Latest articles from SOCRadar
Have you ever wondered how your Managed Service Provider (MSP) is protecting both your data and its own? It is prudent to regularly assess your MSP along with other stakeholders in your supply chain to… Continue Reading
Security misconfigurations occur when systems or applications are not correctly set up, leaving them vulnerable to potential security threats. According to OWASP, approximately 90% of the applications they assessed exhibited some form of misconfiguration, and… Continue Reading
In the ever-evolving landscape of cybersecurity threats, it is imperative to maintain vigilance and adaptability. As we delve deeper into the realm of Adversary-in-the-Middle (AiTM) attacks, the second installment of this research series seeks to… Continue Reading
In today's digital era, detecting a burgeoning type of cyberattack, known as Adversary-in-the-Middle (AiTM) attacks, is becoming increasingly challenging. As cyber threat actors continually refine their techniques, organizations find themselves vulnerable, often ill-equipped to detect… Continue Reading
In today's digital age, the term "torrenting" often evokes images of pirated movies, music, or TV shows. However, the world of torrents is much broader than just illegal content. Torrenting, at its core, is a… Continue Reading
In a previous SOCRadar blog post, we delved into the importance of cybersecurity frameworks for today’s organizations. In this installment, we pivot our focus toward the much-anticipated NIST Cybersecurity Framework 2.0. As cyber threats evolve,… Continue Reading
In a regular threat and vulnerability hunting activity, SOCRadar has discovered during their research that thousands of DICOM servers were exposed on the internet due to misconfigurations, resulting in the exposure of patient data for… Continue Reading
From Nigerian Princes to Crafty Codes: The Evolution of Phishing Remember the days when our inboxes were graced by those endearing messages from a distant "Nigerian Prince"? Ah, good times, right? If you're thinking, "What… Continue Reading
In today's interconnected digital ecosystem, supply chain attacks have emerged as one of the most potent threats. A supply chain attack occurs when threat actors target organizations by focusing on weaker links in their supply… Continue Reading
In the world of cybersecurity, vulnerability intelligence is like a guiding light for experts dealing with online threats. So, what is it? Vulnerability intelligence focuses on gathering and sharing information about software vulnerabilities. Its main… Continue Reading
The cloud, in its simplest form, is a system of servers that store data and applications over the internet rather than on a computer's hard drive. It has become an integral part of modern organizations,… Continue Reading
The developers behind the information-stealing malware, Raccoon Stealer, have broken their six-month silence on hacker forums. They are now promoting an updated version of the 2.3.0 (2.3.0.1 since August 15, 2023) malware to potential cybercriminals.… Continue Reading
In today's rapidly evolving digital landscape, the term "cybersecurity" has become synonymous with safeguarding our most valuable assets: information and data. As we continue to witness an increasing number of cyber threats and attacks, ranging… Continue Reading
[Update] November 9, 2023: Added FBI's notice, see under the title: "FBI Warns of Ransomware Threats via Third Parties and Legitimate Tools." Cybersecurity is an ever-evolving space, this may be fueled by the idea of… Continue Reading
The design of the Paris 2024 Olympic and Paralympic torch, introduced on July 25, 2023, struck the first gong for The Paris 2024 Summer Olympic and Paralympic Games. With less than one year remaining until… Continue Reading
An innocuous and maybe a hard worker employee sought to simplify their routines, inadvertently setting a sinister chain of events in motion; they made the decision to activate browser sync via their personal email. It… Continue Reading
The thrill of curiosity! It is the spark that drives innovation, leads us to explore new horizons, and sometimes, unfortunately, lands us straight into the arms of danger. Imagine scrolling through your Facebook or Instagram… Continue Reading
Cyberattacks are increasing in frequency worldwide, posing significant challenges for organizations as they strive to protect their cyber assets from persistent and advanced threat actors. While vulnerability assessments, penetration testing and red teaming, play a… Continue Reading
What is LOTL Attack? Living Off the Land (LOTL), also known as lolbins, is a sophisticated cyberattack technique that leverages legitimate tools already present within a victim's system to execute and sustain an attack. Contrary… Continue Reading
This research aimed to investigate the files that companies might have accidentally uploaded to GitHub and identify any sensitive information that could be present in the uploaded projects; therefore, the focus was on selecting popular… Continue Reading
