Over Security

Over Security

33600 bookmarks
Custom sorting
Ransomware, una minaccia in evoluzione: cosa aspettarsi nell’era dell’Agentic AI
Ransomware, una minaccia in evoluzione: cosa aspettarsi nell’era dell’Agentic AI
Nel 2025 il ransomware ha dimostrato resilienza, capacità di evoluzione e grande adattabilità, con il dominio dei modelli di Ransomware-as-a-Service (RaaS). Le previsioni di VDC Research e Kaspersky per il 2026: attacchi sempre più subdoli con l'Agentic AI
·cybersecurity360.it·
Ransomware, una minaccia in evoluzione: cosa aspettarsi nell’era dell’Agentic AI
Kaspersky: la GenAI mette alla prova il riconoscimento facciale
Kaspersky: la GenAI mette alla prova il riconoscimento facciale
Le immagini modificate dall’IA possono apparire come persone diverse agli occhi umani, ma restare riconoscibili per gli algoritmi. Per Maher Yamout, il riconoscimento facciale deve essere affiancato da password, token e altri controlli.
·securityinfo.it·
Kaspersky: la GenAI mette alla prova il riconoscimento facciale
Quacivi a capo dell’Acn: perché è svolta per la cyber italiana
Quacivi a capo dell’Acn: perché è svolta per la cyber italiana
L’arrivo di Andrea Quacivi alla guida dell’ACN coincide con un momento delicato per la NIS2, con ’aumento degli attacchi ransomware e della pressione sulla supply chain software. La governance cyber italiana continua a oscillare tra logiche amministrative e necessità operative. Ecco come valutare l'attuale stagione della nostra cybersecurity
·cybersecurity360.it·
Quacivi a capo dell’Acn: perché è svolta per la cyber italiana
Postcast live (test)
Postcast live (test)
Qualche giorno fa assieme ad Andrea abbiamo provato ad eseguire lo stream di una puntata podcast. Si trattava di una puntata di test che avevamo pensato di fare dall’ufficio di Bolzano di NTS…
·roccosicilia.com·
Postcast live (test)
Threat Hunting and Defending #1 (study)
Threat Hunting and Defending #1 (study)
Premessa Ricomincio a studiare per una nuova certificazione Cyber Security e quest’anno ho scelto “Conducting Threat Hunting and Defending using Cisco Technologies for Cybersecurity&#82…
·roccosicilia.com·
Threat Hunting and Defending #1 (study)
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows.
·bleepingcomputer.com·
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign
7-Eleven - 185,256 breached accounts
7-Eleven - 185,256 breached accounts
In April 2026, 7-Eleven was the victim of a "pay or leak" extortion campaign by ShinyHunters, with the data later published that month. The incident exposed 185k unique email addresses, along with names, physical addresses, dates of birth and phone numbers. A small number of records also contained additional exposed data fields. The company later advised the breach was limited to "certain 7-Eleven systems used to store franchisee documents", a statement consistent with the exposed data.
·haveibeenpwned.com·
7-Eleven - 185,256 breached accounts
Laravel Lang packages hijacked to deploy credential-stealing malware
Laravel Lang packages hijacked to deploy credential-stealing malware
A supply chain attack targeting the Laravel Lang localization packages has exposed developers to a sophisticated credential-stealing malware campaign after attackers abused GitHub version tags to distribute malicious code through Composer packages.
·bleepingcomputer.com·
Laravel Lang packages hijacked to deploy credential-stealing malware
These special phone and app features can help protect you from spyware
These special phone and app features can help protect you from spyware
Apple, Meta, and Google offer special security modes that provide your devices more secure against targeted spyware attacks. Here are how those modes work, what they do, and how to switch them on.
·techcrunch.com·
These special phone and app features can help protect you from spyware
Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
Italian authorities have dismantled a piracy ecosystem centered around the CINEMAGOAL app that provided access to various streaming platforms, including Netflix, Disney+, and Spotify.
·bleepingcomputer.com·
Italy disrupts CINEMAGOAL piracy app that stole streaming auth codes
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
Financial crime investigators in the Netherlands (FIOD) arrested two men and seized 800 servers linked to a web hosting company that enabled cyberattacks, interference operations, and disinformation campaigns.
·bleepingcomputer.com·
Netherlands seizes 800 servers of hosting firm enabling cyberattacks
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Lawmakers in both houses of Congress are demanding answers from the U.S. Cybersecurity & Infrastructure Security Agency (CISA) after KrebsOnSecurity reported this week that a CISA contractor intentionally published AWS GovCloud keys and a vast trove of other agency secrets…
·krebsonsecurity.com·
Lawmakers Demand Answers as CISA Tries to Contain Data Leak
Giochiamo insieme #1
Giochiamo insieme #1
Premessa Ho pensato di proporre, su LinkedIn, delle piccole challenge dedicate alla sicurezza offensiva: semplici scenari di attacco che prendo dal mondo vero (cose che a tutti i PenTester sono suc…
·roccosicilia.com·
Giochiamo insieme #1
Former US execs plead guilty to aiding tech support scammers
Former US execs plead guilty to aiding tech support scammers
Two former executives of a call-tracking and analytics company pleaded guilty to concealing a years-long tech support fraud scheme that victimized individuals worldwide.
·bleepingcomputer.com·
Former US execs plead guilty to aiding tech support scammers
L’attacco cyber non è come il morbillo!
L’attacco cyber non è come il morbillo!
L'erronea convinzione che essere stati vittima di un attacco cyber, o più in generale di una violazione, faccia diminuire la probabilità che questa si ripeta in futuro non solo è profondamente erronea, ma espone ancor più le organizzazioni a subire nuovi disastri cyber
·cybersecurity360.it·
L’attacco cyber non è come il morbillo!
Trend Micro warns of Apex One zero-day exploited in the wild
Trend Micro warns of Apex One zero-day exploited in the wild
Japanese cybersecurity software company Trend Micro has addressed an Apex One zero-day vulnerability exploited in attacks targeting Windows systems.
·bleepingcomputer.com·
Trend Micro warns of Apex One zero-day exploited in the wild