Latest articles from SOCRadar
There are a few standards and formats for timely and more effective exchange of sensitive intelligence, and Traffic Light Protocol, better known as TLP, is one of them. In other words, TLP is a comprehensive… Continue Reading
Open Source Intelligence, better known as OSINT, is a technology that refers publicly available and open sources of information (as opposed to covert or secret sources) used in connection with intelligence. OSINT is information that… Continue Reading
For a better security posture, you need to be aware of what is going on around your industry vector and not just around your company. Thousands of breaches and millions of attacks can occur every… Continue Reading
For better security functioning, all organizations need reliable but also real-time cyber threat intelligence. Producing threat intelligence is a complex process and goes through a 5-staged cycle. We have previously written a blog explaining each… Continue Reading
Real-time and reliable cyber threat intelligence is essential for the security functions of organizations. It is leveraged by organizations of different sizes to understand adversary behavior and stay prepared for emerging threats. Producing it is… Continue Reading
Data. Information. Intelligence. Oftentimes confused by people, these very different terms can not be used interchangeably but have a tight connection between each other. The order goes like this: Data is collected, then assembled into… Continue Reading
GitHub is a standard when it comes to sharing code among developers. It is the most essential platform used by developers in every company, and despite the broad usage, there are still bad practices made… Continue Reading
The deep web is the underground of the whole web. Accessing it is not quite difficult, but you need to follow some basic steps in order to retain your privacy. We previously wrote a blog… Continue Reading
You have definitely heard there is a deep side to the internet where not everyone can access it. That is considered by many as hazardous and even illegal. We have prepared this blog post to… Continue Reading
In part 1 of this blog series, we discussed a few popular osint tools that help developer’s find leaked information from their GitHub projects: GitGrabber, GitLeaks, Gitminer, Gitrob. In this part, we will continue with… Continue Reading
Back in the time when there was no Github, developers used to share codes in local servers of the company, or even with flash drives. But imagine you are out of the company’s LAN and… Continue Reading
Zoom Video Communications Inc.’s video conferencing app, has seen booming popularity since COVID-19 outbreaks began in January 2020. Zoom usage rose after lockdowns with corporate office workers, students, millions of people who #stayhome, and even… Continue Reading
With the current COVID-19 pandemic, remote working has become an inevitable option for many organizations. While enterprises have their own well-prepared IT teams, the pandemic has caught small organizations off guard in the security aspect.… Continue Reading
Phishing and domain squatting are commonly used by threat actors to achieve different kinds of goals against an organization. Among these goals are; Stealing personally identifiable information (PII) and selling it on black markets for… Continue Reading
On February 3rd, Microsoft Teams suffered outages following the expiration of one of its SSL certificates. Microsoft’s collaborative Slack-alike, Teams, bundles together a variety of Microsoft applications having over 20 million daily active users. This… Continue Reading
In case of a cybersecurity investment, it's not always possible to satisfy the board by repeatedly saying "better safe than sorry". Boards want to witness an understanding of the big-picture involving operations and financials as… Continue Reading
Understanding the importance of Digital Asset Monitoring (DAM) is critical. Your adversaries spend the majority of their time doing discovery and mapping tasks to get the best ways for the attack. Therefore, to be one… Continue Reading
Threat actors follow a series of events-called the “cyber kill chain framework” from defense perspective-to successfully infiltrate a network and either exfiltrate, destroy, or to cause business disruption. The lifecycle of an attack can be… Continue Reading
Financial services companies in the world witnessed a sharp rise in data breaches which shows how the sector is under attack from threat actors. For example, in the UK, companies reported 145 breaches to FCA… Continue Reading
