Exposure Assessment: The Best Way to Easily Discover a Target’s Infrastructure
Overview of discovering hostnames and IP addresses using OSINT techniques.
Read More
Blog Entries
Cracking the Code: Unveiling Data Breach Secrets through OSINT-driven Scripts
Welcome, today’s blog is dedicated to data breach analyses and evaluating their reliability. In an increasingly data-centric digital landscape, it’s crucial to delve into the complexities of data breaches and develop effective methods for determining the trustworthiness of the information they contain. In this blog, we’ll explore a professional approach to data breach analysis using…
Read MoreTIBER-EU: Enhancing Cybersecurity Resilience in the Financial Sector
As technology continues to advance at an unprecedented pace, the financial sector faces increasing risks and challenges in safeguarding sensitive data and ensuring the security of critical systems. In response to this evolving threat landscape, the European Central Bank (ECB) and the European Union Agency for Cybersecurity (ENISA) introduced a groundbreaking framework known as TIBER-EU…
Read MoreHow to Set Up an Effective Phishing Campaign
In 2022, more than half of Italian companies suffered at least one email attack despite the presence of spam filters, blacklisted domains and other available solutions for blocking threats. This shows how crucial it is for companies to both test their employees’ awareness about security and invest in training. A phishing campaign includes scam emails…
Read MoreRansomware Attack ESXi Servers with (to confirm) CVE-2021-21974
These days the landscape of cybercriminal activities seems to have as the only protagonists the Threat Actors who are carrying out an attack on publicly exposed VMware ESXi infrastructures. The French National Computer Emergency Response Team (CERT) published a security advisory on the ESXiArgs ransomware on February 3, 2023. Other important information regarding the attack was published…
Read MoreICT Security – Protecting Business in the Digital Age
Massimo Giaimo will participate in the ICT Security roadshow with a speech on the Log stealer Market Place and Predictive Cyber Threat Intelligence as a tool to avoid unpleasant compromises! FIRST STAGE: AGENDA, Milan, 16 February 2023 – at 09.00 a.m.SECOND STAGE: SAVE THE DATE | Padua, 6 June 2023 Soiel International has been organising…
Read MoreInterview with a Member of the GhostSec Group
The Initial Message The last few days have been quite hectic with regard to cyber security in the industrial systems sector. The frenzy of these days began on January 11 with this message that appeared on the Telegram channel (https://t.me/GhostSecc) of the GhostSec group: The message was accompanied by a couple of screenshots: So are…
Read MoreSpam Trap Box – A Powerful Method to Detect Phishing Attempts
It’s more and more common to receive emails asking for credentials. They usually say that there’s some kind of issue that can only be solved by accessing the involved service using the link inside the message text. In most cases these emails are malicious, intended to steal users’ or employees’ credentials and gain access to…
Read MoreRed_Team_Script, a Powerful Script for Red Team Activities
Cybersecurity is a discipline that deals with protecting computer systems and digital data from attacks and security breaches. With the increasing use of technology and dependence on computer systems in everyday life, cybersecurity is becoming increasingly important. But what are the risks for those who don’t know how to protect themselves? Online security risks can…
Read MoreFocus on the noPac Attack
In December 2021 Microsoft revealed two vulnerabilities concerning an Active Directory Domain Services privilege elevation, classified as CVE-2021-42278 and CVE-2021-42287. By combining the two exploits in the so-called noPac attack, a malicious actor could perform a privilege escalation by impersonating the Domain Administrator after starting out as a standard user. This would lead to a…
Read MoreMeet the SOC Weekly Reports, a New Way to Inform Customers
One of the most comprehensive services offered by Wuerth-Phoenix’s Cyber Security team is the Security Operation Center (SOC). An SOC is capable of monitoring an IT environment, scanning all messages sent within the internal network, and all operations performed on corporate devices. Through the use of detection rules, the SOC is able to identify anomalies…
Read MoreProtected: Some Insight into the Differences between AV and EDR
There is no excerpt because this is a protected post.
Read MoreRisepro: A New Infostealer Malware
The daily monitoring activities that we carry out within our Security Operation Center Attacker Centric have allowed us to identify the spread of a new infostealer type malware. Log (or information) stealer malware is a type of Trojan that gathers data in order to send it to the attacker. Typical targets are credentials saved in…
Read MoreHackInBo Business Edition – Winter 2022 – Our Participation
On December 2 we participated, as platinum sponsors, in the second edition of the HackInBo Business event. For 10 years, HackInBo has been one of the most important IT security conferences in Italy, and for this edition too we wanted to give our contribution by participating with a 40-minute talk. The formula of the event…
Read MoreNETEYE USER GROUP 2022… back again! #italianedition
The event of the year, the NetEye User Group, is back again, in presence! The User group is not only a chance to inform our customers about new products and releases, but also an occasion to meet and exchange feedback and ideas. This year’s NetEye User group took place in the beautiful city of Verona…
Read More