Over Security

Nel nuovo dominio della guerra ibrida, la protezione dei dati civili si colloca all’incrocio tra GDPR, Diritto Internazionale Umanitario e sicurezza nazionale. Serve una cornice tecnico-giuridica integrata per prevenire l’abuso dell’identità digitale in tempo di guerra

CISA ordered U.S. government agencies to patch three iOS vulnerabilities targeted in cryptocurrency theft and cyberespionage attacks using the DarkSword exploit kit.

Microsoft has released an emergency update to address a major issue that breaks sign-ins with Microsoft accounts across multiple Microsoft apps, including Teams and OneDrive.

This Sofia Scozzari interview explores repeated cyber gaps and the underestimated human factor.

Foster City cyberattack disrupts services in a Bay Area city, raising concerns over data security as officials respond to the incident.

AI-assisted fraud is no longer a distant risk for digital platforms, it is already reshaping how systems can be exploited.

One of the most encouraging shifts has been the growing presence of women in leadership roles across cybersecurity and digital risk management.

By Jeffrey

An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and extract the master key for decrypting sensitive data stored in the browser.

edit .config/lxterminal/lxterminal.conf Find something like this: --- bgcolor=rgb(0,0,0) color_preset=custom bgcolor=rgb(30,30,30) fgcolo...

The Trivy vulnerability scanner was compromised in a supply-chain attack by threat actors known as TeamPCP, which distributed credential-stealing malware through official releases and GitHub Actions.

Google has announced a new mechanism in Android called Advanced Flow that will allow sideloading APKs from unverified developers for power users in a more secure way.

Microsoft Azure Monitor alerts are being abused to send callback phishing emails that impersonate warnings from the Microsoft Security Team about unauthorized charges on your account.

The FBI has issued a public service announcement warning that Russian intelligence-linked threat actors are actively targeting users of encrypted messaging apps such as Signal and WhatsApp in phishing campaigns that have already compromised thousands of accounts.

California city reports ransomware attack as LA transit agency finds ‘unauthorized activity’

Oracle has released an out-of-band security update to fix a critical unauthenticated remote code execution vulnerability in Identity Manager and Web Services Manager tracked as CVE-2026-21992.

EDPB ed EDPS hanno dato il via libera alle modifiche del Cybersecurity Act e della Direttiva NIS2, ma con un richiamo costante ai principi del GDPR: l’espansione degli strumenti di raccolta e condivisione delle informazioni deve rimanere entro le regole della normativa sulla protezione dati. I punti cardine

An international law enforcement action called Operation Alice has shut down over 373,000 dark web sites that offered fake CSAM packages.

The U.S. Justice Department said an Iranian security ministry operates the fake activist persona known as Handala, which claimed responsibility for the destructive hack targeting medical tech giant Stryker.

The Cybersecurity and Infrastructure Security Agency (CISA) has ordered federal agencies to patch a maximum-severity vulnerability, CVE-2026-20131, in Cisco Secure Firewall Management Center (FMC) by Sunday, March 22.

Quando si parla di nuove campagne d'attacco, molto spesso c'è il comune denominatore dell'impiego di tecniche di ingegneria sociale, dallo studio dei contesti al pretexting per creare la trappola perfetta. Trappola che può essere disinnescata con una cooperazione fra operatori e organizzazioni

Il 19 marzo 2026, l'avvocata generale della Corte di giustizia dell'Unione europea ha depositato le proprie conclusioni nella caso Elisa Eesti, operatore estone di TLC. Ecco quali sono le misure adottate nell'esclusione dei fornitori ad alto rischio di 2G-4G e 5G nelle infrastrutture critiche, per tutelare la sicurezza nazionale ed europea, all'insegna della proporzionalità

Geopolitical tensions are driving destructive cyberattacks designed to disrupt operations, not demand ransom. CISOs must limit lateral movement and contain breaches to reduce the impact of wiper campaigns.

Handala hackers are back online just hours after the FBI announced its clearnet domains seizure.