Guides

13 December 2024

Cyber security in the supply chain represents a critical challenge for modern businesses, which are increasingly interconnected and dependent on a vast network of suppliers and technology partners.  Supply chain cyber security is a priority not only for large organizations but also for small and medium enterprises, as supply chain [...]

Guides

12 December 2024

Pop-up phishing is a technique used by cybercriminals to deceive people online and gain access to personal information and sensitive data. This specific form of phishing uses pop-up windows that suddenly appear on a user’s screen, often imitating legitimate security alerts from trusted companies like tech service providers or banks.  [...]

Guides

11 December 2024

SEO poisoning is a manipulation technique of search engines aimed at positioning malicious websites high in search engine results. This practice exploits search engine optimization (SEO) techniques not to promote legitimate content but to drive users to harmful sites that could compromise their security.  The most common goal of SEO [...]

Guides

10 December 2024

Search engine phishing is a phishing technique that exploits search engines to lure people into visiting malicious websites, passing them off as reliable sources or legitimate sites.  This deceptive method has become increasingly sophisticated over time and represents a growing threat to online users.  Unlike traditional phishing scams, which typically [...]

News

9 December 2024

What is cash trapping? Cash trapping is a sophisticated, internationally widespread scam that exploits normal ATM withdrawal processes to steal money from unsuspecting victims. Unlike other banking frauds, such as skimming, cash trapping does not steal sensitive data or PIN codes.  Instead, the trick involves physically blocking the cash during [...]

Guides

6 December 2024

The phenomenon of phishing has seen a steady increase, and certified email (PEC) has also become a target for scammers.  PEC, which ensures the authenticity and traceability of communications, is now widely used by businesses, professionals, and citizens, especially in Italy, where it is also utilized for interactions with public [...]

Guides

5 December 2024

In recent years, SocGholish malware has emerged as a significant threat in the cyber security landscape, tricking users and spreading through compromised websites. This type of malware skillfully employs social engineering techniques to convince victims to install a malicious JavaScript payload disguised as a fake browser update. Understanding how SocGholish [...]

News

4 December 2024

In recent years, Agent Tesla has emerged as one of the preferred tools for cybercriminals to conduct espionage campaigns and data theft.  This malware is known as a Remote Access Trojan (RAT), specialized in gathering sensitive information from infected users.  Originally developed as a malware as a service (MaaS), Agent [...]

News

3 December 2024

The Asnarok malware is a complex malware that exploited vulnerabilities in Sophos XG firewalls, particularly through techniques such as remote code execution and sql injection. This attack had a major impact on companies and organizations, compromising not only the security of corporate networks but also the confidentiality of data. By [...]

News

2 December 2024

Threat intelligence is one of the most advanced practices in the field of cyber security. It is an approach based on the collection and analysis of data about actual or potential cyber threats, the goal of which is to identify and prevent attacks against organizations. The increasing complexity of the [...]

Guides

29 November 2024

Password spraying is a widely used attack technique in cyber security that is often underestimated compared to other strategies such as brute force attack. This attack aims to compromise a large number of user accounts by using more common password combinations across a large group of accounts. Unlike the traditional [...]

Guides

28 November 2024

Deepfakes are becoming increasingly sophisticated and pose a significant threat in cyber security. But what is deepfake and what dangers can it generate in cyber security? The term deepfake refers to media content modified through machine learning, which can drastically transform or alter facial expressions, voices, and movements of people [...]