Zero-Day Attck Giacomo Lanzi

Zero-Day attack: what they are and how to defend yourself with SOCaaS

A Zero-Day attack (also known as 0-day) exploits a software vulnerability unknown to security officers and the software vendor. Hackers can exploit the weakness, as long as it is not mitigated, through Zero-Day exploit or, indeed, attack. The term “zero-day” originally referred to the number of days after the software was released. A “zero-day” software, therefore, meant a program obtained…

Monitoring system - Zabbix Giacomo Lanzi

Monitoring system, an overview

Zabbix is a monitoring system suitable for different IT components, including networks, servers, virtual machines (VMs) and cloud services. Zabbix provides metrics such as network usage, CPU load, and disk space consumption. The software monitors operations on Linux, Hewlett Packard Unix (HP-UX), Mac OS X, Solaris, and other operating systems (OS);however, Windows monitoring is only possible through specific agents. SOD…

Data Exfiltration cover Giacomo Lanzi

Data Exfiltration: defense against data theft

A common definition of data exfiltration is the theft, removal, or unauthorized movement of any data from a device. Data exfiltration typically involves a cybercriminal stealing data from personal or corporate devices, such as computers and cell phones, through various cyberattack methods. Failure to control information security can lead to data loss which can cause financial and reputational damage to…

Installare Certificato SSL Giacomo Lanzi

Install a Let’s Encrypt certificate on Debian based machine

Let’s Encrypt is a Certificate Authority (CA) that facilitates the obtaining and installation of free TLS / SSL certificates.This allows HTTPS encryption on web servers. It also streamlines the process by working with clients, such as Certbot, to automate the necessary steps. In this article we see how to install an SSL certificate on a server with Debian based operating…

WastedLocker Ransomware Giacomo Lanzi

WastedLocker: Next generation ransomware

WastedLocker is ransomware attack software that began targeting businesses and other organizations in May 2020. It is known for its high ransom demands reaching millions of dollars per victim. It is the product of a group of highly skilled cyber criminals who have been operating for over a decade: Evil Corp. Who is behind WastedLocker Ransomware The group behind WastedLocker…

Proteggere Sito WordPress Giacomo Lanzi

Protecting a site in WordPress: security package

Whether it’s WordPress or not, your website is potentially vulnerable to attack. Recent reports have shown that Google blacklists thousands of websites containing malware and phishing attacks every week. Considering how serious the potential security breaches can be for your business, we hope this article informs you why you should always protect your WordPress site. Is protecting a WordPress site…

Ransomware Critici Cover Giacomo Lanzi

Critical ransomware: examples of successful attacks

There have been critical cases of ransomware of note lately. Tor Vergata University suffered an attack that knocked out about a hundred computers. Access to the systems by teachers and students has been blocked. The attack affected a number of documents related to COVID-19 research that were encrypted and then made inaccessible. In addition, two other noteworthy cases shook hospitals…

Iniziative sociali SOD Giacomo Lanzi

Secure Online Desktop Social Initiatives

2020 turned out to be a complicated year in many ways. Covid-19 has hit the whole world hard, with significant repercussions on companies which, as far as possible, have found themselves having to set up suitable infrastructures for remote work. Many social initiatives were born during the year and our field, IT and cyber security, is no different. In this…

Cos'è un MSSP Giacomo Lanzi

What is an MSSP and what are its advantages

The IT world continues to evolve and the same goes for industry acronyms. One of these is the term MSSP which, in a sense, is the evolution of MSP. The two abbreviations mean: Managed Service Provider (MSP) and Managed Security Service Provider (MSSP). The latter, in general, could be considered as an organization that provides outsourced security services to other…

I Ransomware più pericolosi Giacomo Lanzi

The most dangerous Ransomware in 2020

The ransomware (or cyber extortion) threat is on the rise. In 2020, there was a spike in the number of reported incidents and the number of hackers attempting to extort money from organizations. It is important that every organization does all it can to combat these criminals and being informed is a key element. In this article we see the…

Long-term Search Cover Giacomo Lanzi

Long-term search: what’s new in the SOCaaS service

Ransomware commonly comes up with an email that tricks users into trusting a malicious file. Many of the most recent data breaches have been completed because a user has been the victim of such an attack in the previous period. Threats such as ransomware, which focus on user compromise, are causing more and more companies to adopt user and entity…

Pannello Plesk Giacomo Lanzi

Plesk panel: available applications

On the web there are many open source applications that allow you to manage the most various situations. It is common practice for these applications to be available for installation from your hosting control panel. The Plesk panel makes no exceptions. So let’s see what are the main applications available for installation. How to install applications from the Plesk panel…

shadow IT Giacomo Lanzi

Shadow IT: an overview

The practice of shadow IT is the use of computer systems, devices, software, applications and services without the explicit approval of the IT department. In recent years, it has grown exponentially with the adoption of cloud-based applications and services. While shadow IT could improve employee productivity and drive innovation, it can also introduce serious security risks to the organization due…

Ransomware e Acronis Active Protection Giacomo Lanzi

Acronis Active Protection: defense against ransomware

Acronis Active Protection is an advanced anti-ransomware technology. It actively protects all the data on your systems: documents, data of all kinds and Acronis backup files. It is a technology available for Windows and Mac OS X operating systems and protects against the latest ransomware actions such as Petya, WannaCry, Locky and Osiris. What is Ransomware? Ransomware is a particularly…

Insider Threat, le minacce dall'interno Giacomo Lanzi

Insider threat: identifying and fighting them

Insider threats are difficult to spot because they come from within your organization. Employees, contractors and partners require different levels of login credentials in order to perform their work. Attackers can trick these insiders into accessing them or offering them money to knowingly steal valuable information from the company. Traditional security solutions focus on protecting the organization from external attackers….

