Loading...

Guides

Digital Services Act: rules and challenges 

The Digital Services Act (DSA) is a milestone in the regulation of the European digital market. Approved on July 5, 2022, by the European Parliament, it came into force in 2023 and, together with the Digital Markets Act (DMA), forms the Digital Services Package. This regulatory framework aims to create [...]

Guides

AI Act: high-risk systems

The Artificial Intelligence Act (AI Act) is a landmark regulation for high-risk artificial intelligence within the European Union. Enacted by the European Parliament, the regulation sets strict criteria for identifying and managing high-risk AI systems that may impact health, safety, and fundamental rights.  What are high-risk AI systems?  High-risk artificial [...]

News

OT Security: protecting the connected industry 

In the era of Industry 4.0, the interconnection between IT systems and operational technologies (OT) has revolutionized industrial processes, enhancing efficiency and productivity. However, this evolution has also introduced new vulnerabilities, making OT security a strategic priority for businesses.  Operational Technology security, often abbreviated as OT security, refers to measures [...]

News

Prohibited AI practices under the AI Act 

The EU Regulation 2024/1689 (AI Act), adopted on July 12, 2024, represents a crucial step in regulating artificial intelligence systems within the European Union. This regulatory framework, also known as the AI Act, establishes ethical and operational boundaries to ensure safety, respect for fundamental rights, and protection against the misuse [...]

News

EU-CyCLONe: the European cyber security network 

EU-CyCLONe, an acronym for European Cyber Crisis Liaison Organisation Network, is an essential tool for managing cyber security crises at the European level.  The network, formalized with the entry into force of the NIS2 Directive, was created to strengthen collaboration among member states in handling large-scale cyber incidents and attacks.  [...]

News

GenAI4EU: innovative AI for a safer Europe 

Artificial intelligence (AI) has become a strategic pillar for global digital transformation, but in Europe, it is taking on an even deeper significance thanks to the GenAI4EU initiative.  Promoted by the European Commission, this initiative aims to consolidate excellence in AI innovation and ensure that the development and use of [...]

Guides

How to protect yourself from SSL stripping attacks 

SSL stripping, also known as SSL channel strip, is a cyberattack technique where a hacker downgrades a secure HTTPS connection to a less secure HTTP connection.  This type of attack, often associated with a man-in-the-middle scenario, allows attackers to intercept data transmitted between the user's browser and the server, exposing [...]

News

Digital euro: cyber security risks? 

The digital euro is a new frontier in the world of digital payments, designed as an electronic version of cash. According to the official website of the European Central Bank, the digital euro is a modern and free alternative to traditional payment systems.  In this article, we will explore what [...]

News

Salt Typhoon: the new cyber nightmare

Salt Typhoon is a name gaining notoriety in the world of cyber security, associated with a series of advanced and persistent cyberattacks targeting critical infrastructures, businesses, and government agencies in the United States and beyond. This Chinese hacking group, believed to be state-sponsored, has drawn the attention of experts, companies, and authorities such as [...]

News

Artificial intelligence in cyber security 

In recent years, artificial intelligence (AI) has become a fundamental tool for cyber security, serving both to enhance defense strategies and to create new methods of cyber attack.  The constant growth of cyber threats, along with increasingly targeted and complex attacks, has made an advanced technological approach essential for protecting [...]

Guides

Cryptocurrency hacking attack: how to protect yourself 

The cryptocurrency world is expanding rapidly, attracting more investors with the promise of high profits and secure transactions.  However, as these digital assets have become more widespread, so has the attention of hackers, who see digital currencies as an opportunity for illicit gains. A cryptocurrency hack can cause significant financial [...]

Guides

Gmail account hacked: here’s what to do 

If your Gmail account has been hacked, it means one or more malicious actors have gained unauthorized access to your email address.  Hacking Gmail accounts is a daily activity attempted by hacker groups worldwide.  This situation represents a serious risk to your online security, as your personal data and information [...]

