Over Security

Inflitta una sanzione di 120mila euro a una società del settore agricolo facente parte di un gruppo multinazionale con la capogruppo svizzera, per trattamento illecito di dati personali consistente nell’aver installato sui veicoli aziendali un dispositivo di monitoraggio di cinque dipendenti dotati di tale benefit. Vediamo meglio

A prolific data ransom gang that calls itself Scattered Lapsus Shiny Hunters (SLSH) has a distinctive playbook when it seeks to extort payment from victim firms: Harassing, threatening and even swatting executives and their families, all while notifying journalists and…

Gli attacchi alla supply chain continuano a mietere vittime illustri e, stavolta, si tratta addirittura di un’azienda specializzata in sicurezza informatica. A esser stata abusata, infatti, è stata l’infrastruttura di eScan Antivirus che ha subito una compromissione diretta dei server di distribuzione, trasformando uno strumento di difesa in un efficace veicolo di infezione globale. Secondo …

Fake high-yield investment platforms are surging worldwide, promising "guaranteed" returns that mask classic Ponzi schemes.CTM360 explains how HYIP scams scale through social media, recycled templates, and referral abuse.

Chinese state-sponsored threat actors were likely behind the hijacking of Notepad++ update traffic last year that lasted for almost half a year, the developer states in an official announcement today.

Investire in privacy genera ritorni economici concreti e rafforza la fiducia nell’uso dei dati e dell’intelligenza artificiale: sono le evidenze del Cisco Data and Privacy Benchmark Study 2026. Ecco come leggere questi dati nel contesto italiano dominato da PMI che spesso vivono la compliance solo come un costo crescente

The data breach notification service Have I Been Pwned says that a data breach at the U.S. food chain Panera Bread affected 5.1 million accounts, not 14 million customers as previously reported.

The Australian housing scam is hitting Perth hard. Government advises on spotting fake landlords, avoid scams, and protect your rent in Australia.

Microsoft has fixed a known issue that was causing the password sign-in option to disappear from the lock screen options after installing Windows 11 updates released since August 2025.

La circolare Assonime 23/2025 analizza il nuovo quadro di governance della cyber sicurezza, sottolineando come gli obblighi introdotti dalla normativa NIS 2 abbiano un impatto diretto sull’organizzazione interna delle aziende e sul ruolo degli amministratori

L’EDPB ha pubblicato la versione 2.0 delle FAQ sul Data Privacy Framework, chiarendo responsabilità, obblighi e verifiche necessarie per i trasferimenti di dati personali verso aziende USA. Il DPF resta uno strumento utile, ma non sostituisce la compliance GDPR e i controlli sulla supply chain digitale

Our CI/CD process is defined in GitLab through the .gitlab-ci.yml file, which resides in the root of our repository. As mentioned earlier, a pipeline is triggered on every commit to validate the code.

NationStates, a multiplayer browser-based game, has confirmed a data breach after taking its website offline earlier this week to investigate a security incident.

L'IIoT ha ridisegnato il panorama industriale, ma ha anche ampliato la superficie di attacco, introducendo rischi fisici senza precedenti. Ecco le sfide e le opportunità della digital forensics applicata ai dispositivi dell'Industrial Internet of Things, uno dei pilastri della quarta rivoluzione industriale

Qualche giorno fa ho parlato di traffic sniffing, argomento che mi avrebbe portato a parlare di Intrusion Detection/Prevention System e ad una ulteriore evoluzione del lab e dei test che potrò/potr…

A threat actor is targeting exposed MongoDB instances in automated data extortion attacks demanding low ransoms from owners to restore the data.

Apple is introducing a new privacy feature that lets users limit the precision of location data shared with cellular networks on some iPhone and iPad models.

Learn about the latest WordPress vulnerabilities and essential updates to protect your website from automated attacks.

OpenAI previously confirmed that it's testing ads in ChatGPT for free and $8 Go accounts, and now we're seeing early signs of that rollout, at least on Android.

OpenAI has confirmed that it's retiring ChatGPT's most popular model called GPT-4o and several other models, including GPT-5 Instant, GPT-5 Thinking, GPT-4.1, GPT-4.1 mini, and o4-mini.

A U.S. federal jury has convicted Linwei Ding, a former software engineer at Google, for stealing AI supercomputer data from his employer and secretly sharing it with Chinese tech firms.

Over the past few months, a large-scale cloud storage subscription scam campaign has been targeting users worldwide with repeated emails falsely warning recipients that their photos, files, and accounts are about to be blocked or deleted due to an alleged payment failure.

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) credentials and multi-factor authentication (MFA) codes.

A researcher has released detailed evidence showing some Instagram private accounts exposed photo links to unauthenticated visitors. The issue was later fixed, but Meta closed the report as not applicable and did not respond to multiple requests for comment.

A researcher has released detailed evidence showing some Instagram private accounts exposed photo links to unauthenticated visitors. The issue was later fixed, but Meta closed the report as not applicable and did not respond to multiple requests for comment.

In January 2026, Panera Bread suffered a data breach that exposed 14M records. After an attempted extortion failed, the attackers published the data publicly, which included 5.1M unique email addresses along with associated account information such as names, phone numbers and physical addresses. Panera Bread subsequently confirmed that "the data involved is contact information" and that authorities were notified.