News, Trends, and Insights for IT & Managed Services Providers
News, Trends, and Insights for IT & Managed Services Providers
Business of Tech | SOCRadar Responds to Scraping Allegations

Here’s a … not breach.   SOCRadar responded to claims by a threat actor alleging the scraping of 330 million emails, confirming that their internal systems were not breached. The actor accessed the platform using a legitimate license, collecting publicly available email addresses from Telegram channels without exploiting any vulnerabilities. SOCRadar has found no risk to customer data and is enhancing security measures while maintaining communication with law enforcement. They are committed to client security and will provide updates as necessary.

A security researcher revealed at Black Hat 2024 that two zero-day vulnerabilities in Windows allow downgrade attacks, enabling attackers to “unpatch” fully updated systems and reintroduce old vulnerabilities. Microsoft has issued advisories for these vulnerabilities (CVE-2024-38202 and CVE-2024-21302) but has not yet released a fix. The downgrade attacks can compromise critical OS components and disable Windows virtualization-based security, making previously patched systems susceptible to exploitation. Microsoft is working on mitigations but acknowledges the significant implications for Windows and other operating systems.

Other highlights from DefCon and Black Hat included the hacking of Ecovac robots for surveillance, a security researcher’s infiltration of the LockBit ransomware gang, the development of a laser microphone for keystroke surveillance, and a prompt injection technique that exploits Microsoft Copilot. Additionally, vulnerabilities in ransomware leak sites helped save six companies from ransom payments.

Why do we care?

SOCRadar’s answer is certainly something.   Not a breach, and using the product legitimately, email addresses were collected.    And they’re enhancing security.     Huh.     

I’m thankful for ethical security researchers spending time on making infrastructure safer.  

Choose your upgrade:

Get the full benefits of Business of Tech Plus

Insider Access

$12/month

Perfect for MSPs and ITSPs that want full interviews, early access, and ad-free listening

  • Programmatic Ad-free private podcast feedSame show, little interruptions
  • Channel Chatter previews1–2 topics with light insights
  • Early access to interview episodesHear it days before public release
  • Monthly Insider BriefTighter analysis you can share internally
  • Extra audio segmentsCut interviews, behind-the-scenes commentary, quick competitive notes
  • Become an Insider for $12/month

    Leadership Access

    $149/month

    Perfect for MSPs and Vendors that run a team and need the extended tactics, executive summaries, and weekly alignment brief

  • All Insider Access benefits plus . . .
  • Invite your teamIncludes access for 5 team members with option to add more
  • Vendor Strategy BriefsThe entire library, plus new analysis every month
  • Channel ChatterAll topics, full insights, complete vendor discussion + sentiment list
  • Quarterly State of the Channel Briefing
  • Monthly AMA submission priorityAsk Dave direct questions, and skip the line
  • Get the Leadership Edge for $149/month

    Vendor Partner

    $500/month

    Perfect for channel companies or vendors looking to deepen their engagement with the show.

  • All Leadership Access benefits plus . . .
  • Get highlighted as a show sponsor You'll get placement in the show notes, throughout the website, and on our dedicated sponsors page.
  • Enjoy regular shout outs You'll be featured in a rotating format during the show
  • Become a show sponsor for $500/month

    Search all stories