Guides

Instagram account blocked for phishing: how to resolve it 

An Instagram account blocked for phishing is an increasingly common problem in the age of social networking. The block occurs when the system detects suspicious activity that could indicate a phishing attack. Phishing on Instagram often begins with a convincing message, apparently sent by the official team, inviting users to [...]

Guides

Facebook phishing: protect your Meta account

Table of contents  Facebook phishing is a fraudulent technique aimed at stealing personal data, such as usernames, passwords, or other sensitive information.  This type of attack exploits the trust users place in the social network to deceive them. Typically, the attempt manifests through messages or emails that appear to come [...]

News

Lumma Stealer: an emerging threat in cyber crime 

In recent years, the landscape of cyber threats has expanded with new technologies used by threat actors to exploit vulnerabilities in cyber security systems.  One of the most dangerous tools to emerge is the Lumma Stealer, a malware-as-a-service that stands out for its ability to steal sensitive data and evade [...]

News

Dridex malware: a persistent threat 

The Dridex malware is an extremely sophisticated and dangerous banking trojan, designed to steal users' financial credentials and compromise the cyber security of both businesses and individuals through phishing attacks.  Dridex was first identified in 2011 and is associated with a group of cybercriminals known as Evil Corp. This group [...]

News

Androxgh0st: a silent threat to Laravel applications 

In the increasingly complex landscape of cyber security, the Androxgh0st malware stands out as one of the most dangerous threats to web applications.  This sophisticated tool is designed to exploit platform vulnerabilities, specifically targeting the Laravel framework, used by millions of developers to create scalable and secure Laravel applications.  The [...]

Guides

Smart working and cyber security: risks and solutions

In recent years, remote work has become an integral part of many companies' work strategies, transforming the way employees perform their daily tasks.  This new way of working, known as smart working, offers greater flexibility but also introduces new challenges in the field of cyber security.  With the rise of [...]

Governance

NIS 2 Directive and the National Cyber Security Strategy

The 2022-2026 National Cyber security Strategy is a cornerstone for Italy's cyber resilience and digital protection. The objectives of the national cyber security strategy include: :  Ensuring a high level of security for critical infrastructures, protecting strategic sectors such as energy, transportation, and healthcare.  Strengthening the resilience of public administrations [...]

Governance

ACN: National Competent Authority for NIS 2 in Italy 

The growing complexity of networks and IT systems requires a coordinated approach to network security at both national and international levels.  With the introduction of the EU Directive 2022/2555, also known as NIS 2, European Union member states are tasked with ensuring a high common level of protection for critical [...]

Governance

The Cyber Security Core: what it is and what it does 

As often highlighted on this blog, cyber security is a strategic priority for the security of the Republic.  At the center of this protective network lies the Cyber Security Core, established within the National Cyber Security Agency (ACN).  It plays a fundamental role in the cyber security area by ensuring [...]

Governance

CSIRT: the heart of cyber security 

CSIRT, an acronym for Computer Security Incident Response Team, is a critical entity in managing cyber security incidents and protecting against cyber threats. It is a specialized unit that intervenes in the event of cyber incidents, providing technical support, coordinating responses, and promoting information sharing among stakeholders.  In Italy, CSIRT [...]

Governance

A new EU cyber security package is coming 

On December 2, 2024, the European Council announced a new cyber security package adopted by the Council of the European Union, marking a crucial step toward a safer and more resilient Europe against cyber threats.  This initiative, comprising the Cyber Solidarity Act and a targeted amendment to the Cyber Security [...]

Governance

NIS Cooperation Group: what it is and how it works 

The NIS Cooperation Group, established under Article 14 of Directive (EU) 2022/2555, serves as a strategic tool to promote network and system security across the European Union.  Formed with the aim of facilitating strategic cooperation and information exchange among Member States, the group seeks to strengthen trust and promote the [...]

To top