Loading...

Threats

What is Cryptojacking and how does it work

Cryptojacking is a growing threat in the world of cyber security. It is a type of malware that uses the computing power of a device, without the user’s consent, to generate cryptocurrency. This often-invisible attack can slow down the system, increase energy consumption, and compromise the lifespan of devices.  This [...]

Threats

Zloader: banking Trojan and emerging threats

This article explores Zloader, a sophisticated banking Trojan that continues to evolve with new techniques to evade defenses. We’ll analyze what Zloader is, its main features, and recent updates that make it a persistent threat in the cyber security landscape.Zloader Trojan, also known as Terdot, DELoader, or Silent Night, is [...]

Threats

Facebook phishing: protect your Meta account

Table of contents  Facebook phishing is a fraudulent technique aimed at stealing personal data, such as usernames, passwords, or other sensitive information.  This type of attack exploits the trust users place in the social network to deceive them. Typically, the attempt manifests through messages or emails that appear to come [...]

Threats

Dridex malware: a persistent threat 

The Dridex malware is an extremely sophisticated and dangerous banking trojan, designed to steal users' financial credentials and compromise the cyber security of both businesses and individuals through phishing attacks.  Dridex was first identified in 2011 and is associated with a group of cybercriminals known as Evil Corp. This group [...]

Threats

Water hole phishing: how it works 

Water hole phishing, also known as watering hole phishing, is a sophisticated cyber attack technique aimed at compromising the security of specific groups of users.   The target of this type of phishing attack is not an individual, but rather a group that frequently visits online sites, used as traps to [...]

Guides Threats

Pop-up phishing: what it is and how to protect yourself 

Pop-up phishing is a technique used by cybercriminals to deceive people online and gain access to personal information and sensitive data. This specific form of phishing uses pop-up windows that suddenly appear on a user’s screen, often imitating legitimate security alerts from trusted companies like tech service providers or banks.  [...]

Threats

SocGholish malware: how it works and how to protect yourself 

In recent years, SocGholish malware has emerged as a significant threat in the cyber security landscape, tricking users and spreading through compromised websites. This type of malware skillfully employs social engineering techniques to convince victims to install a malicious JavaScript payload disguised as a fake browser update. Understanding how SocGholish [...]

Threats

Agent Tesla: the malware that spies and steals sensitive data 

In recent years, Agent Tesla has emerged as one of the preferred tools for cybercriminals to conduct espionage campaigns and data theft.  This malware is known as a Remote Access Trojan (RAT), specialized in gathering sensitive information from infected users.  Originally developed as a malware as a service (MaaS), Agent [...]

Threats

Asnarok: the malware exploiting Sophos vulnerabilities 

The Asnarok malware is a complex malware that exploited vulnerabilities in Sophos XG firewalls, particularly through techniques such as remote code execution and sql injection. This attack had a major impact on companies and organizations, compromising not only the security of corporate networks but also the confidentiality of data. By [...]

Guides Threats

Clone phishing: how to defend against this type of fraud 

Clone phishing is a sophisticated cyberattack that aims to compromise access credentials and other sensitive data of its victims. It is an advanced variant of traditional phishing attacks, where the cybercriminal almost identically replicates a previous phishing email or other legitimate communication, but changes links or attachments to trick the [...]

Threats

Quishing: the dangers of phishing via QR codes 

In recent years, with the rise of mobile devices, a new cyber threat has emerged: quishing. This term refers to a specific type of phishing that uses QR codes to deceive users, encouraging them to scan a fraudulent QR code that redirects them to malicious websites. What is quishing and how [...]

Threats

Polymorphic malware: an evolving threat

Polymorphic malware represents one of the most sophisticated and insidious cyber threats in the field of computer security. This type of malware is particularly dangerous because it is able to modify its code dynamically. This makes it difficult, if not impossible, for traditional anti-malware programmes to detect it. But what [...]

Threats

DNS spoofing: what it is and how to protect yourself 

DNS spoofing, also known as DNS cache poisoning, is a malicious attack in which hackers manipulate the Domain Name System (DNS) to redirect traffic from legitimate websites to malicious ones. This type of attack can result in severe cyber security risks, exposing users to data theft, credential compromise, and other [...]

Threats

Email spoofing: what it is and how to defend yourself

Table of contents Following the last article on spoofing in general, today we will delve into one particular type: email spoofing.  What is email spoofing?  What is email spoofing? It’s a technique used by cybercriminals to send emails that appear legitimate but actually come from forged sources. This spoofing attack [...]

Threats

What is a worm: understanding this type of malware

Worms are a type of malware distinguished by their ability to self-replicate and spread autonomously through networks, without the need to attach themselves to executable files. This characteristic makes them particularly dangerous as they can quickly infect many devices. They spread through e-mail, instant messages, file sharing and compromised websites, [...]

Threats

Whaling: spear phishing of the “big fish”

Whaling, or phishing whaling, is an insidious cyber threat that focuses on specific targets, the ‘big fish’. Unlike traditional phishing, which indiscriminately targets many people, whaling targets high-profile individuals within an organisation, such as executives and CEOs.

Threats

Zero day exploit attacks: what they are and how to mitigate the risk

This article explains the critical nature of zero day exploit attacks and their impact on cyber security. It delves into the concept of "zero day," highlighting how these attacks take advantage of undiscovered vulnerabilities, leaving developers unprepared and without immediate solutions. Zero day exploits are attack techniques that exploit security [...]

Threats

Security threats for startups: what to consider 

In this article we explore that the security of startups is a complex and constantly evolving field that requires a proactive and holistic approach. From implementing advanced technologies to continuous training and regulatory compliance, startups must consider multiple factors to effectively protect themselves from security threats. Innovative startups are the driving [...]

Threats

Spear phishing: recognizing and preventing targeted phishing 

The term "spear phishing" refers to a highly targeted form of phishing where attackers focus on specific individuals or organizations. They use detailed information to make their attacks more credible and personal. While traditional phishing casts a wide net to catch as many victims as possible, spear phishing is like [...]

Threats

Ransomware attacks: how to prevent them and protect businesses 

This article explains why ransomware attacks represent a serious threat to businesses worldwide. The key to protection is prevention through the implementation of robust security measures and continuous employee training. Despite the severe consequences these attacks can have, a rapid and well-planned response can mitigate the damage and help the [...]

To top