Blog

Latest articles from SOCRadar

What-is-Third-Party-Risk-Management
January 25, 2022

What is Third-Party Risk Management?

Third-party risk management (TPRM) is a type of risk management that focuses on identifying and mitigating risks associated with the usage of third-party vendors (sometimes referred to as vendors, suppliers, partners, contractors, or service providers).… Continue Reading

Dozens-of-WordPress-Plugins-Backdoored-in-Supply-Chain-Attack
January 24, 2022

Dozens of WordPress Plugins Backdoored in Supply Chain Attack

Dozens of WordPress themes and plugins hosted on a developer's website were backdoored in a supply chain attack. with malicious code in September 2021 with the goal of infecting further sites. The backdoor gave the… Continue Reading

January 24, 2022

The Week in Dark Web – 24 January 2022 – Ransomware Attacks and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

January 21, 2022

New Free Service from SOCRadar LABS: ‘External Attack Discovery’

At SOCRadar LABS, we're proud to introduce a Free External Attack Discovery service for cybersecurity professionals.  External attack surface monitoring of applications is the continuous practice of looking for vulnerabilities and anomalies that could take… Continue Reading

January 20, 2022

SOCRadar New Threat Landscape Report: Financial Institutions are Most Targeted Sector in the UK

SOCRadar Threat Landscape Report provides U.K. organizations with an understanding of evolving cyber threats relevant to their geographical operating locations to enable security leaders to make better decisions. The intelligence provided in this report can… Continue Reading

What-are-CVSS-Scores
January 19, 2022

What are CVSS Scores?

The Common Vulnerability Scoring System (also known as CVSS) assigns a number value (0-10) to the severity of a security vulnerability. CVSS scores are often used by security professionals as part of a vulnerability management… Continue Reading

Microsoft-Releases-Emergency-Updates-for-Windows-Server-2019
January 19, 2022

Microsoft Releases Emergency Updates for Windows Server 2019

Microsoft has released "out-of-band" emergency updates to fix various critical bugs that emerged after its updates for January. Updates have also been released for Windows Server 2019, which is not included in Microsoft's mass-released updates. Various… Continue Reading

January 18, 2022

What Do You Need to Know About the Recent Operation of FSB Russia on REvil Ransomware Group

On January 14, 2022, the Russian Federal Security Service (FSB) arrested members of the REvilransomware gang at the request of US authorities. According to a statement from the FSB, a combined operation with the Russian… Continue Reading

January 17, 2022

The Week in Dark Web – 17 January 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

What-is-a-Security-Operations-Center-SOC-Ultimate-Guide
January 17, 2022

What is a Security Operations Center (SOC)? (Ultimate Guide)

A Security Operation Center (SOC) is a centralized function inside an organization that uses people, processes, and technology to continually monitor and enhance an organization’s security posture while preventing, detecting, analyzing, and responding to cybersecurity… Continue Reading

Cisco-Fixes-a-Critical-Flaw-in-Unified-CCMP-and-Unified-CCDM
January 14, 2022

Cisco Fixes a Critical Flaw in Unified CCMP and Unified CCDM

Cisco fixed a critical privilege escalation vulnerability, tracked as CVE-2022-20658, in Unified CCMP and Unified CCDM.On the other hand, unofficial updates have been released for the RemotePoato0 vulnerability, which Microsoft did not update. "The good news is… Continue Reading

January 13, 2022

What is Cryptocurrency Mining Malware?

A cryptocurrency is a form of digital currency stored on decentralized networks. These decentralized networks are called blockchains, consisting of many systems called nodes. Blockchains are decentralized networks in which no single authority controls the… Continue Reading

January 12, 2022

How Does Cyber Security Support Business Intelligence?

The second guide that we have prepared for cyber security experts and administrators is about “business intelligence”. Cybercrime has catastrophic consequences in today's corporate environment, including revenue and profit loss, brand ruin, erosion of consumer… Continue Reading

January 12, 2022

Microsoft Fixes Six Zero-Days and 97 Flaws Including an Exchange Vulnerability

Microsoft fixes a total of 97 security vulnerabilities, including six zero-day vulnerabilities.  In an update, the company announced that the critical vulnerability that emerged in the Microsoft Exchange service recently and the critical vulnerability in… Continue Reading

Ultimate-Guide-Using-Artificial-intelligence-in-Cybersecurity
January 11, 2022

Using Artificial Intelligence in Cybersecurity (Ultimate Guide)

Welcome to the first of our ultimate guides on some topics related to cybersecurity: AI vs. cybersecurity. In these compilations, we will try to answer the questions that come to mind about some hot issues.… Continue Reading

AvosLockers-New-Linux-Variant-Targets-VMware-ESXi-Servers
January 11, 2022

AvosLocker’s New Linux Variant Targets VMware ESXi Servers

A Linux variant of the AvosLocker gang, which first appeared in the summer of 2021 and conducted its operations in RaaS style, targeting VMware ESXi virtual machines, has emerged. AvosLocker, which carries out its VMware… Continue Reading

January 10, 2022

The Week in Dark Web – 10 January 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ This week’s edition covers the latest dark web news from the past week. Again, rise of ransomware attacks, some database thefts, and stealing customer data, that took their place on the headlines… Continue Reading

AvosLockers-New-Linux-Variant-Targets-VMware-ESXi-Servers
January 10, 2022

SonicWall Patches Y2K22 Bug in Email Security

Maybe you remember the Y2K problem, a problem that refers to a computer glitch identified in some software systems that could have disrupted the transition from the year 1999 to 2000. It looks like reappeared… Continue Reading

how-to-protect-employees-against-phishing-attacks
January 7, 2022

How to Protect Employees Against Phishing Attacks?

The Cybersecurity and Infrastructure Security Agency (CISA) has mentioned in Avoiding Social Engineering and Phishing Attacks on August 25, 2020; an attacker utilizes human contact (social skills) to gather or compromise information about an organization… Continue Reading

What-Do-You-Need-To-Know-About-Cloud-Web-Application-Firewall-WAF
January 6, 2022

What Do You Need To Know About Cloud Web Application Firewall (WAF)

A cloud Web Application Firewall (WAF) is a security application running on the cloud that tracks the traffic between the user and the web servers to filter and block malicious packages traveling back and forth… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo