Over Security

Offrendo un ulteriore livello di sicurezza, dedicato a giornalisti e personaggi pubblici, WhatsApp introduce le impostazioni restrittive dell'account, per tutelare i dati personali e le informazioni sensibili. Ecco quali vantaggi fornisce la funzionalità Strict Account Settings e come attivarla su Android e iPhone

CISA confirmed on Wednesday that ransomware gangs have begun exploiting a high-severity VMware ESXi sandbox escape vulnerability that was previously used in zero-day attacks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in attacks.

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows how exposed machine credentials quietly grant attackers long-term access to enterprise systems.

A simple and low-cost way to approach Bluetooth Low Energy security

Hackers are abusing a legitimate but long-revoked EnCase kernel driver in an EDR killer that can detect 59 security tools in attempts to deactivate them.

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 vulnerability in WinRAR in espionage attacks on government and law enforcement agencies.

La campagna DDoS del gruppo NoName057, con la botnet DDosia sta spostando il fuoco su tutto l’ecosistema digitale di Milano-Cortina 2026, tra enti locali, siti istituzionali e strutture ricettive messe in lista come bersagli. Vediamo come stanno davvero le cose e i reali pericoli

Microsoft has started rolling out built-in Sysmon functionality to some Windows 11 systems enrolled in the Windows Insider program.

Cyble reports ransomware groups claimed 2,018 attacks in Q4 2025; trends, top groups, and defense strategies revealed for 2026.

A Taiwanese man was sentenced to 30 years in prison for operating Incognito Market, one of the world's largest online narcotics marketplaces that sold over $105 million worth of illegal drugs to customers worldwide.

Il mystery shopping funziona da controllo difensivo, volto a verificare condotte illecite attribuibili - sulla base di fondati sospetti - a singoli dipendenti. Ecco perché deve garantire un bilanciamento tra esigenze del datore di lavoro e tutele della dignità e della riservatezza del lavoratore

Quando il modello apprende una scorciatoia reale, improvvisamente aumentano altri comportamenti disallineati. Ecco quali, secondo un'indagine di Anthropic, e come impedire la propagazione del comportamento indesiderato, dal momento che sono rilevanti le implicazioni per la sicurezza e la governance dei modelli avanzati

Il mistery shopping funziona da controllo difensivo, volto a verificare condotte illecite attribuibili - sulla base di fondati sospetti - a singoli dipendenti. Ecco perché deve garantire un bilanciamento tra esigenze del datore di lavoro e tutele della dignità e della riservatezza del lavoratore

This blog post analyzes a stealthy and expeditious ransomware called BabLock (aka Rorschach), which shares many characteristics with LockBit.

Dai grandi ospedali agli studi medici: nessuna struttura sanitaria può permettersi di abbassare la guardia sulla cyber security. Una nuova guida ENISA offre misure concrete per rafforzare le difese digitali del settore più bersagliato dai cyber criminali

Discover how ANY.RUN’s January 2026 updates introduce MISP integration, 2,000+ new detections, and improved investigation workflows.

Coinbase has confirmed an insider breach after a contractor improperly accessed the data of approximately thirty customers, which BleepingComputer has learned is a new incident that occurred in December.

Step Finance announced that it lost $40 million worth of digital assets after hackers compromised devices belonging to the company's team of executives.

A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of residential proxies to discover login panels.

CISA has flagged a critical SolarWinds Web Help Desk vulnerability as actively exploited in attacks and ordered federal agencies to patch their systems within three days.

The Paris prosecutor’s office announced that it is expanding a criminal investigation into X for alleged crimes, including the possession and distribution of child sexual exploitation material.