So I thought I would write up a suggestion for how to improve the description to include this.
But I very quickly got stuck because there is actually very little known about this and assumption and guesses are likely to add to the confusion.
We have no idea if the email/credentials was stolen last month, or five years ago, or if it was just in some random compilation of public emails in a telegram channel.
So in the end, I think keeping it to "known" facts like Troy does makes sense.
But... what is the value then? If the goal is to help people know if they are breached, knowing that it was in this report gives absolutely zero info to anyone.
Except if this is the ONLY breach the email was in. Because that might indicate the breach is actually recent.
But figuring this out is again so many levels down that I doubt many can draw that conclusion.
So was it worth loading this or not? I don't know. The fact that there was 19% new emails seems to indicate it was indeed worth it as those people have not previously received any notification. But for the 81% that were already in, the additional notification seems to provide very little value.
So in the end, I think where I'm ending up is that it would be useful if the notification email had a bit more information. That would save me having to HIPB, send verification, log-in, Ctrl+F the new breach and try to figure out if this is a new breach or a repacking.
-
This notification from HIPB about the Not SOCRadar breach made me think how damn hard of a job @troyhunt is doing.
My first reaction was "why would he load this" but after reading the #socradar report I think I understand.
But if my understanding is correct there is so many levels of infosec-meta here.
I think (correct me if I'm wrong) that this breach is actually a indication of the email being in a stealer log.
Which is bad.
And nither the SOCRadar writeup nor Troy's description of the breach explain this.
So I thought I would write up a suggestion for how to improve the description to include this.
But I very quickly got stuck because there is actually very little known about this and assumption and guesses are likely to add to the confusion.
We have no idea if the email/credentials was stolen last month, or five years ago, or if it was just in some random compilation of public emails in a telegram channel.
So in the end, I think keeping it to "known" facts like Troy does makes sense.
But... what is the value then? If the goal is to help people know if they are breached, knowing that it was in this report gives absolutely zero info to anyone.
Except if this is the ONLY breach the email was in. Because that might indicate the breach is actually recent.
But figuring this out is again so many levels down that I doubt many can draw that conclusion.
So was it worth loading this or not? I don't know. The fact that there was 19% new emails seems to indicate it was indeed worth it as those people have not previously received any notification. But for the 81% that were already in, the additional notification seems to provide very little value.
So in the end, I think where I'm ending up is that it would be useful if the notification email had a bit more information. That would save me having to HIPB, send verification, log-in, Ctrl+F the new breach and try to figure out if this is a new breach or a repacking.
-
This notification from HIPB about the Not SOCRadar breach made me think how damn hard of a job @troyhunt is doing.
My first reaction was "why would he load this" but after reading the #socradar report I think I understand.
But if my understanding is correct there is so many levels of infosec-meta here.
I think (correct me if I'm wrong) that this breach is actually a indication of the email being in a stealer log.
Which is bad.
And nither the SOCRadar writeup nor Troy's description of the breach explain this.
So I thought I would write up a suggestion for how to improve the description to include this.
But I very quickly got stuck because there is actually very little known about this and assumption and guesses are likely to add to the confusion.
We have no idea if the email/credentials was stolen last month, or five years ago, or if it was just in some random compilation of public emails in a telegram channel.
So in the end, I think keeping it to "known" facts like Troy does makes sense.
But... what is the value then? If the goal is to help people know if they are breached, knowing that it was in this report gives absolutely zero info to anyone.
Except if this is the ONLY breach the email was in. Because that might indicate the breach is actually recent.
But figuring this out is again so many levels down that I doubt many can draw that conclusion.
So was it worth loading this or not? I don't know. The fact that there was 19% new emails seems to indicate it was indeed worth it as those people have not previously received any notification. But for the 81% that were already in, the additional notification seems to provide very little value.
So in the end, I think where I'm ending up is that it would be useful if the notification email had a bit more information. That would save me having to HIPB, send verification, log-in, Ctrl+F the new breach and try to figure out if this is a new breach or a repacking.
-
This notification from HIPB about the Not SOCRadar breach made me think how damn hard of a job @troyhunt is doing.
