Simjacker and other cyber threats for mobile devices in 2020

Simjacker and other cyber threats for mobile devices in 2020

At the end of last year, a security company discovered a serious threat to the world of cell phones and beyond: Simjacker, an attack technique that allows, in fact, to take control of a mobile phone by simply sending an SMS. Given the always increasing use of smartphones, it’s easy to understand the great dangerousness of this type of attack. Here we will see some details about this and other cyber threats for mobile devices that have recently emerged. Simjacker, the first case of Malware-SMS The Simjacker technique is particularly dangerous because it can be successfully exploited against a large variety of connected devices: not only mobile phones and smartphones, […]

The revolutionary methods to attack air-gapped devices

The revolutionary methods to attack air-gapped devices

In the last few years, the Cyber-Security Research Center of Israel’s Ben Gurion University of the Negev coordinated by Dr. Mordechai Guri, has developed and tested several new types of malware that allow to covertly steal highly sensitive data from air-gapped and audio-gapped systems. Here we will briefly analyse some of the most surprising techniques that they have successfully tested.      What air-gapped systems are and the difficulty of hacking them The term “air-gapping” indicates a network security measure employed on one or more computers to ensure that a certain computer system is physically isolated from unsecured networks, such as the public Internet or an unsafe local area network. Air-gapped […]

Telsy partecipa all’Open Innovation challenge della Regione Lazio

Telsy partecipa all’Open Innovation challenge della Regione Lazio

Lo scorso 29 aprile Telsy ha lanciato, in collaborazione con la Regione Lazio e Lazio Innova, la challenge “Autenticazione innovativa per dispositivi mobili”. L’obiettivo della sfida è quello di promuovere la progettazione e lo sviluppo di metodi e tecnologie innovative per l’autenticazione su dispositivi mobili. Ai gruppi partecipanti viene richiesto in particolare di sviluppare un sistema di autenticazione realmente affidabile e sicuro, capace di proteggere efficacemente gli smartphone del futuro.  In particolare la challenge è rivolta a: startup e PMI innovative registrate nelle apposite sezioni del Registro delle impresemicroimprese, startup e PMIteam informali composti da almeno tre personespin off universitari e di centri di ricerca. Le iscrizioni sono aperte e […]

Telsy’s report on UniCredit’s data breach went viral worldwide

Telsy’s report on UniCredit’s data breach went viral worldwide

On the evening of April 19, Telsy denounced that the personal data of about 3000 employees of the UniCredit S.p.A. bank, one of the largest banks in Italy, had been put on sale on cybercrime forums. According to the seller, in the leak there are information about thousands of employees, including emails, phone numbers, encrypted password, last name and first name. The database was found available on at least two cyber-crime and hacking related forums. In the following hours the article published by Telsy on its blog (which can be found at the following link )has been reported by several major news agency worldwide. Telsy’s CEO, Emanuele Spoto, commented: “Yesterday […]

Unicredit employees database for sale on cyber-crime forums

On the late afternoon of 19/04/2020, a threat actor posted a new sale on a hacking and cyber-crime forum selling the database of UniCredit employees. UniCredit S.p.A. is an Italian banking and a global financial services company. It is present on 17 countries and has almost 100k employees worldwide. While currently we are not aware how this potential data loss could have occurred, according to the actor post, in the leak there are information about thousand of employees, including emails, phone, encrypted password, last name and first name. We found the database being available on at least two cyber-crime and hacking related forum. The nickname of the user selling it […]

Coronavirus: reported a new campaign of spear phishing attacks to steal personal data

Coronavirus: reported a new campaign of spear phishing attacks to steal personal data

A few days ago, on the 27th of March, industry reporting signalled a new campaign of Covid-19/ coronavirus-themed spear phishing attacks that illegitimately uses the WHO (World Health Organization) mark, to spread another variant of the info-stealer Lokibot, in order to steal personal data and confidential information from the victims of the attack. This is not the first time that this particular malware has appeared, in fact numerous versions, all derived from the original source code, have already been identified. The most disparate methods were also used for what concerns the means of distribution. This spear phishing campaign has already spread rapidly in different parts of the world, especially in […]

Cyber Security: come gestire le minacce nelle comunicazioni mobili

Cyber Security: come gestire le minacce nelle comunicazioni mobili

Il 7 aprile 2020 Telsy ha partecipato ufficialmente al webinar – Cyber Security: come gestire le minacce nelle comunicazioni mobili – organizzato da Samsung Electronics Italia e FPA -FORUM PA. Nel corso del webinar, a cui hanno partecipato più di seicento persone, sono intervenuti tre relatori: Alessio Pennasilico (Information & Cyber Security Advisor e membro del Comitato Direttivo di Clusit), Matteo Rigoni (Enterprise Program Manager di Samsung Electronics Italia) e Fabrizio Vacca (Chief Innovation Officer di Telsy). I relatori hanno discusso dei problemi emersi negli ultimi anni a causa del massiccio utilizzo di app di messaggistica istantanea, quali Whatsapp, Telegram e Messenger, per le comunicazioni aziendali e la condivisone di […]

Cybercriminals trojanized orginal SM Covid-19 awareness Android app to target Italy

Cybercriminals trojanized orginal SM Covid-19 awareness Android app to target Italy

In these days of particular sacrifices due to the spread of the COVID-19 pandemic, cyber criminals do not seem to save anyone and on the contrary, taking advantage of the emotional involvement that many people have towards this topic, they have continued and in many cases increased their hostile activities not only against normal users but also towards the health and pharmaceutical research sector. In the late evening of yesterday, within the COVID-19 CTI League, a group of about 400 experts gathered together to combat cyber threats related to the exploit of Covid-19 themed campaigns, a potentially malicious application emerged aimed at Italian users. A few moments later the same […]

Quantum challenges to cryptography: why the future is already here

Quantum challenges to cryptography: why the future is already here

More and more often, we hear rather dramatic and movie-like statements about how the quantum era will change many aspects of our life, among which also cryptography and, therefore, security. It often feels like we are about to be thrown in a sci-fi movie in which we will live an extremely high-tech life, surrounded by super intelligent machines and ultra-powerful computers. At the same time, it feels like we have been at the edge of this “brave” new world for quite a bit of time, but never really in it; as if it was just a matter of time – even though  we cannot really say how long – before […]

Telsy Cyber Security Awareness – Stay cyber safe at home

Telsy Cyber Security Awareness – Stay cyber safe at home

Il responsabile della divisone di Cyber Security e Threat Intelligence di Telsy, Emanuele De Lucia, ha stilato un documento rivolto all’utenza comune utile ad accrescere la consapevolezza dei rischi del cyber spazio in questo periodo di emergenza dovuto alla diffusione del “nuovo corona virus“. Sempre più forza lavoro del Paese infatti, si trova a dover espletare i propri obblighi professionali da reti e sistemi originariamente pensati per un esclusivo uso privato, esponendo dati ed informazioni a rischi precedentemente mitigati dalle misure di sicurezza interne ai perimetri aziendali. Tale documento contiene alcune linee guida su come proteggere la propria privacy e la confidenzialità dei dati lavorati all’interno delle proprie abitazioni. E’ […]