Latest articles from SOCRadar
Cyber-attacks against the supply chain ecosystems continued to ramp up through the year 2021 with high-profile attacks such as Log4j, Kaseya VSA, and many others. Attackers including APT actors have been observed to be attacking… Continue Reading
Successful spear phishing accounts for up to 95 percent of all attacks on enterprise networks. Because of the proliferation of COVID-19, attacks escalated in 2020, with hackers preying on stay-at-home workers who aren't protected by… Continue Reading
One of the most commonly used messaging apps, Telegram, has become more and more popular ever since the privacy policy scandal of WhatsApp in January 2021. WhatsApp announced that they have been sharing their customers’… Continue Reading
A phishing kit is a set of software tools, such as HTML, pictures, and code that fraudsters can use to construct and launch phishing attacks. Phishing kits allow anyone with little or no phishing experience to… Continue Reading
According to Arne Schoenbohm, who leads the German Federal Office of Information Security (BSI), EMOTET is the king of malware. EMOTET actively attacks many devices in every industry, including small-large businesses, individuals, non-profit organizations, governments,… Continue Reading
We continuously come across the news about recently uncovered credential data breaches but rarely hear about the direct results of any particular breach. Since it can take a long time before the data get purchased… Continue Reading
What is a DDoS Attack? A DDoS attack, also known as distributed denial of service attack, is a type of web attack aiming to cripple a web system's servers and make the servers unreachable to… Continue Reading
Accellion specializes in file sharing and collaboration software that is safe and secure. More than 3,000 multinational enterprises, government organizations, hospitals, and colleges use the company’s enterprise content firewall. Baring Private Equity Asia and Bregal… Continue Reading
Smishing is a fraud in which thieves send an SMS to a victim posing as a bank or organization to acquire personal information. SMS (short for “short messaging services”) and “phishing” are combined in the… Continue Reading
Third-party risk management (TPRM) is a type of risk management that focuses on identifying and mitigating risks associated with the usage of third-party vendors (sometimes referred to as vendors, suppliers, partners, contractors, or service providers).… Continue Reading
A cryptocurrency is a form of digital currency stored on decentralized networks. These decentralized networks are called blockchains, consisting of many systems called nodes. Blockchains are decentralized networks in which no single authority controls the… Continue Reading
The Cybersecurity and Infrastructure Security Agency (CISA) has mentioned in Avoiding Social Engineering and Phishing Attacks on August 25, 2020; an attacker utilizes human contact (social skills) to gather or compromise information about an organization… Continue Reading
If one company allows employees to bring their own computing devices to the workplace like smartphones, tablets, or laptops, then it needs a BYOD security policy. What is BYOD? Initially, employees used only company-issued devices… Continue Reading
One of the world’s most significant open-source projects, Apache is a free and open-source cross-platform HTTP web server. Apache is responsible for handling back-and-forth communication between the server and the browser. Apache has been developed… Continue Reading
For many organizations, digital initiatives are a lifeline. IoT, social, machine learning, big data analytics, artificial intelligence, and augmented reality enable digital startups to streamline operations, adopt new business models, and improve customer experience, maximizing… Continue Reading
The term “Virtual Private Network” (VPN) refers to the ability to create a secure network connection while using public networks. VPNs encrypt your internet traffic and hide your true identity on the internet. Third parties… Continue Reading
Identity and access management (IAM) is a discipline to ensure that the right people and job roles (identities) can access the tools they need in the organization. The enterprises can control employee apps without logging… Continue Reading
The attack surface is all hardware, software and cloud assets accessible from the internet that processes or stores data. All exposed IT assets, from servers to APIs, are part of the attack surface, whether or… Continue Reading
Fraud refers to transactions made using card information without the knowledge of cardholders in the card payment sector in cybersecurity or purchases made by using fake or stolen credit cards. Today, with the advantages of… Continue Reading
Mobile Banking malware is a malware family consisting of malicious apps and trojans designed to infect one’s system and collect financial data, personal information and potentially steal login credentials. Over %95 of mobile malware are… Continue Reading
