Blog

Latest articles from SOCRadar

2023 Review of the CISA Known Exploited Vulnerabilities (KEV) Catalog
November 24, 2023

2023 Review of the CISA Known Exploited Vulnerabilities (KEV) Catalog

Cybersecurity is a constant back-and-forth between the defenders and the threat actors, all centered around finding vulnerabilities in software. Playing a crucial role in defending against the vulnerabilities is the Cybersecurity & Infrastructure Security Agency… Continue Reading

MGM Casino Hack and Realities of Social Engineering Attacks
November 15, 2023

MGM Casino Hack and Realities of Social Engineering Attacks

In the complicated world of cybersecurity, the most unpredictable element remains the human factor. Social engineering attacks exploit this vulnerability, transforming human error into the most significant risk for digital defense systems. Our in-depth analysis… Continue Reading

November 14, 2023

SOCRadar Technical Whitepaper: ‘A 100M+ USD Negotiator’s Guide to Surviving Ransomware’

In an era where digital threats constantly evolve, ransomware attacks have emerged as a formidable challenge, holding businesses hostage and demanding astronomical ransoms. A groundbreaking whitepaper has surfaced, offering a treasure trove of strategies and… Continue Reading

Major Cyberattacks in Review: October 2023
November 10, 2023

Major Cyberattacks in Review: October 2023

In October 2023, a surge of cyber incidents underscored the persistent and evolving threats confronting organizations. October 2023 witnessed a range of malicious activities, from large-scale data breaches to cyber warfare. Notable incidents included escalating… Continue Reading

Essential CTI Capabilities for Effective SOC Operations
October 17, 2023

Essential CTI Capabilities for Effective SOC Operations

In the dynamically evolving threat landscape of the digital age, organizations must thwart sophisticated cyber threats that jeopardize their operations, sensitive personal and commercial data, and reputations. To shield organizations from such threats, Security Operations… Continue Reading

VBScript Is Retiring: From Scripting to Security Threats
October 10, 2023

VBScript Is Retiring: From Scripting to Security Threats

VBScript is facing retirement as Windows moves forward. In future Windows releases, VBScript will be offered as a feature on demand before its eventual removal from the operating system. This ensures that users have time… Continue Reading

Reflections of the Israel-Palestine Conflict on the Cyber World
October 9, 2023

Reflections of the Israel-Palestine Conflict on the Cyber World

Welcome to our live blog, "Reflections of the Israel-Palestine Conflict on the Cyber World." This blog actively documents significant cyber incidents occurring during the Israeli-Palestinian conflict. You can navigate to a specific section of updates… Continue Reading

Major Cyberattacks in Review: September 2023
October 6, 2023

Major Cyberattacks in Review: September 2023

In September 2023, a surge of cyber incidents underscored the persistent and evolving threats confronting organizations. Key events that marked the month included the resurgence of the USDoD hacker, who leaked data from thousands of… Continue Reading

8 Commandments of Red Cross (ICRC) to Hacker Groups: Do Not Harm Civilians
October 6, 2023

8 Commandments of Red Cross (ICRC) to Hacker Groups: Do Not Harm Civilians

At the Warsaw Summit in 2016, NATO took a momentous step forward in acknowledging the paramount importance of cyberspace in modern warfare. During this historic event, NATO officially recognized cyberspace as a distinct operational domain,… Continue Reading

The "Evil" of Everything - Part II: Evilginx and EvilQR Rises AitM
October 2, 2023

The “Evil” of Everything – Part II: Evilginx and EvilQR Rises AitM

In the ever-evolving landscape of cybersecurity threats, it is imperative to maintain vigilance and adaptability. As we delve deeper into the realm of Adversary-in-the-Middle (AiTM) attacks, the second installment of this research series seeks to… Continue Reading

The "Evil" of Everything - Part I: EvilProxy Rises AitM
October 2, 2023

The “Evil” of Everything – Part I: EvilProxy Rises AitM

In today's digital era, detecting a burgeoning type of cyberattack, known as Adversary-in-the-Middle (AiTM) attacks, is becoming increasingly challenging. As cyber threat actors continually refine their techniques, organizations find themselves vulnerable, often ill-equipped to detect… Continue Reading

Decrypting the Shadows: Revealing the Secrets of Ransomware Operators - An Interview with @htmalgae
October 2, 2023

Decrypting the Shadows: Revealing the Secrets of Ransomware Operators – An Interview with @htmalgae

Meet @htmalgae, an anonymous security researcher with a wealth of experience in web application development. In the digital realm, htmalgae operates under this unique handle, and in the physical world, he holds the role of… Continue Reading

September 29, 2023

Exclusive Interview: Dark Web Monitoring, AI’s Role and Strategic Investments in Cyber Security

We are delighted to present an exclusive interview with Nigel Simpson, Head of Global Cybersecurity for International Data Group. With an inspiring career that reflects a deep commitment to safeguarding the digital world, Nigel brings… Continue Reading

Overview of TIBER-EU From Threat Intelligence Perspective
September 14, 2023

Overview of TIBER-EU From Threat Intelligence Perspective

Financial institutions are crucial for the global economy. They hold trillions of dollars in assets and billions of customer records. As such, they are one of the prime targets for cyberattacks. According to Statista, in… Continue Reading

Top 10 Facts About MOVEit Breach
September 13, 2023

Top 10 Facts About MOVEit Breach

In the ever-evolving cybersecurity landscape, breaches have become all too common, sending shockwaves through industries and leaving organizations scrambling to recover. One such significant breach that has recently dominated headlines is the MOVEit breach. MOVEit,… Continue Reading

Mother of the Threats: Threat As a Service
September 12, 2023

Mother of the Threats: Threat as a Service

Anonymous Russia's botnet service Tesla-bot announced a new malicious service model on its Telegram channel. This new type of service and concept, which they call as TaaS (Threat as a Service), appears to be a… Continue Reading

Major Cyberattacks in Review: August 2023
September 11, 2023

Major Cyberattacks in Review: August 2023

August 2023 has not passed without its share of significant cyberattacks. Among the incidents of last month, we have observed multiple data breaches involving well-known threat actors. Specifically, the MOVEit Transfer attacks carried out by… Continue Reading

‘Classified’ Intel on the ‘Public’ Telegram Channel: Pentagon US Leak
September 7, 2023

‘Classified’ Intel on the ‘Public’ Telegram Channel: Pentagon US Leak

In the rapidly evolving landscape of digital communication, Telegram has emerged as a prominent platform for various user groups from underground circles. The channels, groups and private chat rooms established by threat actors have exponentially… Continue Reading

Main Analytical Frameworks for Cyber Threat Intelligence
September 6, 2023

Main Analytical Frameworks for Cyber Threat Intelligence

Threat intelligence is a cyber-security discipline focusing on detailed knowledge about the cyber threats targeting an organization. Threat Intelligence Platforms create intelligence information by gathering raw threat data and security-related information from multiple sources, both… Continue Reading

Cyber Threat Intelligence (CTI) Roles for Ransomware Protection
September 4, 2023

Cyber Threat Intelligence (CTI) Roles for Ransomware Protection

Ransomware attacks remain one of the most significant cyber threats against organizations today. Despite numerous countries launching coordinated efforts to combat ransomware groups through law enforcement takedowns, cryptocurrency seizures, and indictments, the crime continues to… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo