Latest articles from SOCRadar
50% of Fortune 500 companies have been compromised by APTs.[1] More than 90% of intrusions aren't even discovered by the victims themselves but through third-party notification. Open Source Intelligence (OSINT) is not only useful but… Continue Reading
Powered by DarkMirror™ This week's edition covers the latest dark web news from the past week. Database sale of an Israeli company, 2M Indonesian citizens PII data leak, Cobalt Strike new edition on sale are… Continue Reading
!!!FOR EDUCATIONAL AND RESEARCH PURPOSES ONLY!!! The demand for malicious and illegal products, services, and data has hit new peaks across dark web marketplaces (DWMs), due to COVID19 and related global trends. The vendors on… Continue Reading
According to the latest Nilson report from 2019, the cost of payment card fraud was $28 billion worldwide in 2019. Similarly, the Federal Trade Commission reports the majority of the fraud losses reported to them… Continue Reading
Powered by DarkMirror™ This week's edition covers the latest dark web news from the past week. Paypal user credentials leak, Fortune 500 company network access sale, ransomware attacks on various companies from different backgrounds like… Continue Reading
A recent study from EMC suggests that data loss and downtime result in losses of $ 1.7 trillion each year.[1] Since shadow IT is an operation that is often carried out unwittingly, companies do not… Continue Reading
Powered by DarkMirror™ This week's edition covers the latest dark web news from the past week. Linkedin user data leak, RDP credential sales, ransomware attacks on worldwide companies and government institutions were among them Here… Continue Reading
The news of the state-sponsored attacks last year on up to 18,000 customers of the SolarWinds is just worsening. The SolarWinds attacks were confirmed by the New York Times to have infiltrated, as was first… Continue Reading
Powered by DarkMirror™ This week's edition covers the latest dark web news from the past week, including major RDP credential sales, ransomware attacks on global corporations, and even some government organizations. Here is the breakdown… Continue Reading
STIX and TAXII were developed to improve cyber threat detection and mitigation. STIX stipulates the details of the threat, while TAXII decides the flow of information. STIX and TAXII are machine-readable and thus conveniently automated,… Continue Reading
Google reported that it served more than 400 billion DNS queries per day.[1] Furthermore, Let’s Encrypt issues around 600,000 digital certificates per day. These statistics alone can show how critical DNS security is. Many monitoring… Continue Reading
Monitoring the dark web and keeping up with what threat actors are talking about your brand and assets is an extremely important action for enterprises. However, besides the fact that getting into the dark web… Continue Reading
Since the 1970s, criminal activities have been coordinated via the internet. However, these early examples would have been rendered in person by way of closed networks and the direct transactions of money and commodities. The… Continue Reading
According to a recent report[1], more than half of the email service on the Internet were impacted by remote code execution attacks. RCE vulnerabilities are one of the most dangerous of their kind as attackers… Continue Reading
Monitoring the dark web and keeping up with what threat actors are talking about your brand and assets is an extremely important action for enterprises. However, besides the fact that getting into the dark web… Continue Reading
Nation-state threat actors breached the supply chain of SolarWinds to infiltrate its customers including U.S. government agencies and Fortune 500 companies. At least 18,000 organizations likely downloaded the malicious update, and thus suffered in the… Continue Reading
The ATT&CK framework is a powerful tool to improve cyber defence and to create a more effective SOC. According to the SANS report, the MITRE ATT&CK creates; The threat intelligence groups that are known to… Continue Reading
Poor password habits are found everywhere, even in big companies despite the password policies required. The credential leak is one of the most common use cases for a variety of sectors, and enterprises have no… Continue Reading
One of the trends in cybersecurity that should be noted is the continuing need to further improve the relevant cybersecurity rules. As technology companies operate with big data, it is up to cybersecurity experts to… Continue Reading
The cyber threat landscape is evolving rapidly, and threat intelligence data is becoming more and more important as cyber-threat actors launch new campaigns and eventually come into contact with each other. Digital fraud is rising… Continue Reading