Guides
9 Ottobre 2024
Google's history documents all searches made and websites visited, offering a convenient way to access past information. However, this tool can pose a risk to users' privacy and security. It is therefore essential to regularly manage, view and delete Google history to safeguard one's personal data.
Certified Electronic Mail (PEC) is an essential service for public bodies and companies, providing secure communications with legal value comparable to registered mail. It uses the TLS 1.2 protocol to protect data transfer and employs digital signatures to ensure that contents have not been altered, thus increasing the integrity and [...]
8 Ottobre 2024
Rootkit drivers are an advanced form of malware that installs itself at the kernel level of the operating system, making them particularly dangerous and difficult to detect. These rootkits gain administrator privileges and deeply integrate into the system, modifying drivers to mask their presence and allow other malware to operate [...]
Side channel attacks are an emerging threat in the field of computer security that exploit the physical behaviour of hardware during cryptographic operations. These attacks look at aspects such as power consumption, execution time and electromagnetic emissions of the device, allowing attackers to obtain sensitive information such as cryptographic keys. [...]
7 Ottobre 2024
In the IT security landscape, memory scraping represents one of the most insidious threats. This type of attack targets the volatile memory of computer systems, with a particular focus on POS (Point of Sale) systems. Let's take a look at how memory scraping works, what risks it entails, and how [...]
Direct Memory Access (DMA) attacks pose a serious threat to computer security by exploiting the ability of hardware devices to directly access a system's memory, bypassing the central processor and thus also software security controls. This article discusses the nature of DMA attacks, illustrates how they work, and suggests security [...]
News
4 Ottobre 2024
The cold boot attack is a cyber attack that allows sensitive data to be extracted from the RAM memory of a computer by exploiting the fact that the data can persist for a short time after the system has been shut down. The attacker, who must have physical access to [...]
Rowhammer attacks pose a threat to the security of DRAM memories, which are commonly used in computing devices. This attack technique exploits an inherent vulnerability in DRAM, where repeated accesses to certain rows of memory cells can induce bit flip errors in adjacent rows. This effect is due to the [...]
3 Ottobre 2024
Bluebugging is a type of cyber attack that takes advantage of weaknesses in Bluetooth connections to gain unauthorized access to mobile devices. This attack allows hackers to take control of devices, access confidential data and send messages or make calls without the owner's permission. The attack takes place through insecure [...]
Cyber security is crucial in our daily lives to protect information systems and personal and corporate data. This discipline is based on five fundamental aspects of ICT, which are the cornerstone of cyber security policies and information protection practices.
2 Ottobre 2024
Bluesnarfing is a little-known but serious cyber security threat consisting of unauthorized access to a device's data via Bluetooth. This attack can occur without the user being aware of it, exploiting vulnerabilities in the Bluetooth protocol to steal sensitive information such as contacts, emails, messages and stored files.
Bluejacking is an attack that uses Bluetooth technology to send unsolicited messages to nearby devices, such as smartphones and tablets. Although it is not seriously harmful, it can be annoying and compromise privacy. Derived from the combination of ‘Bluetooth’ and ‘hijacking’, bluejacking allows messages to be sent to devices without [...]
1 Ottobre 2024
The importance of Android smartphone security has grown significantly due to the increase in cyber threats. It is essential to adopt protection strategies to safeguard Android devices and personal data. In this article, we will examine various methods of securing Android phones and offer useful tips for keeping your device [...]
Bluetooth is a widely used wireless technology for connecting short-range devices. Since its introduction, it has transformed the way we exchange data between devices such as smartphones, tablets, computers, and accessories like headphones and keyboards. However, like any technology, it presents potential cyber security risks that must be understood and [...]
30 Settembre 2024
Computer ports are essential for communication between the PC and other devices or networks. There are two main types of ports: physical and virtual. Physical ports, such as USB and serial, allow the connection of peripheral devices such as mice, keyboards and printers. Virtual ports, managed via TCP/IP protocols, regulate [...]
A disaster recovery plan (DRP) is a strategic document that details how an organization will respond to events that disrupt its business operations. These events can range from natural disasters to technological failures and cybersecurity attacks. The DRP is an integral part of disaster recovery & business continuity planning as [...]
27 Settembre 2024
Business Email Compromise (BEC) is an advanced form of fraud that affects companies of various sizes, causing significant economic losses globally. This fraud involves the compromise of corporate email accounts, typically through phishing or spear phishing techniques, with the aim of inducing employees to make money transfers or disclose confidential [...]
Information security is a top priority for keeping digital data safe. Computer systems are constantly threatened by attacks that can compromise sensitive data. The CIA Triad (Confidentiality, Integrity, and Availability) represents the three fundamental pillars to ensure information security. Understanding and implementing the CIA Triad in cybersecurity is important for: [...]
26 Settembre 2024
Cyber warfare, or cyber war, is the use of information technology to attack another state's critical infrastructure, causing significant damage and compromising national security. These attacks can range from viruses to complex DDoS attacks. The term “cyber cold war” derives from the 20th century Cold War, describing a modern digital [...]
Data security is crucial when disposing of a hard disk drive, whether it is part of a personal, corporate or public entity system. Final data destruction and proper disposal of these devices are essential to prevent unauthorised retrieval of sensitive information and to minimise environmental impact. This article discusses best [...]
25 Settembre 2024
The increasing connectivity and intelligence of modern vehicles have introduced new risks of cyber attacks in the automotive sector, making cybersecurity a key aspect of vehicle and occupant safety. UN Regulations 155 and 156, together with the ISO 21434 standard, set crucial standards for automotive cybersecurity. Attacks, such as the [...]
The security of video cards is a fundamental but often underestimated aspect of computer security. These hardware components, essential for displaying images and video on the computer, can become vulnerable if not properly protected. Keeping drivers up-to-date and following security best practices are crucial steps to protect your system. Graphics [...]
24 Settembre 2024
Updating software is crucial for the security and efficiency of computers and mobile devices. This article will explore topics such as how often to look for software updates, where to download them, how to perform them, and the definition of software itself. Updates are important for fixing bugs and security [...]
Vishing, short for ‘voice phishing’, is a form of scam that uses telephone calls to obtain personal and sensitive information from victims. Fraudsters often pose as representatives of banks or other reputable institutions, using ‘spoofing’ techniques to make their numbers appear legitimate. During calls, they convince victims to reveal data [...]