There are community projects that, once implemented, become true points of reference. One of these is certainly the DRM – Dashboard Ransomware Monitor project. This project, founded by Dario Fadda in 2020, monitors ransomware groups through scraping activities, to store claims regarding victims within a permanent RSS feed. However not everyone knows that starting from…
Read MoreDuring a Vulnerability Remediation process, understanding which vulnerabilities pose a real and significant risk for an organization is not so obvious, and most of the time it involves several different aspects. It takes into consideration several factors related to available resources and time, company assets, severity, compatibility with fix methodologies, and others. There is no…
Read MoreSecurity Orchestration, Automation and Response (SOAR) is a set of functionalities used by the SOC team to automate security activites, improve workflow management and share threat intelligence data. Security Operation Centres (SOCs) can leverage SOAR to gain in-depth knowledge of the threats they face, trigger automatic responses to security issues and achieve better efficiency. In this…
Read MoreOne of the primary responsibilities of a Security Operation Center (SOC) is to effectively manage issues related to monitoring the security perimeter. This involves the meticulous analysis of alerts, the creation of subsequent cases, and if necessary, the escalation of incidents to the client through ticketing systems or, in some cases, the closure of incidents…
Read MoreThe event of the year, the NetEye User Group, is back! The User group is not only a chance to inform our customers about new products and releases, but also an occasion to meet and exchange feedback and ideas. This year the NetEye Usergroup took place in Rocca Sveva, a centuries old villa located in…
Read More…also this year, Würth Phoenix & Gravitate organized the annual Usergroup DACH 2023 in Nuremberg. The Usergroup is not only a chance to inform our customers about new products and releases, but also an occasion to meet and exchange feedback and ideas. This year’s NetEye Usergroup took place in Nuremberg in the Romantik Hotel Rottner,…
Read More
Double extortion ransomware attacks have reached very high numerical values. One of the key elements, when suffering such an attack, concerns the negotiation that can be initiated (not always!) with the ransomware gang. The analysis, carried out by the SEC4U team, of hundreds of negotiations makes it possible to apply a scientific approach to this…
Read MoreIn our previous post about Exposure Assessment, we described how we outline a target’s infrastructure using SATAYO, our Cyber Threat Intelligence (CTI) platform. This means that we collected the identifiers of all the target’s machines, i.e., their host names and IP addresses. Now it’s time to understand which machines could allow an attacker to gain…
Read MoreThe event dedicated to the NetEye community is back again! A taste of innovation! Discover the new trends in monitoring and service management seasoned with a pinch of Cybersecurity. Taste the nuances of the various successful NetEye projects and be guided by the scent of curiosity for the latest technological trends. Appointment on 28th of…
Read MoreA Security Operation Center (SOC) is a service where the customer is an active participant. Establishing a good relationship with the customer is an important requirement for handling security incidents more efficiently. Our SOC analysts produce and deliver several reports, most of them on a monthly basis. They are usually presented to clients during a…
Read More
Greetings, cyber enthusiasts! This year we hacked a satellite and won $50K!! Okay, now that I’ve got your attention, that last sentence isn’t fake, but let’s go back to a few days ago… I’m Alessandro — Alemmi on the internet — and while I always enjoy playing CTFs with my workmates here at Würth Phoenix,…
Read MoreIntroduction In today’s increasingly complex cybersecurity landscape, it is crucial for organizations to adopt effective solutions to protect their data and digital assets from ever-evolving threats. Two commonly used services in this regard are SOC (Security Operations Center) and MDR (Managed Detection and Response). While both aim to ensure cybersecurity, there are important differences that…
Read MoreIn this article we’ll discuss the security concerns caused by Google’s introduction of .zip domains. First things first, let’s understand what a domain is and how it’s structured. What is a domain? A domain is a text string that allows a user to access the specified web site once typed into a browser. This string…
Read More0-day vulnerabilities are predicted to grow more and more, posing new threats for the cybersecurity. It’s hard to predict them and when their exploit occurs, since developers and vendors are unaware of the flaw until they are actually exploited. Hence, there is no ready patch available for a 0-day vulnerability. MOVEit Transfer 0-day On May…
Read More
On Friday 9 June 2023 I had the opportunity to participate as a speaker at the HackInBo Business event, one of the most important conferences on cyber security in Italy. During the talk I presented, I talked about the history of RaidForum, BreachForum and ExposedForum and the Genesis and Solomon marketplaces, recounting the seizures actions…
Read More