Blog

Latest articles from SOCRadar

How to Detect & Prevent Ransomware Attacks [2022 CISO Edition]
September 26, 2022

How to Detect & Prevent Ransomware Attacks (2022 CISO Edition)

Why is Ransomware One of the First Items on the CISOs Agenda?  Rise with Pandemic With the pandemic, as we rush towards an increasingly digitized world, ransomware has become our institutions' most prevalent cyber threat. … Continue Reading

Recent Attack Types Against Cloud Infrastructures
September 9, 2022

Recent Attack Types Against Cloud Infrastructures

Overview of Cloud Security Cloud security, in short, is the application of the best technology and best practices aimed at objectives such as data and brand protection, preventing disruption of services, and protecting the infrastructure within… Continue Reading

How XDR Powers Rapid Attack Detection and Response
September 7, 2022

How XDR Powers Rapid Attack Detection and Response

A McKinsey article states that today’s organizations are expected to suffer from three major trends for the next three to five years. These trends can be expressed simply as follows; Increase in the on-demand ubiquitous data access &… Continue Reading

What is Account Takeover and How to Prevent It?
September 5, 2022

What is Account Takeover and How to Prevent It?

What is Account Takeover?  Account takeover occurs when fraudsters use stolen credentials to gain unauthorized access to a valid account. ATO attacks are used by fraudsters to move payments, steal information, and take advantage of… Continue Reading

What is Malvertising & How to Stop Ad Malware?
September 2, 2022

What is Malvertising & How to Stop Ad Malware?

What is a Malvertising Attack?  Malvertising, also known as malicious advertising, refers to criminally controlled advertisements within Internet-connected programs, typically web browsers (there are exceptions), that intentionally harm individuals and businesses by distributing malware, potentially… Continue Reading

What is Customer Identity and Access Management (CIAM)?
September 1, 2022

What is Customer Identity and Access Management (CIAM)?

CIAM (Customer identity and access management) is part of the identity and access management (IAM) system integrated into applications for external users such as customers/consumers. The primary goal of CIAM is to manage and control… Continue Reading

10 Free Security Testing Tools to Test Your Website
August 30, 2022

10 Free Security Testing Tools to Test Your Website  

Security testing for an application is a crucial element in the lifecycle of software testing. It restricts unwanted intrusions at multiple application layers, including servers, the front-end application layer, middleware modules, and network security.  This… Continue Reading

All You Need to Know About Endpoint Security
August 29, 2022

All You Need to Know About Endpoint Security

Endpoint Security products are responsible for a market size of approximately 14 million in 2021. Regarding this market's compound annual growth rate (CAGR), it is estimated that the market will double in 9 years. According… Continue Reading

Top 10 TLDs Threat Actors Use for Phishing
August 24, 2022

Top 10 TLDs Threat Actors Use for Phishing

A TLD is the last character of a domain name, such as .com, .net, .org, etc. Domains play a crucial role in phishing attacks. A threat actor can use free domains to create a distribution of… Continue Reading

Top 10 DNS Threat Analysis and Monitoring Tools
August 8, 2022

Top 10 DNS Threat Analysis and Monitoring Tools

DNS converts easy-to-remember domain names into numeric IP addresses determined by the primary network protocols of the computer services and devices to be accessed. The DNS system, which can be considered a database, saves users… Continue Reading

How to Detect Reconnaissance Using MITRE ATT&CK Framework
August 2, 2022

How to Detect Reconnaissance Using MITRE ATT&CK Framework

In this article, we will look at the reconnaissance techniques from the MITRE ATT&CK framework’s point of view and discuss how to detect cyberattacks using MITRE ATT&CK Framework, and how we can protect ourselves and… Continue Reading

Insider Threats Rising: Average Cost of an Incident is $6.6M
August 1, 2022

Insider Threats Rising: Average Cost of an Incident is $6.6M

The annual Cost of a Data Breach Report, featuring research by Ponemon Institute, offers insights from 550 actual breaches to help you understand cyber risk in a changing world. Research shows that insider threats cause… Continue Reading

What is Domain Hijacking and How to Prevent
July 26, 2022

What is Domain Hijacking and How to Prevent

Domain hijacking attacks can have many damaging consequences, such as the exposure of sensitive data and financial and reputational damage to organizations. These attacks can result in major data breaches and leaks. This article tells… Continue Reading

Top 5 Tools for Phishing Domain Detection
July 25, 2022

Top 5 Tools for Phishing Domain Detection

Phishing attacks have victimized many users and companies for years, and it seems they will continue to do so. Many security measures have been taken against such attacks. However, the attackers develop new TTPs with the… Continue Reading

What is BEC Attack and How to Prevent it?
July 21, 2022

What is BEC Attack and How to Prevent it?

BEC attack is a type of social engineering attack that takes place over email and the attacker aims for financial gain. Often, attackers aim to trick employees into sending money or valuable personal data (PII)… Continue Reading

What is Spoofing Attack and How to Prevent It?
July 20, 2022

What is Spoofing Attack and How to Prevent It?

In the context of cybersecurity, spoofing is the act of impersonating another entity to earn our trust, obtain access to our systems, steal data, steal money, or transmit malware. How Does Spoofing Work? Spoofing often consists of… Continue Reading

How to Build a Proactive Incident Response Plan?
July 19, 2022

How to Build a Proactive Incident Response Plan?

Some standard cybersecurity measures are endpoint security tools, such as VPNs, proxies, antimalware, and employee cybersecurity awareness training. Despite all these precautions, sometimes employees can fall victim to social engineering attacks due to unawareness and ignorance.… Continue Reading

New Playground for Fraudsters: How Do I Get WhatsApp Scam IoCs?
May 16, 2022

New Playground for Fraudsters: How Do I Get WhatsApp Scam IoCs?

SOCRadar analysts, while investigating phishing attacks via WhatsApp, recently found a significant increase in an attack with the same type of content. One of the most notable features of the attack was that it quickly… Continue Reading

Cyber Threats to NGOs Increase: Half of Organizations Targeted
May 4, 2022

Cyber Threats to NGOs Increase: Half of Organizations Targeted

NGOs and humanitarian nonprofits depend on digital communication technologies and software to coordinate their missions worldwide. In particular, organizations working in humanitarian aid need these technologies to perform operations such as data collection, classification, and… Continue Reading

5 Tips for Social Media Security
May 2, 2022

5 Tips for Social Media Security

Social media is great but a lot of risks and threats have evolved with this social media frenzy. Financial fraud, blackmailing, phishing, invasion of privacy, and identity theft have become commonplace attacks targeted at individuals.… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo