All posts by webmaster@telsy.com

Operation “Space Race”: reaching the stars through professional Social Networks

Operation “Space Race”: reaching the stars through professional Social Networks

At the beginning of May 2020, Telsy analyzed some social-engineering based attacks against individuals operating in the aerospace and avionics sector performed through the popular professional social network LinkedIn. According to our visibility, the targeted organizations are currently operating within the Italian territory and the targeted individuals are subjects of high professional profile in the aerospace research sector. Adversary used a real-looking LinkedIn virtual identity impersonating an HR (Human Resource) recruiter of a satellite imagery company with which it contacted the targets via internal private messages, inviting them to download an attachment containing information about a fake job vacation. Based on code similarities of analyzed pieces of malware, Telsy asserts, […]

Cybersecurity’s weakest link: the human factor

Cybersecurity’s weakest link: the human factor

The latest studies are further confirming a fact that, although already known, is still too often ignored: the human factor is the greatest source of risk for companies’ IT security. In this period, in which the pandemic has dramatically increased the use of smart working, finding a solution to this problem must become a top priority. The main risk for companies In a recent survey, the Proofpoint company and the “Let’s System” community questioned the CISOs (Chief Information Security Officers) of 138 Italian companies, asking what were currently the worst threats for companies: according to 85% of them, the greatest risk is posed by phishing and social engineering attacks targeting […]

Cloud, Edge Computing and the future of cybersecurity

Cloud, Edge Computing and the future of cybersecurity

Cloud Computing is today a fully consolidated and still expanding reality, but the exponential development of IoT and 5G technology is increasingly attracting attention to Edge computing, a new distributed computing model designed to bring data processing to as close as possible to where the latter was produced. The debate on which is the best system to adopt, especially with regards to IT security, is still heated, given that both systems have advantages and disadvantages according to the different applications. The advantages and vulnerabilities of the Cloud Cloud computing undoubtedly has several advantages, since it is a flexible and inexpensive system that has also already been proven by years of […]

Twitter attack: the three lessons to learn

Twitter attack: the three lessons to learn

The recent cyber-attack that hit Twitter has created a lot of media sensation, especially because it is the first time that one of the great global social media platforms has been compromised in such a vast and blatant way. Beyond the economic and image damage produced by the attack, this event must push us to make some broader considerations, starting from the implications for cybersecurity and privacy, up to the role that certain social networks have now assumed in the sphere of social and political life. The dynamics of the attack On July 15, 2020, between 8:00 PM and 10:00 PM UTC, several Twitter accounts of celebrities, each with millions […]

Turla / Venomous Bear updates its arsenal: “NewPass” appears on the APT threat scene

Recently Telsy observed some artifacts related to an attack that occurred in June 2020 that is most likely linked to the popular Russian Advanced Persistent Threat (APT) known as Venomous Bear (aka Turla or Uroburos). At the best of our knowledge, this time the hacking group used a previously unseen implant, that we internally named “NewPass“ as one of the parameters used to send exfiltrated data to the command and control. Telsy suspects this implant has been used to target at least one European Union country in the sector of diplomacy and foreign affairs. NewPass is quite a complex malware composed by different components that rely on an encoded file to […]

Ransomware: a threat to the present and the future

Ransomware: a threat to the present and the future

Ransomware has become an increasingly prominent threat to cyberspace security globally and the recent statistical data collected would seem to confirm this trend also for the years to come. What is ransomware and how it works The term “ransomware” refers to a type of malware that limits access to the device it infects, requiring a ransom to be paid to remove the limitation. Some forms of ransomware, for example, block the system and order the user to pay to unlock it, whereas others encrypt the user’s files instead, asking the user to pay a sum to make the files readable again. There are of course many variations of ransomware, but […]

Cyber war: the current scenario

Cyber war: the current scenario

The modern hybrid war Lately we hear more and more often about “hybrid” or “asymmetric” war, terms intended to explain a military strategy that mixes conventional war, irregular war and cyber war with other indirect attack methods, such as fake news and accusations in the legal or political field. With the evolution of hybrid war as a form of low intensity conflict during peacetime, the “battlefield” has therefore expanded to sectors and organizations that had never been involved in war before. In fact, today, world superpowers are often involved in low intensity conflicts that allow the forces involved to avoid getting caught up in traditional confrontation. The last front of […]

Steganography: from its origins to the present

Steganography: from its origins to the present

The term steganography refers to a technique that aims to hide communication between two interlocutors. The term is composed precisely of the Greek words στεγανός (covered) and γραφία (writing). Unlike encryption, which allows you to encrypt a message so as to make it incomprehensible if you do not have a key to decipher it, steganography aims to keep the very existence of the message away from prying eyes, by hiding it. The origins Traces of steganography already existed in ancient Greece, when Herodotus narrated two examples in his Stories, but the first recorded use of the term was in 1499 by Johannes Trithemius in his Steganographia, a treatise on cryptography […]

War and cryptography: the challenge of quantum communication

War and cryptography: the challenge of quantum communication

Message encryption has always been a very important tool within the military, stretching back to the time of the ancient Greeks to the present day. It is natural for two armies in war to seek information about each other, both to learn about enemy strategies before battle, as well as to discover its movements during it. In order to obtain this information, “cryptoanalysis” was born, that is the study of decrypting encrypted messages without knowing their encryption key. It is easy to assume that if an army, through cryptoanalysis, manages to decipher the enemy’s communications, it can gain a fundamental strategic advantage. To be precise, it must be specified that […]

How Artificial Intelligence and Machine Learning will change the world of cybersecurity

How Artificial Intelligence and Machine Learning will change the world of cybersecurity

Artificial Intelligence (AI) and Machine Learning (ML) tools could substantially help in the fight against cybercrime. But even these technologies can’t guarantee absolute security, and they could even be exploited by malicious hackers. Here we will consider some of the implications about the use of these new instruments in the cybersecurity sector. In 2020 cyber criminals pose a growing threat to all kinds of organisations and companies, as well as their customers. Businesses are doing their best to defend themselves, but it’s hard to predict what new types of cyberattacks will emerge and how they’ll work, which cyber criminals tend use in their favour. Artificial Intelligence and Machine Learning can […]

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. maggiori informazioni

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close