Tag Archives: Security Awareness

Smartworking: how to mitigate cyber risks

Smartworking: how to mitigate cyber risks

Smartworking is a  fertile ground for cyber threats and criminals. As steps to counter the coronavirus outbreak take effect, millions of workers across the globe have been sent home with their laptops many times. Cybercrime is a silent actor that attempts to exploit the vulnerabilities of remote working. Indeed, remote workers can potentially present a number of cybersecurity risks to organizations, and cybercriminals are finding more ways to exploit these weaknesses. With remote work, indeed, attack surfaces are be multiplied. As users we should not never let the guard down. A combination of procedures, tips, precautions, and training could mitigate risks to a great extent.   Read more on our […]

VPN: a must-have tool for privacy and security

VPN: a must-have tool for privacy and security

VPN (Virtual Private Network) service gives you online privacy, anonymity, and security by creating a private network from a public internet connection. By using it, businesses can securely connect users and assets to intranet resources VPNs are also an effective shield from all threats coming from connections that do not require a password for access such as public WiFi networks you connect to while standing in line for a coffee or waiting to see your doctor. Eavesdroppers can watch your activity when connected to these insecure networks. Indeed, VPNs mask your IP address so your online actions are virtually untraceable. Moreover, they establish secure and encrypted connections to provide greater […]

SOC: what it is and how it operates

SOC: what it is and how it operates

SOC or Security Operations Center – not to be confused with SoC (“System on a Chip) – is the core component of a serious business security strategy. Simply put, a SOC assures threat detection and prevention in real time and makes sure that the protection of the data of clients and users is always optimal. As professionals, managers, entrepreneurs, and internet users, we are not completely aware that the threat of malicious actors is skyrocketing nowadays. As actual fact, cyberattacks are increasingly damaging organizations. Every year billions of people suffer from cyberattacks and data leaks, too. A SOC may be expensive and many organizations do not go beyond their IT […]

Olicyber: the future of Italian cybersecurity is here!

Olicyber: the future of Italian cybersecurity is here!

Will the curriculum of Italian pupils soon include hacking? There is a chance. Italy is organizing its first CyberOlimpics, Olicyber, organised by CINI and TeamItaly, the Italian white hackers team. The organizing committee means to convey the value and the culture of cybersecurity among younger generations. Hopefully, this initiative will promote the selection and the  training of future and talented cybersecurity professionals. Olicyber: what is it? Disciplines of the Cyber Olympics include Web Security, Cryptography, Sofware Security, and Network Security. These special athletes are the pupils of Italian high-school. An additional merit of OliCyber is that the organizers will select the participants without discrimination, especially ensuring gender equality. Participation is […]

Sunburst: the attack that shook the world

Sunburst: the attack that shook the world

Cyber analysts recently discovered the “Sunburst” attack malware, which triggered a series of cyber-espionage attacks that began in the spring of 2020. The attack involved thousands of public administrations, private organizations and individuals on a global scale. American investigators have been pointing fingers at Russian-sponsored hackers. US authorities have labelled it as the most severe cyberattack against public and private bodies alike in the United States and believe that the origin of the threat are Russia-sponsored hackers. How did the Sunburst attack happen? What happened exactly? Let’s explore which intrusion technique hackers employed in this case. First, hackers implanted a malware in the software update of a platform installed in […]

COVID-19 vaccine: beware of phishing

COVID-19 vaccine: beware of phishing

Have you received a strange e-mail about COVID-19, offering you various solutions to buy an under-the-counter vaccine currently in distribution? Think twice before clicking on any link. In addition to trying to sell fake Covid-19 drugs and vaccines, hackers are using the latest news as bait for their phishing campaigns. Threat intelligence analysts have warned that cybercriminals are taking advantage of developments on the COVID vaccine distribution campaign to give rise to insidious malspam campaigns. The threats What threats are we talking about? These phishing campaigns contain a myriad of malicious files. We have singled out: .EXE with the name “Download_Covid 19 New approved vaccines.23.07.2020.exe” which, once clicked, will install […]

Business data loss: a nightmare for companies

Business data loss: a nightmare for companies

Business data loss can be detrimental for businesses. Organizations – from small to medium-large – depend on technology when it comes to managing business operations and data storage. Unfortunately, technology is a double-edged sword. If digitization helps business management, a hacker attack can cause a loss of crucial data and information. Heavy financial losses and delays in operations are around the corner. We have covered these issues in our blog about the Campari case. A few numbers How real are these risks? It is estimated that 75% of SMBs have no data recovery plans in the event of a hostile event against their IT infrastructure such as ransomware, for example. […]

When a false flag doesn’t work: Exploring the digital-crime underground at campaign preparation stage

When a false flag doesn’t work: Exploring the digital-crime underground at campaign preparation stage

At the beginning of October 2020 we found copy of a malicious document potentially to be attributed to an APT group known with the name of APT34 / OilRig. The attribution, based on several elements found within the malicious document, was firstly reported by a security researcher through a social network. According the extracted evidences, the author “signed” this malicious document leaving his/her username within the document metadata. This nickname was already widely known within the Cyber Threat Intelligence field because attributed to a member of the already mentioned threat group. Indeed this nickname is Iamfarhadzadeh, linked to Mohammad Farhadzadeh, believed to be a member of the hacking unit identified […]

Augmented and Virtual Reality: what are the privacy risks?

Augmented and Virtual Reality: what are the privacy risks?

Last month, Nintendo released a new video game in the popular Super Mario Kart saga. The game is part of a new category of Toys-to-life, a video game genre that uses augmented reality to build a kart circuit directly at home. This, however, could be the start of a new privacy problem. In practice, the video camera of the game captures the reality that surrounds the player, so as to create a parallel world within the console with which it is connected. But how does it work? The miracle is allowed thanks to Augmented Reality (AR), a technology that allows us to add information and virtual objects to what surrounds […]

Cybersecurity’s weakest link: the human factor

Cybersecurity’s weakest link: the human factor

The latest studies are further confirming a fact that, although already known, is still too often ignored: the human factor is the greatest source of risk for companies’ IT security. In this period, in which the pandemic has dramatically increased the use of smart working, finding a solution to this problem must become a top priority. The main risk for companies In a recent survey, the Proofpoint company and the “Let’s System” community questioned the CISOs (Chief Information Security Officers) of 138 Italian companies, asking what were currently the worst threats for companies: according to 85% of them, the greatest risk is posed by phishing and social engineering attacks targeting […]

Utilizzando il sito, accetti l'utilizzo dei cookie da parte nostra. maggiori informazioni

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.

Close