The "Evil" of Everything - Part I: EvilProxy Rises AitM
The “Evil” of Everything – Part I: EvilProxy Rises AitM In today’s digital era, detecting a burgeoning type of cyberattack, known as Adversary-in-the-Middle (AiTM) attacks, is...
The Torrent Landscape: Understanding Security, Risks, and the Future
The Torrent Landscape: Understanding Security, Risks, and the Future In today’s digital age, the term “torrenting” often evokes images of pirated movies, music, or TV shows. However,...
NIST Cybersecurity Framework 2.0: What You Need to Know
NIST Cybersecurity Framework 2.0: What You Need to Know In a previous SOCRadar blog post, we delved into the importance of cybersecurity frameworks for today’s organizations. In this installment, we p...
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medic...
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records In a regular threat and vulnerability hunting activity, SOCRadar has discovered during their research that thousands of...
Don't be Blinded by What You See: Demystifying Homograph Attacks
Don’t be Blinded by What You See: Demystifying Homograph Attacks ...
Chain Reactions: Footprints of Major Supply Chain Attacks
Chain Reactions: Footprints of Major Supply Chain Attacks In today’s interconnected digital ecosystem, supply chain attacks have emerged as one of the most potent threats. A supply chain attack occurs...
Navigating the Cyber Threat Landscape with SOCRadar's Vulnerability In...
Navigating the Cyber Threat Landscape with SOCRadar’s Vulnerability Intelligence and CVERadar In the world of cybersecurity, vulnerability intelligence is like a guiding light for experts dealin...
Navigating Cloud Vulnerabilities: Challenges and Solutions
Navigating Cloud Vulnerabilities: Challenges and Solutions The cloud, in its simplest form, is a system of servers that store data and applications over the internet rather than on a computer’s ...
Raccoon Stealer Resurfaces with New Enhancements
Raccoon Stealer Resurfaces with New Enhancements The developers behind the information-stealing malware, Raccoon Stealer, have broken their six-month silence on hacker forums. They are now promoting a...
Exploring the NIST Cybersecurity Framework: Strengthening Digital Resi...
Exploring the NIST Cybersecurity Framework: Strengthening Digital Resilience In today’s rapidly evolving digital landscape, the term “cybersecurity” has become synonymous with safegu...
The Wolf in Sheep's Clothing: How Cybercriminals Abuse Legitimate Soft...
The Wolf in Sheep’s Clothing: How Cybercriminals Abuse Legitimate Software [Update] November 9, 2023: Added FBI’s notice, see under the title: “FBI Warns of Ransomware Threats via Th...
Possible Cyber Threats in the 2024 Olympics
Possible Cyber Threats in the 2024 Olympics The design of the Paris 2024 Olympic and Paralympic torch, introduced on July 25, 2023, struck the first gong for The Paris 2024 Summer Olympic and Paralymp...
How Browser Sync Can Unknowingly Risk Your Business
How Browser Sync Can Unknowingly Risk Your Business An innocuous and maybe a hard worker employee sought to simplify their routines, inadvertently setting a sinister chain of events in motion; they ma...
New Global Phishing Scam Exposed: Facebook and Instagram Users Targete...
New Global Phishing Scam Exposed: Facebook and Instagram Users Targeted by Fake Crypto Platform The thrill of curiosity! It is the spark that drives innovation, leads us to explore new horizons, and s...
Threat-Informed Defense (TID): A Threat Intelligence Perspective
Threat-Informed Defense (TID): A Threat Intelligence Perspective Cyberattacks are increasing in frequency worldwide, posing significant challenges for organizations as they strive to protect their cyb...
Living Off the Land (LOTL): The Invisible Cyber Threat Lurking in Your...
Living Off the Land (LOTL): The Invisible Cyber Threat Lurking in Your System [Update] January 10, 2024: “Countering Living Off the Land (LOTL) Attack Methods with AI and ML” ...
The Black Box of GitHub Leaks: Analyzing Companies' GitHub Repos
The Black Box of GitHub Leaks: Analyzing Companies’ GitHub Repos This research aimed to investigate the files that companies might have accidentally uploaded to GitHub and identify any sensitive...
From Azure AD to Microsoft Entra ID: Navigating the Name Change and St...
From Azure AD to Microsoft Entra ID: Navigating the Name Change and Strengthening Phishing Defense Azure AD, now known as Microsoft Entra ID, is undergoing a name change announced by Microsoft on 11 J...
Ransomware Attacks on Banking Industry
Ransomware Attacks on Banking Industry Due to the escalating illicit pursuits of cybercriminals seeking unlawful financial gains, particular sectors and specific types of cyber attacks tend to gain pr...
Navigating the Assets Discovery Journey with SOCRadar XTI EASM
Navigating the Assets Discovery Journey with SOCRadar XTI EASM The attack surface is the sum of all potential entry points an attacker can use to gain unauthorized access to an organization’s as...