Latest articles from SOCRadar
Malware and phishing sites harm companies and organizations all over the world. Through removing sites and blocking attack infrastructures, takedown services strive to minimize the return on investment of the attackers so as to lessen… Continue Reading
Nation-state threat actors breached the supply chain of SolarWinds to infiltrate its customers including U.S. government agencies and Fortune 500 companies. At least 18,000 organizations likely downloaded the malicious update, and thus suffered in the… Continue Reading
The billions of login credentials available on the dark web make it easy for cybercriminals to steal login credentials. It has been widely reported that automated access data - the plug-in attack has found its… Continue Reading
New work order: Remote workforce The COVID-19 virus, which emerged in the last months of 2019 and caused the announcement of a pandemic, led to a sudden change in daily norms for companies and employees,… Continue Reading
What’s business email compromise and why is it dangerous? BEC is an attack in which an attacker gains access to a business email account and imitates the identity of the owner in order to defraud… Continue Reading
Cybercriminals use encrypted ransomware that has become the most common type because it is difficult to crack the encryption and remove the malware. All the stuff you keep on your PC is encrypted by malicious… Continue Reading
For mobile and web applications, credential stuffing attacks are considered among the top threats. While on average hackers can find matches between the stolen credentials, the credential stuffing gets simpler and more efficient. These kinds… Continue Reading
A successful third-party risk program, which includes the various third-party sectors, ought to provide threat information. Detailed vulnerability information will then be used for defined attack scenarios to map hacker workflows. A recent survey conducted… Continue Reading
Phishing - tricking people since "forever" Scammers have always existed, luring people into giving them their valuables or simply tricking them to achieve their goals. Before early technological inventions, you had to be more creative… Continue Reading
Prevention of the landscape is no longer enough in today's cybersecurity. All have never faced such high and concrete threats from advanced phishing operations to ransomware attacks to digital payment platforms and consumer databases of… Continue Reading
The prevention of the landscape is no longer enough in today’s cybersecurity. All have never faced such high and concrete threats from advanced phishing operations to ransomware attacks to digital payment platforms and consumer databases… Continue Reading
Security departments in the financial industry are facing a daunting mission. They have to defend the company from an immense amount of indiscriminate attacks, which is the price of simply being an online enterprise. At… Continue Reading
Enterprises have to deal with a range of mass campaigns as well as advanced attacks that target a specific industry or company. Threat actors use ever-changing methods to reach their target, and always research before… Continue Reading
Security departments in the financial industry are facing a daunting mission. They have to defend the company from an immense amount of indiscriminate attacks, which is the price of simply being an online enterprise. At… Continue Reading
What is web skimming? The web skimming attack also referred to as online card skimming, steals credit card or payment information details from a website’s visitors when they make purchases or reservations. To achieve this,… Continue Reading
Creating and developing an eminent brand image is a process that includes significant hard work for years, therefore it makes a very valuable asset of an organization. Not being able to protect it, puts your… Continue Reading
You have definitely heard there is a deep side to the internet where not everyone can access it. That is considered by many as hazardous and even illegal. We have prepared this blog post to… Continue Reading
In part 1 of this blog series, we discussed a few popular osint tools that help developer’s find leaked information from their GitHub projects: GitGrabber, GitLeaks, Gitminer, Gitrob. In this part, we will continue with… Continue Reading
Back in the time when there was no Github, developers used to share codes in local servers of the company, or even with flash drives. But imagine you are out of the company’s LAN and… Continue Reading
Phishing and domain squatting are commonly used by threat actors to achieve different kinds of goals against an organization. Among these goals are; Stealing personally identifiable information (PII) and selling it on black markets for… Continue Reading
