How the Italian Army defends itself from cyber threats: the RSC

How the Italian Army defends itself from cyber threats: the RSC

The Italian Army has recently made the Cyber ​​Security Department (RSC) operational, after establishing it around two years ago. As threats to cyber space increase exponentially, it is absolutely vital in this day and age to have a unit completely dedicated to the control and protection of all military networks and assistance in the various operational theaters at home and abroad. The Department will have mainly defensive tasks, aimed at intercepting cyber-attack attempts and securing all military devices and equipment connected to the network. Cyberwarfare is a pervasive reality within the international playing field and can have serious operational repercussions. A cyberattack directed at army communications systems can have dire […]

Augmented and Virtual Reality: what are the privacy risks?

Augmented and Virtual Reality: what are the privacy risks?

Last month, Nintendo released a new video game in the popular Super Mario Kart saga. The game is part of a new category of Toys-to-life, a video game genre that uses augmented reality to build a kart circuit directly at home. This, however, could be the start of a new privacy problem. In practice, the video camera of the game captures the reality that surrounds the player, so as to create a parallel world within the console with which it is connected. But how does it work? The miracle is allowed thanks to Augmented Reality (AR), a technology that allows us to add information and virtual objects to what surrounds […]

The double extortion technique: the Campari case

The double extortion technique: the Campari case

In recent weeks the Campari group has suffered a serious ransomware attack of the so-called “double extortion” technique. The damage would amount to two terabytes of stolen data, with attached the threat to publish it if the company does not pay $15 million. The attack and the reaction of the company The ransom was carried out by the Ragnar Locker criminal group that, using the same technique, struck Capcom about a month ago, threatening the publication or auctioning of data. The nature of the information stolen from Campari remains confidential, even if the well-known Italian company has admitted the possibility of a loss – not quantified – of personal data […]

Cybersecurity and the implementation of smart working

Cybersecurity and the implementation of smart working

Faced with the unexpected health crisis, institutions and companies around the world are trying to facilitate the implementation of smart working through the dispersion of adequate rules and procedures. The widespread training of people involved in teleworking is urgent if we are to avert the real risk of cyber-attacks, for profit or political destabilization, aimed at public, corporate or personal networks and systems. The introduction of digital devices in the workplace such as smartphones and tablets has undoubtedly increased productivity, while exposing companies to a greater risk of  cyber-attacks. A threat that is all the more tangible and probable the more time employees spend working on these devices, especially remotely. […]

QNodeService stepped up its features while operated in widespread credential-theft campaigns

QNodeService stepped up its features while operated in  widespread credential-theft campaigns

Since mid-year 2020, a new piece of malware emerged in the cyber threat landscape. It seems to be linked to the crimeware matrix due its main purpose and use, which is exfiltration of browsers and email services credentials against a fairly extensive range of potential targets. The group that operates this threat is currently unknown for us (internally tracked as RedMoon) but we know that it likely operates, at least for malware samples involving Italian assets, from a West Asia country and we noted it seems to be very focused on keeping their detection rates as low as possible. A variant of this threat was originally spotted by @malwrhunterteam on […]

Trying not to walk in the dark woods. A way out of the Maze

Trying not to walk in the dark woods. A way out of the Maze

After numerous ransomware attacks since its appearance in May 2019, the popular Maze Team recently claimed the end of its criminal activity through a press release on its Dedicated Leak Site. The Maze Team is responsible for the development and maintenance of Maze Ransomware, one of the most advanced and infamous piece of malware in today’s threat landscape, and has been the first adversary to adopt the Double Extortion technique, which allows attackers to maximize their chance of making profit asking ransom payment both from operation recovering and from avoiding the disclosure of stolen data. Indeed, while for a period of time other threat actors had only threatened to release […]

Enisa report 2020: the pandemic’s effect on cybersecurity

Enisa report 2020: the pandemic’s effect on cybersecurity

Enisa (the European Union Agency for Cybersecurity) has recently published the eighth edition of its Threat Landscape Report (ETL) on cyber threats registered in the period between January 2019 and April 2020, describing the evolution of the current cybersecurity scenario in Europe and emphasizing in particular the serious effects of the Coronavirus pandemic on the sector. Overview of the Enisa 2020 report The new ETL-Enisa Threat Landscape 2020 report was produced with the support of the European Commission and EU Member States. The content of the ETL report is primarily based on literature available from open sources, such as articles, expert opinions, intelligence reports, security incident analysis and research reports, […]

Operation “Space Race”: reaching the stars through professional Social Networks

Operation “Space Race”: reaching the stars through professional Social Networks

At the beginning of May 2020, Telsy analyzed some social-engineering based attacks against individuals operating in the aerospace and avionics sector performed through the popular professional social network LinkedIn. According to our visibility, the targeted organizations are currently operating within the Italian territory and the targeted individuals are subjects of high professional profile in the aerospace research sector. Adversary used a real-looking LinkedIn virtual identity impersonating an HR (Human Resource) recruiter of a satellite imagery company with which it contacted the targets via internal private messages, inviting them to download an attachment containing information about a fake job vacation. Based on code similarities of analyzed pieces of malware, Telsy asserts, […]

Cybersecurity’s weakest link: the human factor

Cybersecurity’s weakest link: the human factor

The latest studies are further confirming a fact that, although already known, is still too often ignored: the human factor is the greatest source of risk for companies’ IT security. In this period, in which the pandemic has dramatically increased the use of smart working, finding a solution to this problem must become a top priority. The main risk for companies In a recent survey, the Proofpoint company and the “Let’s System” community questioned the CISOs (Chief Information Security Officers) of 138 Italian companies, asking what were currently the worst threats for companies: according to 85% of them, the greatest risk is posed by phishing and social engineering attacks targeting […]

Cloud, Edge Computing and the future of cybersecurity

Cloud, Edge Computing and the future of cybersecurity

Cloud Computing is today a fully consolidated and still expanding reality, but the exponential development of IoT and 5G technology is increasingly attracting attention to Edge computing, a new distributed computing model designed to bring data processing to as close as possible to where the latter was produced. The debate on which is the best system to adopt, especially with regards to IT security, is still heated, given that both systems have advantages and disadvantages according to the different applications. The advantages and vulnerabilities of the Cloud Cloud computing undoubtedly has several advantages, since it is a flexible and inexpensive system that has also already been proven by years of […]