My first reaction was "why would he load this" but after reading the #socradar report I think I understand.
But if my understanding is correct there is so many levels of infosec-meta here.
I think (correct me if I'm wrong) that this breach is actually a indication of the email being in a stealer log.
Which is bad.
And nither the SOCRadar writeup nor Troy's description of the breach explain this.
So I thought I would write up a suggestion for how to improve the description to include this.
But I very quickly got stuck because there is actually very little known about this and assumption and guesses are likely to add to the confusion.
We have no idea if the email/credentials was stolen last month, or five years ago, or if it was just in some random compilation of public emails in a telegram channel.
So in the end, I think keeping it to "known" facts like Troy does makes sense.
But... what is the value then? If the goal is to help people know if they are breached, knowing that it was in this report gives absolutely zero info to anyone.
Except if this is the ONLY breach the email was in. Because that might indicate the breach is actually recent.
But figuring this out is again so many levels down that I doubt many can draw that conclusion.
So was it worth loading this or not? I don't know. The fact that there was 19% new emails seems to indicate it was indeed worth it as those people have not previously received any notification. But for the 81% that were already in, the additional notification seems to provide very little value.
So in the end, I think where I'm ending up is that it would be useful if the notification email had a bit more information. That would save me having to HIPB, send verification, log-in, Ctrl+F the new breach and try to figure out if this is a new breach or a repacking.
-
Tiens, ce matin certains de mes domaines perso beepent chez haveibeenpwned
Apparemment quelqu'un aurait agregé des identifiants en utilisant la solution CTI de SOCRadar
(entre autres des extractions de collections Telegram)
⬇️
"In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format."
👇
https://haveibeenpwned.com/"The investigation revealed that SOCRadar’s internal systems were not breached. The threat actor acquired a license from SOCRadar under a legitimate company name, providing access to the platform similar to any other customer. With this account, the actor could search for well-known domain names, collect Telegram channel names, and crawl these channels to harvest email addresses."
👇
https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/ -
Tiens, ce matin certains de mes domaines perso beepent chez haveibeenpwned
Apparemment quelqu'un aurait agregé des identifiants en utilisant la solution CTI de SOCRadar
(entre autres des extractions de collections Telegram)
⬇️
"In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format."
👇
https://haveibeenpwned.com/"The investigation revealed that SOCRadar’s internal systems were not breached. The threat actor acquired a license from SOCRadar under a legitimate company name, providing access to the platform similar to any other customer. With this account, the actor could search for well-known domain names, collect Telegram channel names, and crawl these channels to harvest email addresses."
👇
https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/ -
Tiens, ce matin certains de mes domaines perso beepent chez haveibeenpwned
Apparemment quelqu'un aurait agrgé des identifiants en utilisant la solution CTI de SOCRadar
(entre autres des extractions de collections Telegram)
⬇️
"In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format."
👇
https://haveibeenpwned.com/"The investigation revealed that SOCRadar’s internal systems were not breached. The threat actor acquired a license from SOCRadar under a legitimate company name, providing access to the platform similar to any other customer. With this account, the actor could search for well-known domain names, collect Telegram channel names, and crawl these channels to harvest email addresses."
👇
https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/ -
Tiens, ce matin certains de mes domaines perso beepent chez haveibeenpwned
Apparemment quelqu'un aurait agregé des identifiants en utilisant la solution CTI de SOCRadar
(entre autres des extractions de collections Telegram)
⬇️
"In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format."
👇
https://haveibeenpwned.com/"The investigation revealed that SOCRadar’s internal systems were not breached. The threat actor acquired a license from SOCRadar under a legitimate company name, providing access to the platform similar to any other customer. With this account, the actor could search for well-known domain names, collect Telegram channel names, and crawl these channels to harvest email addresses."
