Loading...

News

Cash trapping: the ATM scam

What is cash trapping? Cash trapping is a sophisticated, internationally widespread scam that exploits normal ATM withdrawal processes to steal money from unsuspecting victims. Unlike other banking frauds, such as skimming, cash trapping does not steal sensitive data or PIN codes.  Instead, the trick involves physically blocking the cash during [...]

News

Agent Tesla: the malware that spies and steals sensitive data 

In recent years, Agent Tesla has emerged as one of the preferred tools for cybercriminals to conduct espionage campaigns and data theft.  This malware is known as a Remote Access Trojan (RAT), specialized in gathering sensitive information from infected users.  Originally developed as a malware as a service (MaaS), Agent [...]

News

Asnarok: the malware exploiting Sophos vulnerabilities 

The Asnarok malware is a complex malware that exploited vulnerabilities in Sophos XG firewalls, particularly through techniques such as remote code execution and sql injection. This attack had a major impact on companies and organizations, compromising not only the security of corporate networks but also the confidentiality of data. By [...]

News

Threat intelligence: protection for cyber security 

Threat intelligence is one of the most advanced practices in the field of cyber security. It is an approach based on the collection and analysis of data about actual or potential cyber threats, the goal of which is to identify and prevent attacks against organizations. The increasing complexity of the [...]

News

Pegasus spyware: the dark side of surveillance 

Pegasus spyware is a surveillance tool developed by the israeli company NSO Group.   This highly sophisticated spyware is designed to infiltrate mobile phones without leaving a trace, allowing full remote access to infected devices. Pegasus has been described as one of the most invasive digital surveillance tools ever developed. It [...]

News

Alternate data streams and cyber security

Alternate data streams (ADS) represent an advanced feature of the NTFS file system that allows additional information to be associated with each file without changing its external appearance.  This feature, introduced with the Windows operating system starting with Windows 2000, offers interesting opportunities for storing hidden data, but also opens [...]

News

Mark of the Web: protection or risk?

The Mark of the Web (MOTW) is a security label automatically applied by the Windows operating system to files downloaded from the internet.   This feature was introduced to alert users of potentially malicious files that might contain malicious payloads or other security risks. The MOTW appears for most files [...]

News

Script kiddies: who they are and why they are dangerous 

Script kiddies are a category of inexperienced hackers who use pre-made tools and scripts to carry out cyber attacks without possessing real technical skills.  Also known as script kiddy or novice hackers, they venture into the world of hacking by using software that is easily available on the internet or [...]

News

Cyber threat actors: how to identify and prevent them

In the world of cyber security, threat actors represent one of the main threats to organizations and individuals.  But what is a threat actor, or rather who are threat actors?  They are individuals or groups that exploit vulnerabilities and weaknesses in digital systems for often malicious purposes.   Their main [...]

News

The Use-After-Free (UAF) bug: vulnerabilities and risks 

The security bug known as Use-After-Free is one of the most severe vulnerabilities in modern programming environments, compromising memory management and opening doors to dangerous arbitrary code execution exploits.  This type of vulnerability arises when a program continues to use a block of memory that has already been freed, or [...]

News

Jailbreak and cyber security risks

Jailbreak is a common practice among those who want greater control over their Apple or Android devices, bypassing the restrictions imposed by operating systems.  With jailbreak, the user gains access to the “root” of the system, allowing the installation of apps and customizations otherwise unavailable through official stores like the [...]

News

Man-in-the-mail scam: how to protect yourself 

News pages frequently mention cases of hackers intercepting emails and altering attachments, such as invoices, by modifying the IBAN details.  This is just one example of a common phenomenon known as "man-in-the-mail" fraud. The man-in-the-mail scam is a fraudulent scheme that exploits email communications to infiltrate business transactions, alter payment [...]

News

Sharenting: risks, psychology, and digital awareness

The term sharenting originates from the combination of the words "share" and "parenting". This phenomenon refers to the tendency of many parents to share online content, such as photos and videos, about their children on social media. The phenomenon of sharenting has gained prominence with the rise of social media, [...]

News

Protecting children on social media 

In recent years, social media has amassed millions of pieces of content related to daily life, including private snapshots of families and children. It's not uncommon to hear news stories warning about the dangers of sharing children's photos online: parents find their children's images stolen, misused for inappropriate purposes, or, in [...]

News

Quishing: the dangers of phishing via QR codes 

In recent years, with the rise of mobile devices, a new cyber threat has emerged: quishing. This term refers to a specific type of phishing that uses QR codes to deceive users, encouraging them to scan a fraudulent QR code that redirects them to malicious websites. What is quishing and how [...]

News

Non-repudiation of data: A key aspect of cyber security

In the realm of cyber security, one of the fundamental aspects of protecting information is the concept of non-repudiation of data. This often-overlooked concept plays a crucial role in ensuring that none of the parties involved in an electronic transaction can deny having carried it out. But what exactly is [...]

News

The dangers of social network poisoning

Social networks have become a fundamental part of our daily lives. However, the growing use of social networks has also led to the emergence of new cyber security threats, one of which is social network poisoning. But what exactly is social network poisoning, and why does it pose such a [...]

News

History of the phreakers: phone phreaking and hacking

In the vast world of cyber security, there is a figure that left an indelible mark: the phreaker. But who are the phreakers, and why have they played such a significant role in the history of telecommunications? The term "phreaker" comes from the combination of “phone” and “hacker,” and is [...]

News

Network topology and cyber security 

The topology of a network is nothing more than the physical and logical arrangement of the nodes and links that form a network. It defines the structure of the connections between the various devices in a computer network, such as computers, servers and other nodes. This structure can be organised [...]

News

Polymorphic malware: an evolving threat

Polymorphic malware represents one of the most sophisticated and insidious cyber threats in the field of computer security. This type of malware is particularly dangerous because it is able to modify its code dynamically. This makes it difficult, if not impossible, for traditional anti-malware programmes to detect it. But what [...]

News

IT security protection: what it is and how to defend data 

IT security, practically synonymous with cyber security, has become a crucial element for the protection of personal and corporate data.  In simple terms, it refers to the set of measures and practices designed to safeguard computer systems and sensitive information from unauthorized access, damage, or attacks by cyber criminals.  With the rise [...]

News

Eavesdropping: what it is and what it does 

The term "eavesdropping" may not be widely known, but it plays a crucial role in the realm of cyber security.  But what is eavesdropping? In short, it is a cyber attack where a malicious actor intercepts communications between two or more parties, often without them noticing. Eavesdropping (a translation of [...]

News

GPS spoofing: what it is and how to protect yourself 

GPS spoofing is a growing threat in the world of computer security, capable of causing serious problems for both individuals and organizations. But what is GPS spoofing and how can we protect ourselves from it? It is the practice of sending false GPS signals (GPS spoofing) to a GPS receiver, [...]

News

Stakeholder attack on a network: what it is and how to defend yourself against it 

A new type of attack is emerging among cyber threats: the stakeholder attack on a network. n stakeholder attack occurs when one of the stakeholders voluntarily or involuntarily facilitates an intrusion into an organization's computer systems. Unlike traditional cyber attacks, which often come from cyber criminals outside the company, in [...]

To top