Latest articles from SOCRadar
![How to Detect & Prevent Ransomware Attacks [2022 CISO Edition]](https://socradar.io/wp-content/uploads/2022/09/how-to-detect-prevent-ransomware-attacks-2022-ciso-edition-1024x576.png)
Why is Ransomware One of the First Items on the CISOs Agenda? Rise with Pandemic With the pandemic, as we rush towards an increasingly digitized world, ransomware has become our institutions' most prevalent cyber threat. … Continue Reading
Overview of Cloud Security Cloud security, in short, is the application of the best technology and best practices aimed at objectives such as data and brand protection, preventing disruption of services, and protecting the infrastructure within… Continue Reading
A McKinsey article states that today’s organizations are expected to suffer from three major trends for the next three to five years. These trends can be expressed simply as follows; Increase in the on-demand ubiquitous data access &… Continue Reading
What is Account Takeover? Account takeover occurs when fraudsters use stolen credentials to gain unauthorized access to a valid account. ATO attacks are used by fraudsters to move payments, steal information, and take advantage of… Continue Reading
What is a Malvertising Attack? Malvertising, also known as malicious advertising, refers to criminally controlled advertisements within Internet-connected programs, typically web browsers (there are exceptions), that intentionally harm individuals and businesses by distributing malware, potentially… Continue Reading
CIAM (Customer identity and access management) is part of the identity and access management (IAM) system integrated into applications for external users such as customers/consumers. The primary goal of CIAM is to manage and control… Continue Reading
Security testing for an application is a crucial element in the lifecycle of software testing. It restricts unwanted intrusions at multiple application layers, including servers, the front-end application layer, middleware modules, and network security. This… Continue Reading
Endpoint Security products are responsible for a market size of approximately 14 million in 2021. Regarding this market's compound annual growth rate (CAGR), it is estimated that the market will double in 9 years. According… Continue Reading
A TLD is the last character of a domain name, such as .com, .net, .org, etc. Domains play a crucial role in phishing attacks. A threat actor can use free domains to create a distribution of… Continue Reading
DNS converts easy-to-remember domain names into numeric IP addresses determined by the primary network protocols of the computer services and devices to be accessed. The DNS system, which can be considered a database, saves users… Continue Reading
In this article, we will look at the reconnaissance techniques from the MITRE ATT&CK framework’s point of view and discuss how to detect cyberattacks using MITRE ATT&CK Framework, and how we can protect ourselves and… Continue Reading
The annual Cost of a Data Breach Report, featuring research by Ponemon Institute, offers insights from 550 actual breaches to help you understand cyber risk in a changing world. Research shows that insider threats cause… Continue Reading
Domain hijacking attacks can have many damaging consequences, such as the exposure of sensitive data and financial and reputational damage to organizations. These attacks can result in major data breaches and leaks. This article tells… Continue Reading
Phishing attacks have victimized many users and companies for years, and it seems they will continue to do so. Many security measures have been taken against such attacks. However, the attackers develop new TTPs with the… Continue Reading
BEC attack is a type of social engineering attack that takes place over email and the attacker aims for financial gain. Often, attackers aim to trick employees into sending money or valuable personal data (PII)… Continue Reading
In the context of cybersecurity, spoofing is the act of impersonating another entity to earn our trust, obtain access to our systems, steal data, steal money, or transmit malware. How Does Spoofing Work? Spoofing often consists of… Continue Reading
Some standard cybersecurity measures are endpoint security tools, such as VPNs, proxies, antimalware, and employee cybersecurity awareness training. Despite all these precautions, sometimes employees can fall victim to social engineering attacks due to unawareness and ignorance.… Continue Reading
SOCRadar analysts, while investigating phishing attacks via WhatsApp, recently found a significant increase in an attack with the same type of content. One of the most notable features of the attack was that it quickly… Continue Reading
NGOs and humanitarian nonprofits depend on digital communication technologies and software to coordinate their missions worldwide. In particular, organizations working in humanitarian aid need these technologies to perform operations such as data collection, classification, and… Continue Reading
Social media is great but a lot of risks and threats have evolved with this social media frenzy. Financial fraud, blackmailing, phishing, invasion of privacy, and identity theft have become commonplace attacks targeted at individuals.… Continue Reading
