Blog

Latest articles from SOCRadar

How Easy Is It to Guess Fortune 500 Executives' Passwords?
January 4, 2023

How Easy Is It to Guess Fortune 500 Executives’ Passwords?

Recently, many cyberattacks on large corporations have begun with acquiring credentials via multiple methods, particularly social engineering and stealer malware. Obtaining the passwords of a senior executive rather than an ordinary employee is the cherry on… Continue Reading

Secure Your Cloud Environment: 5 Best Practices
January 3, 2023

Secure Your Cloud Environment: 5 Best Practices

With the increasing adoption of cloud computing, cloud security has become a major concern for businesses that rely on cloud-based services to store, process, and manage their data. Cloud computing is a model for delivering computing services… Continue Reading

Top 5 Vulnerabilities Routinely Exploited by Threat Actors in 2022
December 15, 2022

Top 5 Vulnerabilities Routinely Exploited by Threat Actors in 2022

By SOCRadar Research Day by day, it becomes harder to maintain a good security posture. Threat actors are at every corner, searching for a way to breach defenses and expose what is underneath. During the Covid-19… Continue Reading

Gartner Recognized SOCRadar as a DRPS Vendor in 2 Reports
December 15, 2022

Gartner Recognized SOCRadar as a DRPS Vendor in 2 Reports

The digitalization process has become a norm in any business. Now, organizations' assets are highly increased, and there are many things to consider or manage. That's why companies from all industries started to invest in… Continue Reading

Security for Active Directory in 5 Steps
December 7, 2022

Security for Active Directory in 5 Steps

Microsoft Windows directory service Active Directory (AD) enables IT administrators to manage permissions and restrict access to network resources. With this identity and access management solution, you can specify who has access to what parts… Continue Reading

Danger Lurking in GitHub Repositories
December 6, 2022

Danger Lurking in GitHub Repositories

By SOCRadar Research GitHub is a system that has become the world's largest source code repository, used by %90 of Fortune 100 companies and 94 million developers for several purposes such as version control, source code… Continue Reading

What is Password Analyzer?
November 11, 2022

What is Password Analyzer?

A password strength checker is an online application that assesses the security of a user’s password in real-time by analyzing its grammar and highlighting possible vulnerabilities.  The program verifies the usage of certain sequences of… Continue Reading

Vulnerability Management Best Practices
November 9, 2022

Vulnerability Management Best Practices

Every day, new vulnerabilities emerge, and multiplying proliferating vulnerabilities throughout today's complex technology contexts yield a never-ending risk hamster wheel. That's why vulnerability management has been a crucial component of any organization's security program for… Continue Reading

How Should CISOs Prepare on the Current Cyberthreat Landscape?
November 8, 2022

How Should CISOs Prepare on the Current Cyberthreat Landscape?

Recent research by John Sakellariadis for the Atlantic Council delves deeper into the emergence of ransomware over the past ten years. It is well worth reading for CISOs trying to comprehend this sector.  The Rise of Ransomware … Continue Reading

Top Critical Vulnerabilities Used by Ransomware Groups
November 7, 2022

Top Critical Vulnerabilities Used by Ransomware Groups

As ransomware attacks have grown in popularity recently, researchers have begun compiling an easy-to-follow list of vulnerabilities exploited by ransomware groups. So organizations would be aware of which security flaws ransomware gangs use to gain… Continue Reading

A New Rising Social Engineering Trend: Callback Phishing
November 1, 2022

A New Rising Social Engineering Trend: Callback Phishing

Callback phishing emerged as a hybrid social engineering technique that combines phishing and vishing. The phishing technique used to steal sensitive data or transmit harmful packages via email and vishing, which applies phishing over the… Continue Reading

MFA Bypass Techniques: How Does it Work?
October 31, 2022

MFA Bypass Techniques: How Does it Work?

Identification and authentication are the first phase of verification in the login processes of Information Systems. Malicious threat actors use various methods, such as brute force to pass this phase unauthorized. Authentication solutions are named… Continue Reading

Cloud Security Module: Minimize Risk of Misconfigured Buckets
October 26, 2022

Cloud Security Module: Minimize Risk of Misconfigured Buckets

Not long ago, there were discussions about whether organizations should migrate to the cloud. The future has come, and almost all digital assets -services, databases, IT resources, and apps- are now stored in the cloud. Of… Continue Reading

Better Protect Your Mobile App with SOCRadar MAS Module
October 18, 2022

Better Protect Your Mobile App with SOCRadar MAS Module

Threat actors use all kinds of methods to achieve their malicious goals. Mobile apps are among the most popular targets for attackers lately. Targeting a mobile app with various attack vectors has been an increasing… Continue Reading

What is Data Loss Prevention (DLP)? [Ultimate Guide]
October 17, 2022

What is Data Loss Prevention (DLP)? [Ultimate Guide]

Data loss prevention (DLP) prohibits users on a business network from transferring sensitive data outside of the network. DLP systems assist network administrators in regulating network data flow and enforcing stringent controls over private, sensitive,… Continue Reading

How to Detect & Prevent Ransomware Attacks [2022 CISO Edition]
September 26, 2022

How to Detect & Prevent Ransomware Attacks (2022 CISO Edition)

Why is Ransomware One of the First Items on the CISOs Agenda?  Rise with Pandemic With the pandemic, as we rush towards an increasingly digitized world, ransomware has become our institutions' most prevalent cyber threat. … Continue Reading

Recent Attack Types Against Cloud Infrastructures
September 9, 2022

Recent Attack Types Against Cloud Infrastructures

Overview of Cloud Security Cloud security, in short, is the application of the best technology and best practices aimed at objectives such as data and brand protection, preventing disruption of services, and protecting the infrastructure within… Continue Reading

How XDR Powers Rapid Attack Detection and Response
September 7, 2022

How XDR Powers Rapid Attack Detection and Response

A McKinsey article states that today’s organizations are expected to suffer from three major trends for the next three to five years. These trends can be expressed simply as follows; Increase in the on-demand ubiquitous data access &… Continue Reading

What is Account Takeover and How to Prevent It?
September 5, 2022

What is Account Takeover and How to Prevent It?

What is Account Takeover?  Account takeover occurs when fraudsters use stolen credentials to gain unauthorized access to a valid account. ATO attacks are used by fraudsters to move payments, steal information, and take advantage of… Continue Reading

What is Malvertising & How to Stop Ad Malware?
September 2, 2022

What is Malvertising & How to Stop Ad Malware?

What is a Malvertising Attack?  Malvertising, also known as malicious advertising, refers to criminally controlled advertisements within Internet-connected programs, typically web browsers (there are exceptions), that intentionally harm individuals and businesses by distributing malware, potentially… Continue Reading

SOCRadar helps you visualize digital risk, and reduce your company's attack surface
Request Demo