NormShield Blog

Phishing Domain Detection, Machine Learning,

Phishing Domain Detection with Machine Learning

Phishing Domain Detection with Machine Learning; What is Phishing? Phishing is a form of fraud in which the attacker tries to learn sensitive information such as login credentials or account information by sending as a reputable entity or person in email or other communication channels. Typically a victim receives a message that appears to have […]

Malicious Javascript hack Code

How Companies Are Hacked via Malicious Javascript Hack Code?

Malicious Javascript Hack Code; JavaScript is dangerous. Maybe you’ve heard this sentence several times before. Actually, being dangerous or not dangerous is true under different circumstances. JavaScript can be dangerous if the proper precautions aren’t taken. It can be used to view or steal personal data even you don’t realize what’s going on. And since […]

deep web, dark web, bitcoin

Deep Web and Black Market

WHAT IS DEEP WEB? The deep web, invisible web, or hidden web are parts of the World Wide Web whose contents are not indexed by standard search engines for any reason. The opposite term to the deep web is the surface web.  What is inside the deep web? Let’s take a look at the figure […]

NormShield Threat Vulnerability Orchestration

What is the biggest threat of stolen accounts?

Biggest threat; There are more than 4 billion hacked emails/passwords available on the internet and underground forums. So, how attackers use hacked emails & passwords for malicious purposes? NormShield searches the internet from many sources for whether there is leaked e-mail of your employees or not. In the simplest form, email list of employees can […]

Domain Shadowing

Domain Shadowing

What is Domain Shadowing? The concept of domain shadowing has first appeared in 2011, and domain shadowing attack is defined as the creating new subdomains to intervene in traffic flow by attackers. Domain shadowing is the process of creating subdomains by domain owners using credentials. Subdomains are created for legitimate domains. For cyber criminals, domain […]

cms vulnerability

How Companies are Hacked via Basic CMS Vulnerabilities

CMS Vulnerabilities; What is CMS? CMS (Content Management Systems) is a computer application that supports the creation and modification of digital content [1]. Basically, we use it for website management and preparation. Over time, many organizations have developed their own custom CMS software. With the increase of these software, in 1995, CNET developed the idea […]

Machine Learning

Machine Learning in Cyber Security Domain – 9: Botnet Detection

Machine Learning Botnet Detection; Botnet means an organized automated army of zombies which can be used for creating a DDoS attack as well as spammy actions of flooding any inbox or spreading the viruses. Actually, this army consists of a large number of computers. Attackers use this army for malicious purposes and generally, zombies are […]

Machine Learning, Spam Filter

Machine Learning in Cyber Security Domain – 8: Spam Filter

Machine Learning; Spam mail (also known as Junk Mail) is a type of electronic spam where unsolicited messages are sent by email. Many email spam messages are generated for commercial purpose in general but it may also contain malicious content which looks like a popular website, but in fact, it may be a phishing attack. […]

machine learning

Machine Learning in Cyber Security Domain – 7: IDS/IPS with ML

Machine Learning IDS/IPS with ML; Intrusion Detection and Intrusion Prevention Systems (IDS / IPS) basically analyze data packets and determine whether it is an attack or not. After analyzing part, the system is able to take some precautions according to the result. IDS/IPSs can be considered as two main categories based on operational logic; (1) […]

machine learning

Machine Learning in Cyber Security Domain – 6: False Alarm Rate Reduction

Machine Learning False Alarm Rate Reduction; In some cases, IDS / IPS Systems may classify an event correctly or falsely. Classified events are evaluated in four categories in literature. True Positives (TP): intrusive and anomalous, False Negatives (FN): Not intrusive and not anomalous, False Positives (FP): not intrusive but anomalous, True Negatives (TN): Intrusive but […]