Over Security

La possibilità di degradazione esiste e le conseguenze potrebbero impattare su più fronti: affidabilità dei dati, sicurezza e modelli economici. Gli esperti: attenti, in alcuni casi si rischia di non poter più tornare indietro

Learn how CISOs can justify budgets for threat intelligence with 5 board-ready business cases to reduce risk and costs.

A new Android malware-as-a-service (MaaS) named Cellik is being advertised on underground cybercrime forums offering a robust set of capabilities that include the option to embed it in any app available on the Google Play Store.

How CTI teams safely analyze high-risk environments, engage threat actors, and process sensitive data using Flashpoint Managed Attribution.

A new campaign dubbed 'GhostPoster' is hiding JavaScript code in the image logo of malicious Firefox extensions counting more than 50,000 downloads, to monitor browser activity and plant a backdoor.

Software capaci di rispondere a domande, riassumere pagine, eseguire comandi e agire autonomamente su siti web: gli AI browser aprono un campo inesplorato di minacce note e sconosciute. Ecco i pericoli dell'automazione cognitiva

The Amazon Threat Intelligence team has disrupted active operations attributed to hackers working for the Russian foreign military intelligence agency, the GRU, who targeted customers' cloud infrastructure.

The Texas Attorney General sued five major television manufacturers, accusing them of illegally collecting their users' data by secretly recording what they watch using Automated Content Recognition (ACR) technology.

The Scattered Lapsus$ Hunters hacking collective stole Pornhub premium users’ data, including email addresses and viewing history.

Hackers are exploiting critical-severity vulnerabilities affecting multiple Fortinet products to get unauthorized access to admin accounts and steal system configuration files.

Progettazione e avvio della sperimentazione per Polheepo, il chip tutto italiano che può supportare applicazioni di intelligenza artificiale e di crittografia post-quantica e che potrebbe risolvere i problemi di sovranità digitale del nostro Paese. Ecco tutto quello che c’è da sapere

Scadenze NIS2 2026: a gennaio la registrazione, entro ottobre l'implementazione. Roadmap ACN e fasi implementative.

Petróleos de Venezuela (PDVSA), Venezuela's state-owned oil company, was hit by a cyberattack over the weekend that disrupted its export operations.

La trasformazione del CISO da tecnico a figura strategica con responsabilità legali richiede evoluzione parallela delle protezioni professionali per garantire sostenibilità di lungo termine del ruolo. Che c’è da sapere

Ransomware groups are targeting hypervisors to maximize impact, allowing a single breach to encrypt dozens of virtual machines at once. Drawing on real-world incident data, Huntress explains how attackers exploit visibility gaps at the hypervisor layer and outlines steps orgs can take to harden virtualization infrastructure.

Direct navigation -- the act of visiting a website by manually typing a domain name in a web browser -- has never been riskier: A new study finds the vast majority of "parked" domains -- mostly expired or dormant domain…

Microsoft announced on Monday that it will soon block mobile devices running outdated email software from accessing Exchange Online services until they're updated.

European law enforcement authorities dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of more than 10 million euros.

Kaspersky researchers describe how they gained access to a vehicle's head unit by exploiting a single vulnerability in its modem.

Discover three practical steps SOC teams use to cut MTTR by 21 minutes, detect threats in seconds, and improve response efficiency.

Cyble tracks the latest IT vulnerabilities this week, including zero-days, active exploits, and dark-web discussions targeting IT and industrial systems.

L’articolo 30 del decreto NIS 2 riguarda un processo strategico di autoconoscenza organizzativa e mostra perché, senza l’attuazione di tale articolo, nessun sistema di sicurezza può dirsi credibile. Più che un adempimento, è una radiografia operativa

Adult video platform PornHub is being extorted by the ShinyHunters extortion gang after the search and watch history of its Premium members was reportedly stolen in a recent Mixpanel data breach.

Audio streaming platform SoundCloud has confirmed that outages and VPN connection issues over the past few days were caused by a security breach in which threat actors stole a database containing user information.

Google is discontinuing its "dark web report" security tool, stating that it wants to focus on other tools it believes are more helpful.

Japanese e-commerce giant Askul Corporation has confirmed that RansomHouse hackers stole around 740,000 customer records in the ransomware attack it suffered in October.