Monthly Archives: March 2020

Cybercriminals trojanized orginal SM Covid-19 awareness Android app to target Italy

Cybercriminals trojanized orginal SM Covid-19 awareness Android app to target Italy

In these days of particular sacrifices due to the spread of the COVID-19 pandemic, cyber criminals do not seem to save anyone and on the contrary, taking advantage of the emotional involvement that many people have towards this topic, they have continued and in many cases increased their hostile activities not only against normal users but also towards the health and pharmaceutical research sector. In the late evening of yesterday, within the COVID-19 CTI League, a group of about 400 experts gathered together to combat cyber threats related to the exploit of Covid-19 themed campaigns, a potentially malicious application emerged aimed at Italian users. A few moments later the same […]

Quantum challenges to cryptography: why the future is already here

Quantum challenges to cryptography: why the future is already here

More and more often, we hear rather dramatic and movie-like statements about how the quantum era will change many aspects of our life, among which also cryptography and, therefore, security. It often feels like we are about to be thrown in a sci-fi movie in which we will live an extremely high-tech life, surrounded by super intelligent machines and ultra-powerful computers. At the same time, it feels like we have been at the edge of this “brave” new world for quite a bit of time, but never really in it; as if it was just a matter of time – even though  we cannot really say how long – before […]

Telsy Cyber Security Awareness – Stay cyber safe at home

Telsy Cyber Security Awareness – Stay cyber safe at home

Il responsabile della divisone di Cyber Security e Threat Intelligence di Telsy, Emanuele De Lucia, ha stilato un documento rivolto all’utenza comune utile ad accrescere la consapevolezza dei rischi del cyber spazio in questo periodo di emergenza dovuto alla diffusione del “nuovo corona virus“. Sempre più forza lavoro del Paese infatti, si trova a dover espletare i propri obblighi professionali da reti e sistemi originariamente pensati per un esclusivo uso privato, esponendo dati ed informazioni a rischi precedentemente mitigati dalle misure di sicurezza interne ai perimetri aziendali. Tale documento contiene alcune linee guida su come proteggere la propria privacy e la confidenzialità dei dati lavorati all’interno delle proprie abitazioni. E’ […]

Strengthen Android privacy and security via Telsy free secure DNS over TLS

Strengthen Android privacy and security via Telsy free secure DNS over TLS

Starting from Android 9 Pie (https://www.android.com/versions/pie-9-0/ ), Google has released some interesting features related to the tuning of its mobile operating system and in particular the possibility of modifying some settings in order to increase its security and privacy. Indeed, anyone who has browsed the network settings tabs once obtained this release of the OS may have already noticed the possibility of setting his/her own private DNS with TLS (Transport Layer Security) support. This new feature represents a big step forward in simplifying some procedures that were previously necessary to achieve acceptable levels of privacy and security for Android devices. For example, during normal browsing, an Android device, like other […]

APT34 (aka OilRig, aka Helix Kitten) attacks Lebanon government entities with MailDropper implants

APT34 (aka OilRig, aka Helix Kitten) attacks Lebanon government entities with MailDropper implants

Very recently another custom malicious implant that seems to be related to APT34 (aka OilRig) has been uploaded to a major malware analysis platform. Since 2014, year in which FireEye spotted out this hacking group, APT34 is well-known to conduct cyber operations primarily in the Middle East, mainly targeting financial, government, energy, chemical and telecommunications sector. In this case, the threat group probably compromised a Microsoft Exchange account of a sensitive entity related to Lebanese government, and used the mail server as command-and-control of the implant. All the traffic between the compromised machine and the C2 is conveyed through legit email messages, making the implant identification harder. The victim seems […]

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. maggiori informazioni

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close