Guides

11 November 2024

In recent years, cyber security has become a central issue, particularly due to the rise in sophisticated phishing attacks. Recently, there have been numerous reports of attacks on popular platforms where hackers successfully extract users' sensitive data without them immediately realizing it.  Among these threats, tabnabbing has emerged—a sneaky form of [...]

Guides

8 November 2024

Dossiering and information security: how to protect and prevent illegal activities.  Recently, Italy has witnessed numerous cases of dossiering involving prominent figures, including politicians and VIPs. One of the most notable cases, the Perugia investigation into dossiering, has attracted the attention of the national anti-mafia directorate and the Milan prosecutor's office. [...]

Guides

7 November 2024

Clone phishing is a sophisticated cyberattack that aims to compromise access credentials and other sensitive data of its victims. It is an advanced variant of traditional phishing attacks, where the cybercriminal almost identically replicates a previous phishing email or other legitimate communication, but changes links or attachments to trick the [...]

Guides

6 November 2024

The NIS2 Directive is part of the European Union's strategy to protect its digital infrastructure and enhance cyber security. Published as an evolution of the first NIS Directive from 2016, NIS2 sets even more ambitious goals and came into effect on January 17, 2023. In Italy, NIS2 took effect on October [...]

Guides

5 November 2024

Money muling is becoming increasingly common in cyber fraud and money laundering. But what exactly is money muling? Money muling refers to an illegal activity where a person, called a "money mule," agrees to transfer or deposit funds on behalf of others, often unaware they’re participating in criminal activity. In practice, [...]

News

4 November 2024

In recent years, with the rise of mobile devices, a new cyber threat has emerged: quishing. This term refers to a specific type of phishing that uses QR codes to deceive users, encouraging them to scan a fraudulent QR code that redirects them to malicious websites. What is quishing and how [...]

Guides

31 October 2024

Table of contents The SPID (Public System for Digital Identity) is a digital authentication system that allows Italian citizens to securely and quickly access online services offered by public administrations and participating private entities. With a digital identity, you can manage numerous activities without having to physically visit offices or [...]

Guides

30 October 2024

Table of contents In an increasingly digital world, knowing how to verify the authenticity of a website is essential for protecting your personal data and sensitive information. The threat of fraudulent websites is real, and thousands of people fall victim to online scams every day. However, by following the correct [...]

Guides

29 October 2024

Session fixation is a type of cyberattack that occurs when a malicious actor forces a session identifier (session ID) onto a user before they log into a web application. This technique allows the attacker to gain access to the user's session once the user has authenticated. Although it is often [...]

Guides

29 October 2024

The Man in the Browser (MITB) attack represents a sneaky and increasingly prevalent threat in the world of cyber security.This type of attack occurs within web browsers, where a malicious actor manages to compromise the web pages viewed by the user, altering them without the user realizing it. The primary [...]

Guides

28 October 2024

Peer-to-peer connections (often abbreviated as P2P) represent a type of network in which computers, known as nodes, communicate directly with each other without the need for a central server. This distributed model offers numerous advantages but also presents some challenges, especially in terms of security.  The peer-to-peer model is different [...]

Guides

28 October 2024

Session hijacking is one of the most insidious threats in the world of cybersecurity. This type of attack allows a malicious actor to take control of a user's web session, granting unauthorized access to sensitive data and restricted functionalities of a website or application. Session hijacking is particularly concerning for [...]