Loading...
Sicurezza delle reti e dei sistemi

Governance

NIS Cooperation Group: what it is and how it works 

20 December 2024

The NIS Cooperation Group, established under Article 14 of Directive (EU) 2022/2555, serves as a strategic tool to promote network and system security across the European Union.  Formed with the aim of facilitating strategic cooperation and information exchange among Member…
Le pubbliche amministrazioni nell'ambito NIS

Governance

Sectoral NIS authorities: functions and competencies 

20 December 2024

Sectoral NIS authorities play a fundamental role in protecting critical infrastructures and ensuring digital resilience in an era of increasing cyber threats.  With the adoption of Legislative Decree No. 138 of September 4, 2024, Italy aligned itself with the European…
The country's digital protection

Governance

NIS 2 Directive and the National Cyber Security Strategy

20 December 2024

The 2022-2026 National Cyber security Strategy is a cornerstone for Italy's cyber resilience and digital protection. The objectives of the national cyber security strategy include: :  Ensuring a high level of security for critical infrastructures, protecting strategic sectors such as…
NIS Directive to NIS 2

Governance

ACN: National Competent Authority for NIS 2 in Italy 

20 December 2024

The growing complexity of networks and IT systems requires a coordinated approach to network security at both national and international levels.  With the introduction of the EU Directive 2022/2555, also known as NIS 2, European Union member states are tasked…

Most Viewed

Latest Posts

Guides

Google history and cyber security

Google's history documents all searches made and websites visited, offering a convenient way to access past information. However, this tool can pose a risk to users' privacy and security. It is therefore essential to regularly manage, view and delete Google history to safeguard one's personal data.

Guides

Secure PEC: risks of Certified Electronic Mail

Certified Electronic Mail (PEC) is an essential service for public bodies and companies, providing secure communications with legal value comparable to registered mail. It uses the TLS 1.2 protocol to protect data transfer and employs digital signatures to ensure that contents have not been altered, thus increasing the integrity and [...]

Guides

How to defend against driver rootkits

Rootkit drivers are an advanced form of malware that installs itself at the kernel level of the operating system, making them particularly dangerous and difficult to detect. These rootkits gain administrator privileges and deeply integrate into the system, modifying drivers to mask their presence and allow other malware to operate [...]

Guides

How to defend against side channel attacks

Side channel attacks are an emerging threat in the field of computer security that exploit the physical behaviour of hardware during cryptographic operations. These attacks look at aspects such as power consumption, execution time and electromagnetic emissions of the device, allowing attackers to obtain sensitive information such as cryptographic keys. [...]

Guides

Protecting your system from DMA attacks 

Direct Memory Access (DMA) attacks pose a serious threat to computer security by exploiting the ability of hardware devices to directly access a system's memory, bypassing the central processor and thus also software security controls. This article discusses the nature of DMA attacks, illustrates how they work, and suggests security [...]

Guides

Memory scraping: attacks and protection

In the IT security landscape, memory scraping represents one of the most insidious threats. This type of attack targets the volatile memory of computer systems, with a particular focus on POS (Point of Sale) systems. Let's take a look at how memory scraping works, what risks it entails, and how [...]

News

Cold boot attack: a real threat

The cold boot attack is a cyber attack that allows sensitive data to be extracted from the RAM memory of a computer by exploiting the fact that the data can persist for a short time after the system has been shut down. The attacker, who must have physical access to [...]

Guides

Rowhammer: vulnerability in DRAM memory 

Rowhammer attacks pose a threat to the security of DRAM memories, which are commonly used in computing devices. This attack technique exploits an inherent vulnerability in DRAM, where repeated accesses to certain rows of memory cells can induce bit flip errors in adjacent rows. This effect is due to the [...]

Guides

Protect your data from bluebugging

Bluebugging is a type of cyber attack that takes advantage of weaknesses in Bluetooth connections to gain unauthorized access to mobile devices. This attack allows hackers to take control of devices, access confidential data and send messages or make calls without the owner's permission. The attack takes place through insecure [...]

Guides

The 5 fundamental aspects of ICT

Cyber security is crucial in our daily lives to protect information systems and personal and corporate data. This discipline is based on five fundamental aspects of ICT, which are the cornerstone of cyber security policies and information protection practices.

News

Bluesnarfing: a silent threat that requires attention 

Bluesnarfing is a little-known but serious cyber security threat consisting of unauthorized access to a device's data via Bluetooth. This attack can occur without the user being aware of it, exploiting vulnerabilities in the Bluetooth protocol to steal sensitive information such as contacts, emails, messages and stored files.

News

Bluejacking: the silent Bluetooth attack 

Bluejacking is an attack that uses Bluetooth technology to send unsolicited messages to nearby devices, such as smartphones and tablets. Although it is not seriously harmful, it can be annoying and compromise privacy. Derived from the combination of ‘Bluetooth’ and ‘hijacking’, bluejacking allows messages to be sent to devices without [...]

To top