New threats, new solutions: fighting insecurity with Machine Learning

New threats, new solutions: fighting insecurity with Machine Learning

The landscape of possible cyberthreats is rapidly changing, exploiting vulnerabilities in new technologies, systematically jeopardizing wide and multifaceted systems, and threatening the security of an ever increasing amount of information. The question follows naturally: how can we secure our infrastructures, systems, and information in this new landscape? Many solutions are already available. Outstanding research programs are already developing and implementing techniques to secure both new technologies, such as new Radio Access Networks and Software Defined Networks, and devices, such as lightweight technologies for IoT devices. But will this be enough? Probably not. Cyberattacks will evolve together with our technologies and not only the techniques, but just even the number of […]

Foreseeing what is next: the rise of 5G technologies

Foreseeing what is next: the rise of 5G technologies

At the end of the 17th century, the French artist Jean-Marc Côté was commissioned some illustrations about en l’an 2000. Already back then, life in the 2000 was pictured as highly automatized: an automatic barber would take care of your skin and a barely self-standing robot would do the housework. But many intuitions that our ancestors would have thought of as barely possible are now features of our pasts. The technological innovation that took place over this past century reaches far beyond these forecasts. Cars will drive themselves and take you wherever you wish. Probably, they will also be able to connect with the lights in your house, or to […]

The Lazarus’ gaze to the world: What is behind the second stone ?

The Lazarus’ gaze to the world: What is behind the second stone ?

// Introduction In a recent blog post (link here) we analysed the first part of an operation likely conducted by APT38/Lazarus, which targeted various organizations, including financial and banking ones. We already described the initial phase of the kill chain where we get to describe the fact that the actor implemented in the operation two different first-stage payloads to be released to the victims on the basis of their system architecture. These payloads are used in order to carry out a first recognition phase. Beyond this, we have already described a first-level backend script used by the threat actor inside a compromised website to manage victims and to release an […]

Telsy has been involved in the organization of the event ‘’ DE CIFRIS AUGUSTAE TAURINORUM’’, that outlines an overview on cryptanalysis of ARX ciphers.

Telsy has been involved in the organization of the event ‘’ DE CIFRIS AUGUSTAE TAURINORUM’’,  that outlines an overview on cryptanalysis of ARX ciphers.

The event will take place on 22 on November, at Turin University (Aula 2), in ‘’Via Carlo Alberto 10’’ Following, a short abstract: ‘’ We present some features of block ciphers based on the three operations: addition mod 2n, rotation and XOR (ARX ciphers) and themain cryptanalytic attacks obtained by developing the methods underlying differential cryptanalysis. We focus on the recent tecnique of rotational-XOR differential cryptanalysis giving some ideas of this attack and its application to SPECK 32/64.’’

Make the Internet a Secure++ Word – The Internet Service Provider Role

Make the Internet a Secure++ Word – The Internet Service Provider Role

“The current world of telematic communications appears as fast-changing environment. The actors of this ecosystems are represented by billions of nodes that, every day, globally transmit a huge amount of data and information. With a factor directly proportional to the increase in these nodes and to the quantity and type of information in transit within it, the number and type of information that the community has learned to classify as “cyber threat” have also grown exponentially, by species and by potential risk factor.” This paper, written by security researcher Emanuele De Lucia, head of Cyber Security & Threat Intelligence Division of Telsy, highlights the state-of-the-art of current cyber threats and […]

The Lazarus’ gaze to the world: What is behind the first stone ?

The Lazarus’ gaze to the world: What is behind the first stone ?

// Introduction Lazarus (aka APT38 / Hidden Cobra / Stardust Chollima) is one of the more prolific threat actors in the APT panorama. Since 2009, the group leveraged its capability in order to target and compromise a wide range of targets; Over the time, the main victims have been government and defense institutions, organizations operating in the energy and petrochemical sector in addition to those operating in financial and banking one. The group has also a wide range of tools at its disposal; among these, it’s possible to catalog [D] DoS botnets, first stage implanters, remote access tools (RATs), keyloggers and wipers. This list of malicious tools has over time […]

The deadly link between zero-day exploit and DDOS botnet attacks

The deadly link between zero-day exploit and DDOS botnet attacks

The growing demand for connectivity and faster data transfer, along with new technology trends such as the Internet of Things (IoT) and the Artificial Intelligence (AI), combined withthe progressive implementation of the 5G network, are going to irreversibly reshape the pre-existing structure of cybersecurity at a global level. It is true that 5G network will bring new services, new capabilities, new technologies and new regulatory requirements, but it will also bring new security threats and an increased attack surface. With IoT inception many and different actors and devices with different security standards will become involved in the transition, requiring superior attack resilience and a faster response time to counter the […]

Our Embedded Engineer Andrea Molino was one of the speakers at the National Cryptography Association ”De componentis cifris ”

Our Embedded Engineer Andrea Molino was one of the speakers at the National Cryptography Association  ”De componentis cifris ”

On 14 October 2019, a member of our team, Eng. Andrea Molino, gave a speech at the event ”La De Cifris incontra Torino” , organized by De Componendis Cifris and held at Politecnico in Turin. The event was focused on successful advancements in cryptography research and applications. The initiative involved several experts from academic institutions and business operating in the cryptography sector. The main goal was fostering cooperation between those who work in the Italian crypto domain. The contribution given by Andrea dealt with implementation aspects of cryptography. He underlined: “security architecture and schemes cannot ignore hardware systems in which they are going to be implemented”. Andrea’s attendance to the […]

Hacking the Artificial Intelligence

Hacking the Artificial Intelligence

The enemies of the future will not necessarily need bombs, missiles or atomic weapons to instil terror in civilian populations. They will need only some tape, scissors and good practical skills and they can magically transform a stop sign into a green light in the eyes of a self-driving car, causing crashes and disorder. Using an Artificial Intelligence attack (AI attack) adversaries can manipulate AI systems in order to alter their behaviour to serve a malicious end goal. The real effect of these attacks grows as artificial intelligence and IoT systems are further integrated into critical components of society (e.g. smart grid, transportation, healthcare, military etc.). In fact, the AI […]

Cybersecurity & Cyberattacks, a Hand In Hand Development Through The Years

Cybersecurity & Cyberattacks, a Hand In Hand Development Through The Years

The birth of the internet and the digital era brought to the light the theme of “cybersecurity”, that over the past years gained more and more importance. Security, indeed, has always been a challenge for IT people and corporate organizations alike since the launching of the first internet network, ARPAnet. During the seventies, the first viruses appeared in this web, that was developed for military purposes and that later on  became a universal  tool. Robert Thomas was the engineer who developed the first malware called “creeper”. He realized that it was possible to move across networks through a computer program and leave a mark. Taking inspiration from Thomas’ malware, Ray […]