Latest articles from SOCRadar
Recently, many cyberattacks on large corporations have begun with acquiring credentials via multiple methods, particularly social engineering and stealer malware. Obtaining the passwords of a senior executive rather than an ordinary employee is the cherry on… Continue Reading
With the increasing adoption of cloud computing, cloud security has become a major concern for businesses that rely on cloud-based services to store, process, and manage their data. Cloud computing is a model for delivering computing services… Continue Reading
By SOCRadar Research Day by day, it becomes harder to maintain a good security posture. Threat actors are at every corner, searching for a way to breach defenses and expose what is underneath. During the Covid-19… Continue Reading
The digitalization process has become a norm in any business. Now, organizations' assets are highly increased, and there are many things to consider or manage. That's why companies from all industries started to invest in… Continue Reading
Microsoft Windows directory service Active Directory (AD) enables IT administrators to manage permissions and restrict access to network resources. With this identity and access management solution, you can specify who has access to what parts… Continue Reading
By SOCRadar Research GitHub is a system that has become the world's largest source code repository, used by %90 of Fortune 100 companies and 94 million developers for several purposes such as version control, source code… Continue Reading
A password strength checker is an online application that assesses the security of a user’s password in real-time by analyzing its grammar and highlighting possible vulnerabilities. The program verifies the usage of certain sequences of… Continue Reading
Every day, new vulnerabilities emerge, and multiplying proliferating vulnerabilities throughout today's complex technology contexts yield a never-ending risk hamster wheel. That's why vulnerability management has been a crucial component of any organization's security program for… Continue Reading
Recent research by John Sakellariadis for the Atlantic Council delves deeper into the emergence of ransomware over the past ten years. It is well worth reading for CISOs trying to comprehend this sector. The Rise of Ransomware … Continue Reading
As ransomware attacks have grown in popularity recently, researchers have begun compiling an easy-to-follow list of vulnerabilities exploited by ransomware groups. So organizations would be aware of which security flaws ransomware gangs use to gain… Continue Reading
Callback phishing emerged as a hybrid social engineering technique that combines phishing and vishing. The phishing technique used to steal sensitive data or transmit harmful packages via email and vishing, which applies phishing over the… Continue Reading
Identification and authentication are the first phase of verification in the login processes of Information Systems. Malicious threat actors use various methods, such as brute force to pass this phase unauthorized. Authentication solutions are named… Continue Reading
Not long ago, there were discussions about whether organizations should migrate to the cloud. The future has come, and almost all digital assets -services, databases, IT resources, and apps- are now stored in the cloud. Of… Continue Reading
Threat actors use all kinds of methods to achieve their malicious goals. Mobile apps are among the most popular targets for attackers lately. Targeting a mobile app with various attack vectors has been an increasing… Continue Reading
Data loss prevention (DLP) prohibits users on a business network from transferring sensitive data outside of the network. DLP systems assist network administrators in regulating network data flow and enforcing stringent controls over private, sensitive,… Continue Reading
Why is Ransomware One of the First Items on the CISOs Agenda? Rise with Pandemic With the pandemic, as we rush towards an increasingly digitized world, ransomware has become our institutions' most prevalent cyber threat. … Continue Reading
Overview of Cloud Security Cloud security, in short, is the application of the best technology and best practices aimed at objectives such as data and brand protection, preventing disruption of services, and protecting the infrastructure within… Continue Reading
A McKinsey article states that today’s organizations are expected to suffer from three major trends for the next three to five years. These trends can be expressed simply as follows; Increase in the on-demand ubiquitous data access &… Continue Reading
What is Account Takeover? Account takeover occurs when fraudsters use stolen credentials to gain unauthorized access to a valid account. ATO attacks are used by fraudsters to move payments, steal information, and take advantage of… Continue Reading
What is a Malvertising Attack? Malvertising, also known as malicious advertising, refers to criminally controlled advertisements within Internet-connected programs, typically web browsers (there are exceptions), that intentionally harm individuals and businesses by distributing malware, potentially… Continue Reading