Blog

Latest articles from SOCRadar

January 23, 2021

Dark Web Slang

Monitoring the dark web and keeping up with what threat actors are talking about your brand and assets is an extremely important action for enterprises. However, besides the fact that getting into the dark web… Continue Reading

by
January 18, 2021

The 8 Key Lessons From the SolarWinds Attacks

Nation-state threat actors breached the supply chain of SolarWinds to infiltrate its customers including U.S. government agencies and Fortune 500 companies. At least 18,000 organizations likely downloaded the malicious update, and thus suffered in the… Continue Reading

by
January 10, 2021

Create More Effective SOC With the Mitre ATT&CK Framework

The ATT&CK framework is a powerful tool to improve cyber defence and to create a more effective SOC. According to the SANS report, the MITRE ATT&CK creates; The threat intelligence groups that are known to… Continue Reading

by
January 7, 2021

How Hackers Find Your CEO’s Password and Abuse It

Poor password habits are found everywhere, even in big companies despite the password policies required. The credential leak is one of the most common use cases for a variety of sectors, and enterprises have no… Continue Reading

by
January 6, 2021

2020: The Year in Cybersecurity

One of the trends in cybersecurity that should be noted is the continuing need to further improve the relevant cybersecurity rules. As technology companies operate with big data, it is up to cybersecurity experts to… Continue Reading

by
December 21, 2020

All You Need To Know About Open Source Threat Intelligence Sharing Platform: MISP

Threat intelligence platforms (TIP) are critical security tools that use global security data to help proactively identify, mitigate, and remediate security threats. Every day there are unique and ever-changing challenges. Whilst security experts know that… Continue Reading

by
December 15, 2020

Sunburst/Solorigate SolarWinds Supply Chain Backdoor Attack

What you need to know Nation-state threat actors breached the supply chain of SolarWinds in order to infiltrate its customers including U.S. government agencies and Fortune 500 companies. On December 13, 2020, the security vendor… Continue Reading

by
December 13, 2020

Top Vulnerabilities Exploited in VPNs in 2020

In several VPN products worldwide, APTs target vulnerabilities. This is an ongoing activity directed at multinational organizations. Including government, military, academic, industry, and medical care industries. The open-source is well known for these vulnerabilities, and… Continue Reading

by
December 10, 2020

How To Learn Which 3rd Party Libraries Your Website Is Using?

Websites are the most critical assets and most important components of your business. They are a linking bridge between your products and services, and the potential targeted customers. With well designed and properly secured websites,… Continue Reading

by
December 6, 2020

How Pandemic Affected Information Security

New work order: Remote workforce The COVID-19 virus, which emerged in the last months of 2019 and caused the announcement of a pandemic, led to a sudden change in daily norms for companies and employees,… Continue Reading

by
November 30, 2020

How To Detect and Prevent Business Email Compromise (BEC) Attacks?

What’s business email compromise and why is it dangerous? BEC is an attack in which an attacker gains access to a business email account and imitates the identity of the owner in order to defraud… Continue Reading

by
November 25, 2020

How To Find Domain Ownership in the GDPR Era

Data protection regulations Data protection is an essential process in keeping important information safe and away from threat actor compromise. The criticality of this process is drastically increasing with the increase of data itself being… Continue Reading

by
ransomware attacks
November 22, 2020

Top 5 Critical Vulnerabilities Behind Ransomware Attacks

Cybercriminals use encrypted ransomware that has become the most common type because it is difficult to crack the encryption and remove the malware. All the stuff you keep on your PC is encrypted by malicious… Continue Reading

by
November 12, 2020

Free Threat Intelligence Courses

Threat intelligence is an emerging concept, recently needed in all industries, to protect companies from attacks. Gathering this intelligence should be done by a separate, qualified team, however, this is still not quite the case… Continue Reading

by
November 5, 2020

OSINT for Digital Asset Discovery

OSINT(Open Source Intelligence) can be used by attackers to identify assets and gather other useful information before the attack is initiated. Asset discovery takes a constructive approach which allows companies to recognize prior risk areas.… Continue Reading

by
Futuristic business investment information technology
October 29, 2020

The Role of Cyber Threat Intelligence Analyst

Who are CTI analysts? Cyber threat analysts are specialists in cyber threat, who use their analytical and technological skills to address complex cyber threat challenge issues, generate detailed reports, and brief the company on short… Continue Reading

by
fire and water fists
October 25, 2020

How To Takedown Phishing Domains for Free

Phishing - tricking people since "forever" Scammers have always existed, luring people into giving them their valuables or simply tricking them to achieve their goals. Before early technological inventions, you had to be more creative… Continue Reading

by
SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo