Blog

Latest articles from SOCRadar

February 15, 2021

What You Need to Know About STIX and TAXII?

STIX and TAXII were developed to improve cyber threat detection and mitigation. STIX stipulates the details of the threat, while TAXII decides the flow of information. STIX and TAXII are machine-readable and thus conveniently automated,… Continue Reading

by
February 12, 2021

How To Leverage OSINT To Monitor APT Groups and Get Fresh IOC/TTP?

50% of Fortune 500 companies have been compromised by APTs.[1] More than 90% of intrusions aren't even discovered by the victims themselves but through third-party notification. Open Source Intelligence (OSINT) is not only useful but… Continue Reading

by
February 8, 2021

CTI is So Critical to SOC Teams for DNS Security

Google reported that it served more than 400 billion DNS queries per day.[1] Furthermore, Let’s Encrypt issues around 600,000 digital certificates per day. These statistics alone can show how critical DNS security is. Many monitoring… Continue Reading

by
February 5, 2021

Dark Web Slang 2

Monitoring the dark web and keeping up with what threat actors are talking about your brand and assets is an extremely important action for enterprises. However, besides the fact that getting into the dark web… Continue Reading

by
February 1, 2021

What Is the Dark Web All About?

Since the 1970s, criminal activities have been coordinated via the internet. However, these early examples would have been rendered in person by way of closed networks and the direct transactions of money and commodities. The… Continue Reading

by
January 28, 2021

Top 5 Remote Code Execution (RCE) Attacks in 2020

According to a recent report[1], more than half of the email service on the Internet were impacted by remote code execution attacks. RCE vulnerabilities are one of the most dangerous of their kind as attackers… Continue Reading

by
January 23, 2021

Dark Web Slang

Monitoring the dark web and keeping up with what threat actors are talking about your brand and assets is an extremely important action for enterprises. However, besides the fact that getting into the dark web… Continue Reading

by
January 18, 2021

The 8 Key Lessons From the SolarWinds Attacks

Nation-state threat actors breached the supply chain of SolarWinds to infiltrate its customers including U.S. government agencies and Fortune 500 companies. At least 18,000 organizations likely downloaded the malicious update, and thus suffered in the… Continue Reading

by
January 10, 2021

Create More Effective SOC With the Mitre ATT&CK Framework

The ATT&CK framework is a powerful tool to improve cyber defence and to create a more effective SOC. According to the SANS report, the MITRE ATT&CK creates; The threat intelligence groups that are known to… Continue Reading

by
January 7, 2021

How Hackers Find Your CEO’s Password and Abuse It

Poor password habits are found everywhere, even in big companies despite the password policies required. The credential leak is one of the most common use cases for a variety of sectors, and enterprises have no… Continue Reading

by
January 6, 2021

2020: The Year in Cybersecurity

One of the trends in cybersecurity that should be noted is the continuing need to further improve the relevant cybersecurity rules. As technology companies operate with big data, it is up to cybersecurity experts to… Continue Reading

by
December 21, 2020

All You Need To Know About Open Source Threat Intelligence Sharing Platform: MISP

Threat intelligence platforms (TIP) are critical security tools that use global security data to help proactively identify, mitigate, and remediate security threats. Every day there are unique and ever-changing challenges. Whilst security experts know that… Continue Reading

by
December 15, 2020

Sunburst/Solorigate SolarWinds Supply Chain Backdoor Attack

What you need to know Nation-state threat actors breached the supply chain of SolarWinds in order to infiltrate its customers including U.S. government agencies and Fortune 500 companies. On December 13, 2020, the security vendor… Continue Reading

by
December 13, 2020

Top Vulnerabilities Exploited in VPNs in 2020

In several VPN products worldwide, APTs target vulnerabilities. This is an ongoing activity directed at multinational organizations. Including government, military, academic, industry, and medical care industries. The open-source is well known for these vulnerabilities, and… Continue Reading

by
December 10, 2020

How To Learn Which 3rd Party Libraries Your Website Is Using?

Websites are the most critical assets and most important components of your business. They are a linking bridge between your products and services, and the potential targeted customers. With well designed and properly secured websites,… Continue Reading

by
December 6, 2020

How Pandemic Affected Information Security

New work order: Remote workforce The COVID-19 virus, which emerged in the last months of 2019 and caused the announcement of a pandemic, led to a sudden change in daily norms for companies and employees,… Continue Reading

by
November 30, 2020

How To Detect and Prevent Business Email Compromise (BEC) Attacks?

What’s business email compromise and why is it dangerous? BEC is an attack in which an attacker gains access to a business email account and imitates the identity of the owner in order to defraud… Continue Reading

by
November 25, 2020

How To Find Domain Ownership in the GDPR Era

Data protection regulations Data protection is an essential process in keeping important information safe and away from threat actor compromise. The criticality of this process is drastically increasing with the increase of data itself being… Continue Reading

by
Newsletter

powered by MailChimp!
SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo