Over Security

Inside a real Qilin ransomware engagement — 88-day dwell, domain-wide encryption, and the single registry value that gave the operator away.

Nel 2025 il software spia Graphite viene rilevato negli smartphone di vittime italiane. I magistrati ancora attendono riscontri dall'azienda israeliana. Cinque le ispezioni da parte del ministero della Difesa di Tel Aviv per verificare il rispetto delle licenze di export, ma senza conseguenze. L'inchiesta di Wired Italia

Italian spyware maker SIO still developing and distributing Spyrtacus

Morpheus: A new Spyware linked to IPS Intelligence

A SystemBC proxy malware botnet of more than 1,570 hosts, believed to be corporate victims, has been discovered following an investigation into a Gentlemen ransomware attack carried out by a gang affiliate.

The Seiko USA website was defaced over the weekend, displaying a message from attackers claiming they stole its Shopify customer database and threatening to leak it unless a ransom is paid.

The hack against Kelp DAO is the largest crypto heist of the year so far.

Le prime parole le spendo per chi ha organizzato l’evento: Claudio, Simona ed Fabio che dobbiamo tutti ringraziare per essersi fatti carico di un progetto così complesso come la realizzazione…

Annunciati i primi strumenti AI in grado di individuare vulnerabilità su larga scala. Aspettiamoci un aumento significativo del numero di aggiornamenti software distribuiti in tempi ravvicinati. Utenti e aziende farebbero bene a prepararsi a gestire l’ondata

Quando SOC e CERT lavorano in modo integrato, la capacità difensiva dell'organizzazione raggiunge un livello che nessuna delle due potrebbe garantire singolarmente. Ecco i compiti specifici di ciascuna struttura, le loro differenze e i vantaggi concreti derivanti dalla loro integrazione

Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate tools for access and lateral movement on enterprise networks.

Backups protect data, but don't keep your business running during downtime. Datto shows why BCDR is essential to keep operations running during ransomware and outages.

A British man, believed to be the leader of the Scattered Spider cybercrime collective, has pleaded guilty in the United States to charges of wire fraud and aggravated identity theft.

Per due dei tre exploit (quello per ora “disinnescato” è stato ribattezzato BlueHammer) pubblicati su GitHub da un ricercatore di sicurezza non sono ancora disponibili patch. Sfruttandole, sarebbe possibile portare attacchi con un impatto critico. Ecco tutti i dettagli

India’s top intelligence agency arrested a suspected key conspirator accused of supplying fraudulently obtained SIM cards to cybercriminal networks, as part

AWS Glossary for the novices Hi, before diving a bit more in the details of this article, is mandatory to explain some core components in the AWS ecosystem we are gonna cite during this post, so even for novice and unfamiliar people can understand better the concepts. * EC2: stands for Elastic Compute your virtual machine located in some region in the world (do not ask me the 2 in EC2 what means) * Security Group: aka SG, a logical resource that acts as a virtual firewall you can put in fron

Microsoft is rolling out multiple File Explorer changes to Windows 11 users in the Insider program, including improvements to launch speed and performance.

La terza survey Women for Security delinea un settore ad alta specializzazione ma ancora segnato da forti disparità. Crescono i ruoli apicali e la multidisciplinarità, pur persistendo criticità su retribuzioni e progressione di carriera. Valorizzare le cyberladies è una leva strategica fondamentale per colmare il cyber skill gap globale

In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets.

Cyble Research & Intelligence Labs (CRIL) in its monthly threat landscape analysis observed a highly active threat environment throughout March 2026,

Microsoft has reverted a recent service update that was preventing some customers from launching the Microsoft Teams desktop client.

In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets.

In March 2026, we uncovered more than twenty phishing apps in the Apple App Store masquerading as popular crypto wallets.

The Cyber Security Council noted that many cases involving sensitive personal data exposure are the result of simple, preventable mistakes.