Latest articles from SOCRadar
Remote Code Execution (RCE) is a class of software vulnerabilities. An RCE vulnerability allows a malicious actor to execute code of their choice over a LAN (WAN) or Internet on a remote machine. RCE belongs to… Continue Reading
Malicious bots called "bad bots" not only evolve continually, but are very specific to certain applications, such as defense providers or even evasion tactics, as the talents and degree of development for humans and bots.… Continue Reading
One of the benefits of the cyber security is its openness to sharing. There is a good sense of community in the industry with people freely creating and sharing tools. In this blog post, we… Continue Reading
Companies that wish to safeguard customers and employees typically invest in Dark Web monitoring solutions to warn them if their compromised data are offered or sold on dark web forums since they cannot do so… Continue Reading
Unidentified attackers have apparently unlimited resources, pressuring security authorities to regularly evaluate all aspects of their security strategy. People, procedures and technology must be examined in order to guarantee that every important component is optimized… Continue Reading
Gartner has predicted that by 2021, one-third of successful attacks on the enterprise will be through shadow IT resources and leaked sensitive information1. According to Verizon’s DBIR (Data Breach Investigation Report) in 2021, 70%… Continue Reading
A recent study from EMC suggests that data loss and downtime result in losses of $ 1.7 trillion each year.[1] Since shadow IT is an operation that is often carried out unwittingly, companies do not… Continue Reading
The ATT&CK framework is a powerful tool to improve cyber defence and to create a more effective SOC. According to the SANS report, the MITRE ATT&CK creates; The threat intelligence groups that are known to… Continue Reading
Poor password habits are found everywhere, even in big companies despite the password policies required. The credential leak is one of the most common use cases for a variety of sectors, and enterprises have no… Continue Reading
In several VPN products worldwide, APTs target vulnerabilities. This is an ongoing activity directed at multinational organizations. Including government, military, academic, industry, and medical care industries. The open-source is well known for these vulnerabilities, and… Continue Reading
Websites are the most critical assets and most important components of your business. They are a linking bridge between your products and services, and the potential targeted customers. With well designed and properly secured websites,… Continue Reading
Data protection regulations Data protection is an essential process in keeping important information safe and away from threat actor compromise. The criticality of this process is drastically increasing with the increase of data itself being… Continue Reading
A successful third-party risk program, which includes the various third-party sectors, ought to provide threat information. Detailed vulnerability information will then be used for defined attack scenarios to map hacker workflows. A recent survey conducted… Continue Reading
Prevention of the landscape is no longer enough in today's cybersecurity. All have never faced such high and concrete threats from advanced phishing operations to ransomware attacks to digital payment platforms and consumer databases of… Continue Reading
The prevention of the landscape is no longer enough in today’s cybersecurity. All have never faced such high and concrete threats from advanced phishing operations to ransomware attacks to digital payment platforms and consumer databases… Continue Reading
Security departments in the financial industry are facing a daunting mission. They have to defend the company from an immense amount of indiscriminate attacks, which is the price of simply being an online enterprise. At… Continue Reading
Enterprises have to deal with a range of mass campaigns as well as advanced attacks that target a specific industry or company. Threat actors use ever-changing methods to reach their target, and always research before… Continue Reading
Security departments in the financial industry are facing a daunting mission. They have to defend the company from an immense amount of indiscriminate attacks, which is the price of simply being an online enterprise. At… Continue Reading
The need to protect corporate data from increasing cyberattacks continues to be the top priority of every organization. One of the most important ways to increase your company’s cybersecurity is to use digital certificates. Digital… Continue Reading
Subdomains are critical assets of your software applications and server infrastructure. They contain numerous details that can be useful to threat actors as a way into your system. In essence, a subdomain is simply an… Continue Reading
