News
4 Ottobre 2024
The cold boot attack is a cyber attack that allows sensitive data to be extracted from the RAM memory of a computer by exploiting the fact that the data can persist for a short time after the system has been shut down. The attacker, who must have physical access to [...]
Guides
Rowhammer attacks pose a threat to the security of DRAM memories, which are commonly used in computing devices. This attack technique exploits an inherent vulnerability in DRAM, where repeated accesses to certain rows of memory cells can induce bit flip errors in adjacent rows. This effect is due to the [...]
3 Ottobre 2024
Bluebugging is a type of cyber attack that takes advantage of weaknesses in Bluetooth connections to gain unauthorized access to mobile devices. This attack allows hackers to take control of devices, access confidential data and send messages or make calls without the owner's permission. The attack takes place through insecure [...]
Cyber security is crucial in our daily lives to protect information systems and personal and corporate data. This discipline is based on five fundamental aspects of ICT, which are the cornerstone of cyber security policies and information protection practices.
2 Ottobre 2024
Bluesnarfing is a little-known but serious cyber security threat consisting of unauthorized access to a device's data via Bluetooth. This attack can occur without the user being aware of it, exploiting vulnerabilities in the Bluetooth protocol to steal sensitive information such as contacts, emails, messages and stored files.
Bluejacking is an attack that uses Bluetooth technology to send unsolicited messages to nearby devices, such as smartphones and tablets. Although it is not seriously harmful, it can be annoying and compromise privacy. Derived from the combination of ‘Bluetooth’ and ‘hijacking’, bluejacking allows messages to be sent to devices without [...]
1 Ottobre 2024
The importance of Android smartphone security has grown significantly due to the increase in cyber threats. It is essential to adopt protection strategies to safeguard Android devices and personal data. In this article, we will examine various methods of securing Android phones and offer useful tips for keeping your device [...]
Bluetooth is a widely used wireless technology for connecting short-range devices. Since its introduction, it has transformed the way we exchange data between devices such as smartphones, tablets, computers, and accessories like headphones and keyboards. However, like any technology, it presents potential cyber security risks that must be understood and [...]
30 Settembre 2024
A disaster recovery plan (DRP) is a strategic document that details how an organization will respond to events that disrupt its business operations. These events can range from natural disasters to technological failures and cybersecurity attacks. The DRP is an integral part of disaster recovery & business continuity planning as [...]
Computer ports are essential for communication between the PC and other devices or networks. There are two main types of ports: physical and virtual. Physical ports, such as USB and serial, allow the connection of peripheral devices such as mice, keyboards and printers. Virtual ports, managed via TCP/IP protocols, regulate [...]
27 Settembre 2024
Information security is a top priority for keeping digital data safe. Computer systems are constantly threatened by attacks that can compromise sensitive data. The CIA Triad (Confidentiality, Integrity, and Availability) represents the three fundamental pillars to ensure information security. Understanding and implementing the CIA Triad in cybersecurity is important for: [...]
Business Email Compromise (BEC) is an advanced form of fraud that affects companies of various sizes, causing significant economic losses globally. This fraud involves the compromise of corporate email accounts, typically through phishing or spear phishing techniques, with the aim of inducing employees to make money transfers or disclose confidential [...]
26 Settembre 2024
Cyber warfare, or cyber war, is the use of information technology to attack another state's critical infrastructure, causing significant damage and compromising national security. These attacks can range from viruses to complex DDoS attacks. The term “cyber cold war” derives from the 20th century Cold War, describing a modern digital [...]
Data security is crucial when disposing of a hard disk drive, whether it is part of a personal, corporate or public entity system. Final data destruction and proper disposal of these devices are essential to prevent unauthorised retrieval of sensitive information and to minimise environmental impact. This article discusses best [...]
25 Settembre 2024
The increasing connectivity and intelligence of modern vehicles have introduced new risks of cyber attacks in the automotive sector, making cybersecurity a key aspect of vehicle and occupant safety. UN Regulations 155 and 156, together with the ISO 21434 standard, set crucial standards for automotive cybersecurity. Attacks, such as the [...]
The security of video cards is a fundamental but often underestimated aspect of computer security. These hardware components, essential for displaying images and video on the computer, can become vulnerable if not properly protected. Keeping drivers up-to-date and following security best practices are crucial steps to protect your system. Graphics [...]
24 Settembre 2024
Updating software is crucial for the security and efficiency of computers and mobile devices. This article will explore topics such as how often to look for software updates, where to download them, how to perform them, and the definition of software itself. Updates are important for fixing bugs and security [...]
Vishing, short for ‘voice phishing’, is a form of scam that uses telephone calls to obtain personal and sensitive information from victims. Fraudsters often pose as representatives of banks or other reputable institutions, using ‘spoofing’ techniques to make their numbers appear legitimate. During calls, they convince victims to reveal data [...]
23 Settembre 2024
The secure software development life cycle (SDLC) is a fundamental process that ensures the creation of a high-quality, secure, and reliable software product. This cycle includes a series of well-defined phases, each playing a crucial role in ensuring that the software is developed according to high standards and effectively meets [...]
In recent years, the term "smishing" has gained increasing relevance in the world of cybercrime. But what is smishing? The word is a combination of "SMS" and "phishing" and represents a form of phishing that uses text messages (short message service or SMS) to deceive users and obtain sensitive information. [...]
20 Settembre 2024
Cross site request forgery (CSRF) is an attack that exploits the sessions of authenticated users to send fraudulent HTTP requests without their consent. Using techniques such as hidden forms on malicious sites, attackers can, for example, induce users to transfer money unintentionally. In this paper, strategies to prevent CSRF attacks [...]
Cross-site scripting (XSS) is a cybersecurity vulnerability that allows attackers to insert malicious scripts into web pages, exposing users to risks such as stealing session cookies, manipulating web content, and controlling accounts. These attacks can severely compromise the security of corporate websites, expose sensitive data, and damage a company's reputation. [...]
19 Settembre 2024
Cache is a temporary memory used by operating systems and browsers to store data and files from visited web pages, such as images and scripts. This mechanism is used to reduce loading times during subsequent visits, improving browsing efficiency. When a user visits a page for the first time, the [...]