All posts by Tancredi Gentili

FragAttacks: new Wi-Fi vulnerabilities found!

FragAttacks: new Wi-Fi vulnerabilities found!

A few days ago, a Belgian security researcher,  Mathy Vanhoef, has found, and named as “FragAttacks (fragmentation and aggregation attacks)”, a dozen of unknown security flows affecting Wi-Fi devices. Within radio range of a victim, a threat actor can exploit them to steal user information or attack devices. The report has found that at least three of the discovered vulnerabilities are design flaws in the Wi-Fi standard and affect most devices, as a result. Moreover, the discovery has found that are caused by widespread programming mistakes in Wi-Fi products. However, these flows are very complex to exploit giving their design and mitigation measures are already in place. Find out more on our […]

Vulnerability Assessment: an overview of a crucial cybersecurity task

Vulnerability Assessment: an overview of a crucial cybersecurity task

Vulnerability assessment is a task in delivering an effective cybersecurity strategy in both corporate and public sectors. It is vital to bring about risk awareness, and it is the very first step in analyzing an organization’s cybersecurity strategy and architecture. The best way to protect against exploitable vulnerabilities is indeed detecting them – and fix them afterward – before a threat actor notices them. In essence, a vulnerability assessment involves the automatic scanning of all items, components, and assets of an IT system, an application, or software by software.  Many confuse this security operation with penetration testing. Performing a vulnerability assessment means assuring integrity, and security, and proper management of […]

Cybersecurity analysts: what they do and why their work is vital

Cybersecurity analysts: what they do and why their work is vital

Cybersecurity analysts are the core of an organization’s security, private and public alike. They have a vital task: ensuring that their IT assets are secure and protect them from violations and attacks. Being a security analyst is everything but an easy job. In achieving their organization’s security, they have the duty to manage the IT security and risks of the entity they work for. This includes analyzing and identifying proper security solutions to make the work environment resilient to threats.   Usually reporting to a CIO (Chief Innovation Officer), their role also involves a constant liaison and engagement with other departments and business units. Cybersecurity analyst jobs require many sophisticated […]

Penetration testing: what it is and why it is important

Penetration testing: what it is and why it is important

Penetration Testing (Pen Test) refers to the activity of systematically attempting to violate a vulnerable component of a system to discover the security breaches in it through a simulated attack. The professional figure that performs such testing is a security analyst acting as a proper hacker. He or she has the task of breaking the system under assessment by following an attack strategy. This service is vital because real hackers may exploit any breaches with ease if an organization does them know them in time. Damage associated with such violations may include data theft, unauthorized access to sensitive files, service disruption, and many more. Penetration Testing should not be confused […]

AES-256 encryption: how does it protect our most sensitive data?

AES-256 encryption: how does it protect our most sensitive data?

You have certainly heard of AES-256. Commonly referred to as “military-graded” cipher, the Advanced Encryption Standard (AES) is essential in government cybersecurity, encryption, and electronic data protection. Its story started in 1997 when the American NIST, the National Institute of Standards and Technology, made the older DES (Data Encryption Standard) retired. The mathematical base of the AES is an algorithm called “Rijndael” excelling in performance and flexibility developed by the Belgian cryptographers Daemen and Rijmen. For its success and robustness AES in its 256-bits version is widely used in a wide range of applications such as  such as wireless communication, financial transactions, e-business, encrypted data storage etc. Although it is […]

Cloud: what is it and its key advantages

Cloud: what is it and its key advantages

Cloud is a metaphor indicating a computing model where an internet connection enables a network of servers, applications, storage, and other development tools. Companies around the world use it to complete their processes of digital transformation. The ongoing pandemic and the increased implementation of smart working has made the cloud a vital working tool. Such a service boots digital transformation by equipping enterprises with impressive levels of computation power by pushing a button at highly reasonable and cost-effective prices.     Indeed, these solutions allow the cut of an important share of costs related to the maintenance and running of many services. At the same time, it provides a high level […]

Cryptography: what is it and its uses

Cryptography: what is it and its uses

Cryptography, or crypto, refers to the technique of securing information and communications through codes. By doing so, only those people you send information holding the decoding key to can understand it and process it. Cryptography concerns the construction and the analysis of protocols that prevent third parties or the public from reading messages meant to remain private. Thus it prevents unauthorized access to the given information. Indeed, The prefix “crypt” means “hidden, secret,” and suffix “-graphy” means “writing.” Cryptography is an ancient art. Since its dawn, humanity has developed and used it to convey secretly and, to an extent, securely messages concerning military operations, espionage, bargains, and simple messaging between […]

Cybersecurity career: 4 reasons to consider it

Cybersecurity career: 4 reasons to consider it

Pursuing a career in cybersecurity can be tempting. Figures show that this industry tends to have a zero unemployment rate. Nowadays, the labor market requires cybersecurity skills more than ever. Even non-experts understand that this is a growth area. It has indeed become critical to the fabric of any modern business.  Focusing on security as a job opens up a world of options, from security operations to risk assessments to application security to investigations to compliance. There are as many cybersecurity roles as lines of code running in your browser. Rewards in financial terms and professional satisfaction are the strongest motives to embrace a profession in this industry. This blog explores the […]

Cyberattacks: a matter of war or disruption?

Cyberattacks: a matter of war or disruption?

Cyberattacks are a threat to national security. However, describing them as war is highly problematic. Critics of this stance often argue that armed conflict has been becoming virtual. They say that violence in post-modern conflicts has decreased, replaced by other forms of violence such as cyberattacks. However, war is a distinct activity with a particular nature. It is organized violence carried out by political units. Most cyberattacks are a type of non-military activity that falls under the broad banner of “strategy” or “grand strategy.” In other words, when sponsored by states, they may serve military activity as much as diplomacy does. Cyberspace is the fifth domain of conflict, entirely constructed […]

Smartworking: how to mitigate cyber risks

Smartworking: how to mitigate cyber risks

Smartworking is a  fertile ground for cyber threats and criminals. As steps to counter the coronavirus outbreak take effect, millions of workers across the globe have been sent home with their laptops many times. Cybercrime is a silent actor that attempts to exploit the vulnerabilities of remote working. Indeed, remote workers can potentially present a number of cybersecurity risks to organizations, and cybercriminals are finding more ways to exploit these weaknesses. With remote work, indeed, attack surfaces are be multiplied. As users we should not never let the guard down. A combination of procedures, tips, precautions, and training could mitigate risks to a great extent.   Read more on our […]

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. maggiori informazioni

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close