👇
https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/ -
Tiens, ce matin certains de mes domaines perso beepent chez haveibeenpwned
Apparemment quelqu'un aurait agrgé des identifiants en utilisant la solution CTI de SOCRadar
(entre autres des extractions de collections Telegram)
⬇️
"In August 2024, over 332M rows of email addresses were posted to a popular hacking forum. The post alleged the addresses were scraped from cybersecurity firm SOCRadar, however an investigation on their behalf concluded that "the actor merely utilised functionalities inherent in the platform's standard offerings, designed to gather information from publicly available sources". There is no suggestion the incident compromised SOCRadar's security or posed any risk to their customers. In total, the data set contained 282M unique addresses of valid email address format."
👇
https://haveibeenpwned.com/"The investigation revealed that SOCRadar’s internal systems were not breached. The threat actor acquired a license from SOCRadar under a legitimate company name, providing access to the platform similar to any other customer. With this account, the actor could search for well-known domain names, collect Telegram channel names, and crawl these channels to harvest email addresses."
👇
https://socradar.io/socradars-response-to-the-usdods-claim-of-scraping-330-million-emails/ -
More than 330 Million Email Addresses Allegedly Scraped from Security Platform SOCRadar.io Exposed Online https://thecyberexpress.com/330-million-email-ids-scraped-from-socradar-io/ #TheCyberExpressNews #CybersecurityNews #CyberEssentials #TheCyberExpress #DataBreachNews #BreachForums #DataScraping #databreach #SOCRadario #Hackread #SOCRadar #USDoD
-
More than 330 Million Email Addresses Allegedly Scraped from Security Platform SOCRadar.io Exposed Online https://thecyberexpress.com/330-million-email-ids-scraped-from-socradar-io/ #TheCyberExpressNews #CybersecurityNews #CyberEssentials #TheCyberExpress #DataBreachNews #BreachForums #DataScraping #databreach #SOCRadario #Hackread #SOCRadar #USDoD
-
More than 330 Million Email Addresses Allegedly Scraped from Security Platform SOCRadar.io Exposed Online https://thecyberexpress.com/330-million-email-ids-scraped-from-socradar-io/ #TheCyberExpressNews #CybersecurityNews #CyberEssentials #TheCyberExpress #DataBreachNews #BreachForums #DataScraping #databreach #SOCRadario #Hackread #SOCRadar #USDoD
-
More than 330 Million Email Addresses Allegedly Scraped from Security Platform SOCRadar.io Exposed Online https://thecyberexpress.com/330-million-email-ids-scraped-from-socradar-io/ #TheCyberExpressNews #CybersecurityNews #CyberEssentials #TheCyberExpress #DataBreachNews #BreachForums #DataScraping #databreach #SOCRadario #Hackread #SOCRadar #USDoD
-
332 Million Email Addresses Scraped from SOCRadar.io Published Online https://hackread.com/332-million-email-addresses-scraped-from-socradar-io/ #ThreatIntelligence #WebScraping #databreach #Security #SOCRadar #Leaks #LEAKS #USDoD
-
332 Million Email Addresses Scraped from SOCRadar.io Published Online https://hackread.com/332-million-email-addresses-scraped-from-socradar-io/ #ThreatIntelligence #WebScraping #databreach #Security #SOCRadar #Leaks #LEAKS #USDoD
-
332 Million Email Addresses Scraped from SOCRadar.io Published Online https://hackread.com/332-million-email-addresses-scraped-from-socradar-io/ #ThreatIntelligence #WebScraping #databreach #Security #SOCRadar #Leaks #LEAKS #USDoD
-
332 Million Email Addresses Scraped from SOCRadar.io Published Online https://hackread.com/332-million-email-addresses-scraped-from-socradar-io/ #ThreatIntelligence #WebScraping #databreach #Security #SOCRadar #Leaks #LEAKS #USDoD
-
