Blog

Latest articles from SOCRadar

IBM Report: Data Breach Costs Higher Than Ever
August 3, 2022

IBM Report: Data Breach Costs Higher Than Ever

IBM has published the Cost of a Data Breach report, which reveals how organizations from different industries are affected by data breaches and set future cybersecurity predictions. According to the report, financial losses incurred by… Continue Reading

VMware Fixes Critical Vulnerabilities Including RCE and Authentication Bypass
August 3, 2022

VMware Fixes Critical Vulnerabilities Including RCE and Authentication Bypass

With the security update released Tuesday, VMware fixed ten vulnerabilities affecting some of its products. One is the authentication bypass vulnerability, which is critical with a CVSS score of 9.8. Three RCE vulnerabilities are also… Continue Reading

How to Detect Reconnaissance Using MITRE ATT&CK Framework
August 2, 2022

How to Detect Reconnaissance Using MITRE ATT&CK Framework

In this article, we will look at the reconnaissance techniques from the MITRE ATT&CK framework’s point of view and discuss how to detect cyberattacks using MITRE ATT&CK Framework, and how we can protect ourselves and… Continue Reading

Banking Trojans Distributed on Google Play Store in DawDropper Campaign
August 2, 2022

Banking Trojans Distributed on Google Play Store in DawDropper Campaign

Cybersecurity researchers have uncovered a new campaign to distribute banking trojans on the Google Play Store. These "Droppers" make it difficult to detect threat actors and are highly effective for malware distribution. This software, becoming increasingly… Continue Reading

Insider Threats Rising: Average Cost of an Incident is $6.6M
August 1, 2022

Insider Threats Rising: Average Cost of an Incident is $6.6M

The annual Cost of a Data Breach Report, featuring research by Ponemon Institute, offers insights from 550 actual breaches to help you understand cyber risk in a changing world. Research shows that insider threats cause… Continue Reading

Vulnerabilities in Atlassian Confluence Actively Exploited
July 29, 2022

Vulnerabilities in Atlassian Confluence Actively Exploited

The critical hard-coded credentials flaw in Atlassian's Questions For Confluence app (CVE-2022-26138) has been actively exploited in the wild a week after the patches were made available for it. The flaw only exists on servers that enabled… Continue Reading

Top 5 Free Attack Surface Management Tools
July 28, 2022

Top 5 Free Attack Surface Management Tools

Attack surface management is the continual identification, monitoring, assessment, prioritizing, and remediation of attack vectors within an organization's IT infrastructure.  What is Attack Surface Management?  While similar in nature to asset discovery or asset management, frequently… Continue Reading

Threats of Commercialized Malware: Knotweed
July 28, 2022

Threats of Commercialized Malware: Knotweed

Microsoft associates the private sector offensive actor (PSOA) Knotweed with the Austrian spyware distributor DSIRF. DSIRF, founded in 2016, advertises itself as an information research company that performs security and analysis tasks for the red team while… Continue Reading

Does the Killnet Pose a Serious Threat to Our Industry?
July 28, 2022

Does the Killnet Pose a Serious Threat to Our Industry?

Killnet is a pro-Russian hacktivist group known for its DoS and DDoS attacks on government institutions and companies in multiple countries while the Russian invasion of Ukraine in 2022. The group even declared war on… Continue Reading

Ducktail Malware Targets Facebook Business Accounts via LinkedIn Phishing Attack
July 27, 2022

Ducktail Malware Targets Facebook Business Accounts via LinkedIn Phishing Attack

A new phishing attempt with the codename Ducktail is in progress and targets LinkedIn users who work in the field to hijack Facebook business accounts that control the firm's advertising.  It has been reported that… Continue Reading

What is Domain Hijacking and How to Prevent
July 26, 2022

What is Domain Hijacking and How to Prevent

Domain hijacking attacks can have many damaging consequences, such as the exposure of sensitive data and financial and reputational damage to organizations. These attacks can result in major data breaches and leaks. This article tells… Continue Reading

Zero Day Security Flaw Exploited in PrestaShop Websites
July 26, 2022

Zero-Day Security Flaw Exploited in PrestaShop Websites

Attackers discovered a way to exploit a vulnerability in PrestaShop servers. The actively exploited zero-day, CVE-2022-36408, allows attackers to execute arbitrary code in an SQL injection attempt and possibly steal customer payment information. Nearly 300,000… Continue Reading

Top 5 Tools for Phishing Domain Detection
July 25, 2022

Top 5 Tools for Phishing Domain Detection

Phishing attacks have victimized many users and companies for years, and it seems they will continue to do so. Many security measures have been taken against such attacks. However, the attackers develop new TTPs with the… Continue Reading

SonicWall Released Hotfix for Critical SQL Injection Flaw
July 25, 2022

SonicWall Released Hotfix for Critical SQL Injection Flaw

A severe SQL injection vulnerability has been reported by network security vendor SonicWall in their security advisory. It affects the GMS (Global Management System) and Analytics On-Prem products.  Which SonicWall Products Are Affected? Product Affected Versions Fixed Versions GMS 9.3.1-SP2-Hotfix1… Continue Reading

What is Deep Web Monitoring?
July 22, 2022

What is Deep Web Monitoring?

There are a variety of network monitoring and perimeter protection solutions available for both personal and commercial networks. Nevertheless, even the most protected businesses may fall prey to a cyber assault. The terrifying aspect of this… Continue Reading

Cisco Released Patches for Multiple Nexus Dashboard Vulnerabilities
July 22, 2022

Cisco Released Patches for Multiple Nexus Dashboard Vulnerabilities

Cisco announced that it has released security updates for vulnerabilities detected in the Nexus Dashboard. The security flaws include a high-risk arbitrary command execution vulnerability. By exploiting this vulnerability, threat actors can connect to the system remotely and… Continue Reading

Dark Web Threat Profile: pompompurin
July 21, 2022

Dark Web Threat Profile: pompompurin

[Update] June 26, 2023: BreachForums was seized by the FBI three months after the arrest of its administrator. Added the subheading “FBI Seizes BreachForums After Arrest of Admin.” [Update] June 20, 2023: Rival forums leak… Continue Reading

What is BEC Attack and How to Prevent it?
July 21, 2022

What is BEC Attack and How to Prevent it?

BEC attack is a type of social engineering attack that takes place over email and the attacker aims for financial gain. Often, attackers aim to trick employees into sending money or valuable personal data (PII)… Continue Reading

Atlassian Patched Critical Vulnerability That Affects Confluence Servers
July 21, 2022

Atlassian Patched Critical Vulnerability That Affects Confluence Servers

Atlassian announced that it has released an update for a critical vulnerability affecting its Confluence Server and Data Center products. The vulnerability, which allows unauthenticated actors to gain remote access, is tracked with the code… Continue Reading

What is Spoofing Attack and How to Prevent It?
July 20, 2022

What is Spoofing Attack and How to Prevent It?

In the context of cybersecurity, spoofing is the act of impersonating another entity to earn our trust, obtain access to our systems, steal data, steal money, or transmit malware. How Does Spoofing Work? Spoofing often consists of… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo