Committing a Sin, OpenJS Foundation and XZ Utils Incidents: Lessons in Open Source Security
Apr 17, 2024
Categories
Oct 02, 2023
The "Evil" of Everything - Part I: EvilProxy Rises AitM
The “Evil” of Everything – Part I: EvilProxy Rises AitM In today’s digital era, detecting a burgeoning type of cyberattack, known as Adversary-in-the-Middle (AiTM) attacks, is...
Learn More
Sep 29, 2023
The Torrent Landscape: Understanding Security, Risks, and the Future
The Torrent Landscape: Understanding Security, Risks, and the Future In today’s digital age, the term “torrenting” often evokes images of pirated movies, music, or TV shows. However,...
Learn More
Sep 26, 2023
NIST Cybersecurity Framework 2.0: What You Need to Know
NIST Cybersecurity Framework 2.0: What You Need to Know In a previous SOCRadar blog post, we delved into the importance of cybersecurity frameworks for today’s organizations. In this installment, we p...
Learn More
Sep 22, 2023
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medic...
Critical DICOM Server Misconfigurations Lead to Exposure of 1.6M Medical Records In a regular threat and vulnerability hunting activity, SOCRadar has discovered during their research that thousands of...
Learn More
Sep 01, 2023
Don't be Blinded by What You See: Demystifying Homograph Attacks
Don’t be Blinded by What You See: Demystifying Homograph Attacks ...
Learn More
Aug 28, 2023
Chain Reactions: Footprints of Major Supply Chain Attacks
Chain Reactions: Footprints of Major Supply Chain Attacks In today’s interconnected digital ecosystem, supply chain attacks have emerged as one of the most potent threats. A supply chain attack occurs...
Learn More
Aug 25, 2023
Navigating the Cyber Threat Landscape with SOCRadar's Vulnerability In...
Navigating the Cyber Threat Landscape with SOCRadar’s Vulnerability Intelligence and CVERadar In the world of cybersecurity, vulnerability intelligence is like a guiding light for experts dealin...
Learn More
Aug 24, 2023
Navigating Cloud Vulnerabilities: Challenges and Solutions
Navigating Cloud Vulnerabilities: Challenges and Solutions The cloud, in its simplest form, is a system of servers that store data and applications over the internet rather than on a computer’s ...
Learn More
Aug 24, 2023
Raccoon Stealer Resurfaces with New Enhancements
Raccoon Stealer Resurfaces with New Enhancements The developers behind the information-stealing malware, Raccoon Stealer, have broken their six-month silence on hacker forums. They are now promoting a...
Learn More
Aug 23, 2023
Exploring the NIST Cybersecurity Framework: Strengthening Digital Resi...
Exploring the NIST Cybersecurity Framework: Strengthening Digital Resilience In today’s rapidly evolving digital landscape, the term “cybersecurity” has become synonymous with safegu...
Learn More
Aug 17, 2023
The Wolf in Sheep's Clothing: How Cybercriminals Abuse Legitimate Soft...
The Wolf in Sheep’s Clothing: How Cybercriminals Abuse Legitimate Software [Update] November 9, 2023: Added FBI’s notice, see under the title: “FBI Warns of Ransomware Threats via Th...
Learn More
Aug 16, 2023
Possible Cyber Threats in the 2024 Olympics
Possible Cyber Threats in the 2024 Olympics The design of the Paris 2024 Olympic and Paralympic torch, introduced on July 25, 2023, struck the first gong for The Paris 2024 Summer Olympic and Paralymp...
Learn More
Aug 15, 2023
How Browser Sync Can Unknowingly Risk Your Business
How Browser Sync Can Unknowingly Risk Your Business An innocuous and maybe a hard worker employee sought to simplify their routines, inadvertently setting a sinister chain of events in motion; they ma...
Learn More
Aug 11, 2023
New Global Phishing Scam Exposed: Facebook and Instagram Users Targete...
New Global Phishing Scam Exposed: Facebook and Instagram Users Targeted by Fake Crypto Platform The thrill of curiosity! It is the spark that drives innovation, leads us to explore new horizons, and s...
Learn More
Aug 04, 2023
Threat-Informed Defense (TID): A Threat Intelligence Perspective
Threat-Informed Defense (TID): A Threat Intelligence Perspective Cyberattacks are increasing in frequency worldwide, posing significant challenges for organizations as they strive to protect their cyb...
Learn More
Aug 03, 2023
Living Off the Land (LOTL): The Invisible Cyber Threat Lurking in Your...
Living Off the Land (LOTL): The Invisible Cyber Threat Lurking in Your System [Update] January 10, 2024: “Countering Living Off the Land (LOTL) Attack Methods with AI and ML” ...
Learn More
Jul 25, 2023
The Black Box of GitHub Leaks: Analyzing Companies' GitHub Repos
The Black Box of GitHub Leaks: Analyzing Companies’ GitHub Repos This research aimed to investigate the files that companies might have accidentally uploaded to GitHub and identify any sensitive...
Learn More
Jul 17, 2023
From Azure AD to Microsoft Entra ID: Navigating the Name Change and St...
From Azure AD to Microsoft Entra ID: Navigating the Name Change and Strengthening Phishing Defense Azure AD, now known as Microsoft Entra ID, is undergoing a name change announced by Microsoft on 11 J...
Learn More
Jul 12, 2023
Ransomware Attacks on Banking Industry
Ransomware Attacks on Banking Industry Due to the escalating illicit pursuits of cybercriminals seeking unlawful financial gains, particular sectors and specific types of cyber attacks tend to gain pr...
Learn More
Jul 11, 2023
Navigating the Assets Discovery Journey with SOCRadar XTI EASM
Navigating the Assets Discovery Journey with SOCRadar XTI EASM The attack surface is the sum of all potential entry points an attacker can use to gain unauthorized access to an organization’s as...
Learn More