Breaking down the numbers: Q2 2024 cybersecurity funding activity recap https://www.helpnetsecurity.com/2024/06/25/cybersecurity-funding-q2-2024/ #SublimeSecurity #NagomiSecurity #StepSecurity #StrikeReady #TraceableAI #XONASystems #DropzoneAI #investment #Transcend #YesWeHack #Huntress #Semperis #SOCRadar #Alethea #BforeAI #Simbian #Island #LayerX #Entro #News #HYPR #PVML
-
Breaking down the numbers: Q2 2024 cybersecurity funding activity recap https://www.helpnetsecurity.com/2024/06/25/cybersecurity-funding-q2-2024/ #SublimeSecurity #NagomiSecurity #StepSecurity #StrikeReady #TraceableAI #XONASystems #DropzoneAI #investment #Transcend #YesWeHack #Huntress #Semperis #SOCRadar #Alethea #BforeAI #Simbian #Island #LayerX #Entro #News #HYPR #PVML
-
Breaking down the numbers: Q2 2024 cybersecurity funding activity recap https://www.helpnetsecurity.com/2024/06/25/cybersecurity-funding-q2-2024/ #SublimeSecurity #NagomiSecurity #StepSecurity #StrikeReady #TraceableAI #XONASystems #DropzoneAI #investment #Transcend #YesWeHack #Huntress #Semperis #SOCRadar #Alethea #BforeAI #Simbian #Island #LayerX #Entro #News #HYPR #PVML
-
Breaking down the numbers: Q2 2024 cybersecurity funding activity recap https://www.helpnetsecurity.com/2024/06/25/cybersecurity-funding-q2-2024/ #SublimeSecurity #NagomiSecurity #StepSecurity #StrikeReady #TraceableAI #XONASystems #DropzoneAI #investment #Transcend #YesWeHack #Huntress #Semperis #SOCRadar #Alethea #BforeAI #Simbian #Island #LayerX #Entro #News #HYPR #PVML
-
SOCRadar raises $25.2 million to accelerate investments in key areas https://www.helpnetsecurity.com/2024/05/23/socradar-funding-25-2-million/ #Industrynews #SOCRadar
-
SOCRadar raises $25.2 million to accelerate investments in key areas https://www.helpnetsecurity.com/2024/05/23/socradar-funding-25-2-million/ #Industrynews #SOCRadar
-
SOCRadar raises $25.2 million to accelerate investments in key areas https://www.helpnetsecurity.com/2024/05/23/socradar-funding-25-2-million/ #Industrynews #SOCRadar
-
SOCRadar raises $25.2 million to accelerate investments in key areas https://www.helpnetsecurity.com/2024/05/23/socradar-funding-25-2-million/ #Industrynews #SOCRadar
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
SOCRadar Raises $25M Series B for Threat Intel Tech https://www.securityweek.com/socradar-raises-25m-series-b-for-threat-intel-tech/ #ThreatIntelligence #Funding/M&A #SOCRadar #SeriesB
-
Wieder einmal ein #Cyber Upsi bei #Microsoft: Sicherheitsforscher von #SOCRadar fanden einen frei zugänglichen #Azure Storage Server, welcher unter Anderem Passwörter und Keys zu internen Systemen enthielt. Nach der Information dauerte es fast einen Monat, bis der Zugang gesperrt wurde. Ein Statement gibtt es bisher nicht. https://www.neowin.net/news/a-security-group-found-a-microsoft-server-with-key-data-that-was-not-password-protected/
-
Wieder einmal ein #Cyber Upsi bei #Microsoft: Sicherheitsforscher von #SOCRadar fanden einen frei zugänglichen #Azure Storage Server, welcher unter Anderem Passwörter und Keys zu internen Systemen enthielt. Nach der Information dauerte es fast einen Monat, bis der Zugang gesperrt wurde. Ein Statement gibtt es bisher nicht. https://www.neowin.net/news/a-security-group-found-a-microsoft-server-with-key-data-that-was-not-password-protected/
-
Wieder einmal ein #Cyber Upsi bei #Microsoft: Sicherheitsforscher von #SOCRadar fanden einen frei zugänglichen #Azure Storage Server, welcher unter Anderem Passwörter und Keys zu internen Systemen enthielt. Nach der Information dauerte es fast einen Monat, bis der Zugang gesperrt wurde. Ein Statement gibtt es bisher nicht. https://www.neowin.net/news/a-security-group-found-a-microsoft-server-with-key-data-that-was-not-password-protected/