Blog

Latest articles from SOCRadar

How Can SOC Analysts Benefit from Cyber Threat Intelligence?
November 15, 2022

How Can SOC Analysts Benefit from Cyber Threat Intelligence?

A modern-day SOC is made from three components: people, processes, and technologies. In the people factor, a SOC team accounts for the provision of IT security services via detecting potential cyber threats and attacks actively,… Continue Reading

FIFA World Cup 2022 Qatar: Dark Web & Phishing Landscape Analysis
November 15, 2022

FIFA World Cup 2022 Qatar: Dark Web & Phishing Landscape Analysis

FIFA World Cup 2022 will be organized in Qatar from November 20 to December 18, 2022. Predictions show that 1.5 million people will travel to Qatar to watch the tournament, which national teams from 32… Continue Reading

November 14, 2022

The Week in Dark Web – 14 November 2022 – Access Sales and Data Leaks

Powered by DarkMirror™ November is the time of year when shopping sites are most targeted by threat actors. Just two weeks have passed, but there are many shopping sites' databases and access sales on the… Continue Reading

Manufacturing Industry Pays the Highest Average Ransom at $2.04M
November 14, 2022

Manufacturing Industry Pays the Highest Average Ransom at $2.04M

The past five years have witnessed the evolution of threat actors in ransomware. These developments, both operationally and technically, have significantly increased the damage done by ransomware groups. Ransomware gangs are no longer content with… Continue Reading

Penetration Testing vs. External Attack Surface Management vs. Vulnerability Management
November 14, 2022

Penetration Testing vs. External Attack Surface Management vs. Vulnerability Management

In an environment where attack methods are diversified, threat actors are constantly improving, massive attacks, data breaches, digital frauds, and ransomware attacks continue unabated. And it becomes more challenging to secure cyberspace.  To cope with… Continue Reading

All You Need to Know About the Latest OpenLiteSpeed Vulnerabilities
November 13, 2022

All You Need to Know About the Latest OpenLiteSpeed Web Server Vulnerabilities

Researchers have discovered three different vulnerabilities, two of which are assigned a high severity rating and respectively used in the attack chain in the OpenLiteSpeed web server. According to some sources, it could be ranked… Continue Reading

What is Password Analyzer?
November 11, 2022

What is Password Analyzer?

A password strength checker is an online application that assesses the security of a user’s password in real-time by analyzing its grammar and highlighting possible vulnerabilities.  The program verifies the usage of certain sequences of… Continue Reading

The Ultimate OSINT Handbook on Personal Information
November 10, 2022

The Ultimate OSINT Handbook on Personal Information

OSINT is a term that refers to the process of gathering information from publically accessible sources. These sources include but are not limited to newspapers, television, blogs, tweets, social media, photos, podcasts, and videos that… Continue Reading

Major Cyber Attacks in Review October 2022
November 10, 2022

Major Cyber Attacks in Review: October 2022

Major cyberattacks of the last month include data leaks, security breaches, phishing attacks, and much more. Here are the top cyber incidents of October 2022. The MyDeal Data Breach Affects 2.2M Customers, and Stolen Data… Continue Reading

Vulnerability Management Best Practices
November 9, 2022

Vulnerability Management Best Practices

Every day, new vulnerabilities emerge, and multiplying proliferating vulnerabilities throughout today's complex technology contexts yield a never-ending risk hamster wheel. That's why vulnerability management has been a crucial component of any organization's security program for… Continue Reading

Microsoft November 2022 Patch Tuesday Fixed 11 Critical Vulnerabilities and 6 Zero-Days
November 9, 2022

Microsoft November 2022 Patch Tuesday Fixed 11 Critical Vulnerabilities and 6 Zero-Days

What are the Vulnerabilities?  Microsoft November 2022 Patch Tuesday has been released with patches for a total of 68 vulnerabilities, which include 6 actively exploited zero days and 11 critical vulnerabilities. The number for each… Continue Reading

All You Need To Know About the Critical Citrix ADC and Gateway Auth Bypass Vulnerabilities
November 9, 2022

All You Need To Know About the Critical Citrix Vulnerabilities

In a security bulletin on November 08, 2022, Citrix warned its customers using Citrix ADC and Citrix Gateway to install updates to patch three vulnerabilities, one of which was assessed as critical. The three vulnerabilities could allow attackers to bypass… Continue Reading

How Should CISOs Prepare on the Current Cyberthreat Landscape?
November 8, 2022

How Should CISOs Prepare on the Current Cyberthreat Landscape?

Recent research by John Sakellariadis for the Atlantic Council delves deeper into the emergence of ransomware over the past ten years. It is well worth reading for CISOs trying to comprehend this sector.  The Rise of Ransomware … Continue Reading

Top Critical Vulnerabilities Used by Ransomware Groups
November 7, 2022

Top Critical Vulnerabilities Used by Ransomware Groups

As ransomware attacks have grown in popularity recently, researchers have begun compiling an easy-to-follow list of vulnerabilities exploited by ransomware groups. So organizations would be aware of which security flaws ransomware gangs use to gain… Continue Reading

November 7, 2022

The Week in Dark Web – 7 November 2022 – Data Leaks and Access Sales

Powered by DarkMirror™ Threat actors continued to sell databases and access to organizations' systems on hacker forums last week. Check out the latest dark web summary and see what's happening on the dark side. Find… Continue Reading

Hacktivist Group Black Reward Leaked Iran's Nuclear Program Secrets
November 4, 2022

Hacktivist Group Black Reward Leaked Iran’s Nuclear Program Secrets

Iran's Atomic Energy Organization announced on Sunday, October 23, that foreign country-backed hackers had hacked an email system belonging to the organization's subsidiaries. On the other hand, the Iranian hacktivist group Black Reward claimed responsibility… Continue Reading

Fortinet Fixes Six Serious Vulnerabilities
November 3, 2022

Fortinet Fixes Six Serious Vulnerabilities

Including six vulnerabilities with a high severity rating, Fortinet warned customers on Tuesday (1 November) of 16 vulnerabilities found in the company's devices.  Improper neutralization of input during web page generation vulnerability (CVE-2022-35842) in FortiADC… Continue Reading

Dark Web Stories: DDoS as a Service
November 2, 2022

Dark Web Stories: DDoS as a Service

DoS (Denial-of-service attacks) are frequently encountered in the cyber world and result in violation of the availability of online services. When this attack is made with the help of many computers (botnets), it is called… Continue Reading

What Do You Need to Know About New Critical Vulnerability in OpenSSL
November 1, 2022

OpenSSL Announced Two High-Severity Vulnerabilities Are Fixed

On November 1, Version 3.0.7 of OpenSSL was released to fix two high-severity vulnerabilities (CVE-2022-3602 and CVE-2022-3786). Despite the initial announcement, the severity of both vulnerabilities was assessed as high rather than critical. The vulnerabilities affect the OpenSSL version 3.0.0… Continue Reading

LockBit Responsible for 1/3 of Ransomware Attacks Targeting Financial Industry
November 1, 2022

LockBit Responsible for 1/3 of Ransomware Attacks Targeting Financial Industry

In the first eight months of 2022, the SOCRadar CTIA Team examined 1,700 ransomware threats published on dark web forums and hacker channels. 4.5% of these posts were related to the financial industry, targeting financial… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo