Latest articles from SOCRadar
Monitoring the dark web and keeping up with what threat actors are talking about your brand and assets is an extremely important action for enterprises. However, besides the fact that getting into the dark web… Continue Reading
Nation-state threat actors breached the supply chain of SolarWinds to infiltrate its customers including U.S. government agencies and Fortune 500 companies. At least 18,000 organizations likely downloaded the malicious update, and thus suffered in the… Continue Reading
The ATT&CK framework is a powerful tool to improve cyber defence and to create a more effective SOC. According to the SANS report, the MITRE ATT&CK creates; The threat intelligence groups that are known to… Continue Reading
Poor password habits are found everywhere, even in big companies despite the password policies required. The credential leak is one of the most common use cases for a variety of sectors, and enterprises have no… Continue Reading
One of the trends in cybersecurity that should be noted is the continuing need to further improve the relevant cybersecurity rules. As technology companies operate with big data, it is up to cybersecurity experts to… Continue Reading
The cyber threat landscape is evolving rapidly, and threat intelligence data is becoming more and more important as cyber-threat actors launch new campaigns and eventually come into contact with each other. Digital fraud is rising… Continue Reading
The billions of login credentials available on the dark web make it easy for cybercriminals to steal login credentials. It has been widely reported that automated access data - the plug-in attack has found its… Continue Reading
Threat intelligence platforms (TIP) are critical security tools that use global security data to help proactively identify, mitigate, and remediate security threats. Every day there are unique and ever-changing challenges. Whilst security experts know that… Continue Reading
What you need to know Nation-state threat actors breached the supply chain of SolarWinds in order to infiltrate its customers including U.S. government agencies and Fortune 500 companies. On December 13, 2020, the security vendor… Continue Reading
In several VPN products worldwide, APTs target vulnerabilities. This is an ongoing activity directed at multinational organizations. Including government, military, academic, industry, and medical care industries. The open-source is well known for these vulnerabilities, and… Continue Reading
Websites are the most critical assets and most important components of your business. They are a linking bridge between your products and services, and the potential targeted customers. With well designed and properly secured websites,… Continue Reading
New work order: Remote workforce The COVID-19 virus, which emerged in the last months of 2019 and caused the announcement of a pandemic, led to a sudden change in daily norms for companies and employees,… Continue Reading
What’s business email compromise and why is it dangerous? BEC is an attack in which an attacker gains access to a business email account and imitates the identity of the owner in order to defraud… Continue Reading
Data protection regulations Data protection is an essential process in keeping important information safe and away from threat actor compromise. The criticality of this process is drastically increasing with the increase of data itself being… Continue Reading
Cybercriminals use encrypted ransomware that has become the most common type because it is difficult to crack the encryption and remove the malware. All the stuff you keep on your PC is encrypted by malicious… Continue Reading
For mobile and web applications, credential stuffing attacks are considered among the top threats. While on average hackers can find matches between the stolen credentials, the credential stuffing gets simpler and more efficient. These kinds… Continue Reading
Threat intelligence is an emerging concept, recently needed in all industries, to protect companies from attacks. Gathering this intelligence should be done by a separate, qualified team, however, this is still not quite the case… Continue Reading
OSINT(Open Source Intelligence) can be used by attackers to identify assets and gather other useful information before the attack is initiated. Asset discovery takes a constructive approach which allows companies to recognize prior risk areas.… Continue Reading
Who are CTI analysts? Cyber threat analysts are specialists in cyber threat, who use their analytical and technological skills to address complex cyber threat challenge issues, generate detailed reports, and brief the company on short… Continue Reading
Phishing - tricking people since "forever" Scammers have always existed, luring people into giving them their valuables or simply tricking them to achieve their goals. Before early technological inventions, you had to be more creative… Continue Reading