Cyber war: the current scenario

Cyber war: the current scenario

The modern hybrid war Lately we hear more and more often about “hybrid” or “asymmetric” war, terms intended to explain a military strategy that mixes conventional war, irregular war and cyber war with other indirect attack methods, such as fake news and accusations in the legal or political field. With the evolution of hybrid war as a form of low intensity conflict during peacetime, the “battlefield” has therefore expanded to sectors and organizations that had never been involved in war before. In fact, today, world superpowers are often involved in low intensity conflicts that allow the forces involved to avoid getting caught up in traditional confrontation. The last front of […]

Steganography: from its origins to the present

Steganography: from its origins to the present

The term steganography refers to a technique that aims to hide communication between two interlocutors. The term is composed precisely of the Greek words στεγανός (covered) and γραφία (writing). Unlike encryption, which allows you to encrypt a message so as to make it incomprehensible if you do not have a key to decipher it, steganography aims to keep the very existence of the message away from prying eyes, by hiding it. The origins Traces of steganography already existed in ancient Greece, when Herodotus narrated two examples in his Stories, but the first recorded use of the term was in 1499 by Johannes Trithemius in his Steganographia, a treatise on cryptography […]

War and cryptography: the challenge of quantum communication

War and cryptography: the challenge of quantum communication

Message encryption has always been a very important tool within the military, stretching back to the time of the ancient Greeks to the present day. It is natural for two armies in war to seek information about each other, both to learn about enemy strategies before battle, as well as to discover its movements during it. In order to obtain this information, “cryptoanalysis” was born, that is the study of decrypting encrypted messages without knowing their encryption key. It is easy to assume that if an army, through cryptoanalysis, manages to decipher the enemy’s communications, it can gain a fundamental strategic advantage. To be precise, it must be specified that […]

How Artificial Intelligence and Machine Learning will change the world of cybersecurity

How Artificial Intelligence and Machine Learning will change the world of cybersecurity

Artificial Intelligence (AI) and Machine Learning (ML) tools could substantially help in the fight against cybercrime. But even these technologies can’t guarantee absolute security, and they could even be exploited by malicious hackers. Here we will consider some of the implications about the use of these new instruments in the cybersecurity sector. In 2020 cyber criminals pose a growing threat to all kinds of organisations and companies, as well as their customers. Businesses are doing their best to defend themselves, but it’s hard to predict what new types of cyberattacks will emerge and how they’ll work, which cyber criminals tend use in their favour. Artificial Intelligence and Machine Learning can […]

Simjacker and other cyber threats for mobile devices in 2020

Simjacker and other cyber threats for mobile devices in 2020

At the end of last year, a security company discovered a serious threat to the world of cell phones and beyond: Simjacker, an attack technique that allows, in fact, to take control of a mobile phone by simply sending an SMS. Given the always increasing use of smartphones, it’s easy to understand the great dangerousness of this type of attack. Here we will see some details about this and other cyber threats for mobile devices that have recently emerged. Simjacker, the first case of Malware-SMS The Simjacker technique is particularly dangerous because it can be successfully exploited against a large variety of connected devices: not only mobile phones and smartphones, […]

The revolutionary methods to attack air-gapped devices

The revolutionary methods to attack air-gapped devices

In the last few years, the Cyber-Security Research Center of Israel’s Ben Gurion University of the Negev coordinated by Dr. Mordechai Guri, has developed and tested several new types of malware that allow to covertly steal highly sensitive data from air-gapped and audio-gapped systems. Here we will briefly analyse some of the most surprising techniques that they have successfully tested.      What air-gapped systems are and the difficulty of hacking them The term “air-gapping” indicates a network security measure employed on one or more computers to ensure that a certain computer system is physically isolated from unsecured networks, such as the public Internet or an unsafe local area network. Air-gapped […]

Telsy partecipa all’Open Innovation challenge della Regione Lazio

Telsy partecipa all’Open Innovation challenge della Regione Lazio

Lo scorso 29 aprile Telsy ha lanciato, in collaborazione con la Regione Lazio e Lazio Innova, la challenge “Autenticazione innovativa per dispositivi mobili”. L’obiettivo della sfida è quello di promuovere la progettazione e lo sviluppo di metodi e tecnologie innovative per l’autenticazione su dispositivi mobili. Ai gruppi partecipanti viene richiesto in particolare di sviluppare un sistema di autenticazione realmente affidabile e sicuro, capace di proteggere efficacemente gli smartphone del futuro.  In particolare la challenge è rivolta a: startup e PMI innovative registrate nelle apposite sezioni del Registro delle impresemicroimprese, startup e PMIteam informali composti da almeno tre personespin off universitari e di centri di ricerca. Le iscrizioni sono aperte e […]

Telsy’s report on UniCredit’s data breach went viral worldwide

Telsy’s report on UniCredit’s data breach went viral worldwide

On the evening of April 19, Telsy denounced that the personal data of about 3000 employees of the UniCredit S.p.A. bank, one of the largest banks in Italy, had been put on sale on cybercrime forums. According to the seller, in the leak there are information about thousands of employees, including emails, phone numbers, encrypted password, last name and first name. The database was found available on at least two cyber-crime and hacking related forums. In the following hours the article published by Telsy on its blog (which can be found at the following link )has been reported by several major news agency worldwide. Telsy’s CEO, Emanuele Spoto, commented: “Yesterday […]

Unicredit employees database for sale on cyber-crime forums

On the late afternoon of 19/04/2020, a threat actor posted a new sale on a hacking and cyber-crime forum selling the database of UniCredit employees. UniCredit S.p.A. is an Italian banking and a global financial services company. It is present on 17 countries and has almost 100k employees worldwide. While currently we are not aware how this potential data loss could have occurred, according to the actor post, in the leak there are information about thousand of employees, including emails, phone, encrypted password, last name and first name. We found the database being available on at least two cyber-crime and hacking related forum. The nickname of the user selling it […]

Coronavirus: reported a new campaign of spear phishing attacks to steal personal data

Coronavirus: reported a new campaign of spear phishing attacks to steal personal data

A few days ago, on the 27th of March, industry reporting signalled a new campaign of Covid-19/ coronavirus-themed spear phishing attacks that illegitimately uses the WHO (World Health Organization) mark, to spread another variant of the info-stealer Lokibot, in order to steal personal data and confidential information from the victims of the attack. This is not the first time that this particular malware has appeared, in fact numerous versions, all derived from the original source code, have already been identified. The most disparate methods were also used for what concerns the means of distribution. This spear phishing campaign has already spread rapidly in different parts of the world, especially in […]