Blog Entries

03. 07. 2026 Francesco Pavanello AI, SEC4U, Threat Intelligence

The AI Cyber Attacks Explosion in 2026: Emerging Threats

The first half of 2026 has witnessed the transition of artificial intelligence from an experimental playground into a cyber warfare domain. In fact, threat actors have shifted from basic prompting toward highly automated, multi-stage operations. This shift is characterized by a bifurcation of threats. On one side, attacks exploiting inherent AI vulnerabilities and architectural boundaries,…

Read More
25. 06. 2026 Daniel Degasperi Blue Team, Log-SIEM, SEC4U, Threat Intelligence

LOLDrivers Is More Than a Simple List: A New Approach to BYOVD Detection

1. Introduction The abuse of vulnerable drivers has become an increasingly common technique adopted by attackers to bypass modern security controls. This attack pattern, commonly referred to as Bring Your Own Vulnerable Driver (BYOVD), consists of loading legitimately signed but vulnerable drivers into the operating system in order to gain kernel-level privileges, disable security products,…

Read More
08. 11. 2024 Luca Zeni Blue Team, SEC4U, Threat Intelligence

SATAYO And SOC: Exchanging Data For Better Insight

In this post, we’ll explore the synergy between a Cyber Threat Intelligence (CTI) platform and a traditional Security Operations Center (SOC) service. For those interested in the topic, I recommend reading my previous article, where I demonstrated a concrete example of integration between our SIEM and SATAYO, the CTI platform we use in our SOC….

Read More
14. 12. 2023 Massimo Giaimo SEC4U

Enrichment of the Ransomfeed Project

There are community projects that, once implemented, become true points of reference. One of these is certainly the DRM – Dashboard Ransomware Monitor project. This project, founded by Dario Fadda in 2020, monitors ransomware groups through scraping activities, to store claims regarding victims within a permanent RSS feed. However not everyone knows that starting from…

Read More
10. 01. 2023 Francesco Pavanello Blue Team, SEC4U

Spam Trap Box – A Powerful Method to Detect Phishing Attempts

It’s more and more common to receive emails asking for credentials. They usually say that there’s some kind of issue that can only be solved by accessing the involved service using the link inside the message text. In most cases these emails are malicious, intended to steal users’ or employees’ credentials and gain access to…

Read More
05. 12. 2022 Massimo Giaimo Exposure Assessment

HackInBo Business Edition – Winter 2022 – Our Participation

On December 2 we participated, as platinum sponsors, in the second edition of the HackInBo Business event. For 10 years, HackInBo has been one of the most important IT security conferences in Italy, and for this edition too we wanted to give our contribution by participating with a 40-minute talk. The formula of the event…

Read More
28. 10. 2021 Simone Cagol Blue Team, Exposure Assessment, SEC4U

Cyber Threat Intelligence: Enrichment with SATAYO IoC

One of the important elements of Cyber Threat Intelligence activity is the verification of IoCs (Indicators of Compromise) that can identify threats that can create an impact on your organization. In parallel to our OSINT and Cyber Threat Intelligence SATAYO platform we have implemented the SATAYO IoC database which currently has about 900,000 elements. Among…

Read More

Archive