Exposure Assessment: The Best Way to Easily Discover a Target’s Infrastructure
Overview of discovering hostnames and IP addresses using OSINT techniques.
Read MoreOverview of discovering hostnames and IP addresses using OSINT techniques.
Read MoreWelcome, today’s blog is dedicated to data breach analyses and evaluating their reliability. In an increasingly data-centric digital landscape, it’s crucial to delve into the complexities of data breaches and develop effective methods for determining the trustworthiness of the information they contain. In this blog, we’ll explore a professional approach to data breach analysis using…
Read MoreAs technology continues to advance at an unprecedented pace, the financial sector faces increasing risks and challenges in safeguarding sensitive data and ensuring the security of critical systems. In response to this evolving threat landscape, the European Central Bank (ECB) and the European Union Agency for Cybersecurity (ENISA) introduced a groundbreaking framework known as TIBER-EU…
Read MoreIn 2022, more than half of Italian companies suffered at least one email attack despite the presence of spam filters, blacklisted domains and other available solutions for blocking threats. This shows how crucial it is for companies to both test their employees’ awareness about security and invest in training. A phishing campaign includes scam emails…
Read MoreThese days the landscape of cybercriminal activities seems to have as the only protagonists the Threat Actors who are carrying out an attack on publicly exposed VMware ESXi infrastructures. The French National Computer Emergency Response Team (CERT) published a security advisory on the ESXiArgs ransomware on February 3, 2023. Other important information regarding the attack was published…
Read MoreMassimo Giaimo will participate in the ICT Security roadshow with a speech on the Log stealer Market Place and Predictive Cyber Threat Intelligence as a tool to avoid unpleasant compromises! FIRST STAGE: AGENDA, Milan, 16 February 2023 – at 09.00 a.m.SECOND STAGE: SAVE THE DATE | Padua, 6 June 2023 Soiel International has been organising…
Read MoreThe Initial Message The last few days have been quite hectic with regard to cyber security in the industrial systems sector. The frenzy of these days began on January 11 with this message that appeared on the Telegram channel (https://t.me/GhostSecc) of the GhostSec group: The message was accompanied by a couple of screenshots: So are…
Read MoreIt’s more and more common to receive emails asking for credentials. They usually say that there’s some kind of issue that can only be solved by accessing the involved service using the link inside the message text. In most cases these emails are malicious, intended to steal users’ or employees’ credentials and gain access to…
Read MoreCybersecurity is a discipline that deals with protecting computer systems and digital data from attacks and security breaches. With the increasing use of technology and dependence on computer systems in everyday life, cybersecurity is becoming increasingly important. But what are the risks for those who don’t know how to protect themselves? Online security risks can…
Read MoreIn December 2021 Microsoft revealed two vulnerabilities concerning an Active Directory Domain Services privilege elevation, classified as CVE-2021-42278 and CVE-2021-42287. By combining the two exploits in the so-called noPac attack, a malicious actor could perform a privilege escalation by impersonating the Domain Administrator after starting out as a standard user. This would lead to a…
Read MoreOne of the most comprehensive services offered by Wuerth-Phoenix’s Cyber Security team is the Security Operation Center (SOC). An SOC is capable of monitoring an IT environment, scanning all messages sent within the internal network, and all operations performed on corporate devices. Through the use of detection rules, the SOC is able to identify anomalies…
Read MoreThere is no excerpt because this is a protected post.
Read MoreThe daily monitoring activities that we carry out within our Security Operation Center Attacker Centric have allowed us to identify the spread of a new infostealer type malware. Log (or information) stealer malware is a type of Trojan that gathers data in order to send it to the attacker. Typical targets are credentials saved in…
Read MoreOn December 2 we participated, as platinum sponsors, in the second edition of the HackInBo Business event. For 10 years, HackInBo has been one of the most important IT security conferences in Italy, and for this edition too we wanted to give our contribution by participating with a 40-minute talk. The formula of the event…
Read MoreThe event of the year, the NetEye User Group, is back again, in presence! The User group is not only a chance to inform our customers about new products and releases, but also an occasion to meet and exchange feedback and ideas. This year’s NetEye User group took place in the beautiful city of Verona…
Read More