PageSpeed Insight Cover Giacomo Lanzi

PageSpeed Insight: better speed with Google

If the site is slow, you are losing customers. It’s very simple and there are no kinder ways to say the same thing. The speed of a site is directly proportional to the desire of a user to visit it. To measure your portal you can use a tool made available by Google: PageSpeed Insight. You can access this service…

ClearOS cover Giacomo Lanzi

ClearOS: Linux Server for Small Business

ClearOS (formerly ClarkConnect) is a Linux distribution, with the aim of transforming any standard PC into a dedicated firewall and Internet server / gateway. The software is a solution for small businesses, home offices and networked homes. ClearOS is based on CentOS and offers a very robust set of tools organized in easy to navigate administration pages. Small business and…

UEBA Giacomo Lanzi

UEBA: Behavior Analysis Explained

Classic cyber threat defense tools and systems are rapidly becoming obsolete, and there are ways to overcome them. What remains confidently common among cyber criminals attempting an attack is the intent of the attack itself. Indeed, knowing that there are systems capable of detecting indicators of compromise (IOC), it is natural that competent hackers will try not to leave traces…

Node.js e Plesk Giacomo Lanzi

Node.js via SOD hosting panel

If you are interested in hosting Node.js apps on your web space, we have good news! The control panel offered by SOD, based on Plesk, is equipped with a Node.js extension that allows you to easily manage applications. In this article we see how it is possible to integrate Node through the control panel. Host a Node.js application from the…

SOAR Giacomo Lanzi

SOAR: coordination for cyber security

SOAR (Security Orchestration, Automation and Response) technology helps coordinate, execute and automate activities between people and tools, enabling companies to respond quickly to cyber security attacks. The aim is to improve their overall security position. SOAR tools use playbooks (strategies and procedures) to automate and coordinate workflows which may include security tools and manual tasks. How does SOAR help in…

Log file management tramite syslog-ng Giacomo Lanzi

Log File Management with the Secure Online Desktop service

IT systems produce large quantities of log files, very useful tools for guaranteeing data security and application stability. However, in a complex ecosystem, the quantity of files and their location can become two insurmountable obstacles to overcome, in case it is necessary to consult the data efficiently. This is where log management systems come into play, which thanks to technologies…

SOAR Security Orchestration Giacomo Lanzi

SOAR: what it is and how it can be useful for companies

An increasing number of companies leverage SOAR to improve the effectiveness of their cybersecurity operations. In this article, we explain how harnessing the value of SOAR could be crucial to improving the security of your organization. What is SOAR? Coined by the research firm Gartner, Security Orchestration, Automation and Response (SOAR) is a term used to describe the convergence of…

Prova gratuita servizi online Giacomo Lanzi

Free trial of internet services with Demos

The services provided by Secure Online Desktop are many and cover a large variety of needs. We realize that for the layman and the less experienced, this could be intimidating. In the midst of so much choice, how can we be sure that the service we need is exactly what we are about to request? For this reason, we provide…

Next Generation SIEM Giacomo Lanzi

Next Generation SIEM: where are we?

SIEM has existed for quite some time, but it is not yet well understood. Also, the fact that technology has evolved significantly in recent years doesn’t help shed some light. Today we see where we are, trying to understand the Next Generation SIEM and the managed systems offered as services that make use of the latest generation SIEM (SOCaaS, for…

Standard ISO 27001 Giacomo Lanzi

Does ISO 27001 standard require a Pentest?

A legitimate question that often arises is whether the Penetration Test is necessary for compliance with the ISO 27001 standard. To fully understand the answer, it is necessary to clarify what is meant by these terms and to understand the relationship between all the components of the certification. ISO 27001 standard A technical standard, also incorrectly called a standard, is…

SIEM informatica Giacomo Lanzi

SIEM in computer science: history

A SIEM solution in IT is one of the essential components of a SOC (Security Operation Center). Its task is to collect information and analyze it in search of anomalies and possible breaches in the system. But the defense process hasn’t always been that simple. What we now call SIEM, Security Information and Event Management, is the union of two…

cPanel e Plesk - pannelli di controllo web Giacomo Lanzi

cPanel and Plesk the best for hosting management

Most hosting environments use an intuitive interface to help users manage their web spaces. Two very famous panels are cPanel and Plesk, widely used and offered in the SaaS formula. Without these graphical interfaces, it would be difficult to manage a hosting space and set up a site. A lot of time is usually spent managing a web space through…

SIEM - Raccolta e analisi dei dati Giacomo Lanzi

SIEM software: what it is and how it works

Evolving beyond its roots in log file management, today’s security information and event management (SIEM) software vendors are introducing AI, advanced statistical analysis and other analytical methods into their products. . But what is SIEM software and what are its uses? SIEM software Acronym for Security Information and Event Management, it is a product that provides cyber security professionals in…

Aggiornare PHP Giacomo Lanzi

Updating php: why and how

PHP is one of the most popular scripting languages on the web today. According to W3Techs, PHP is used by over 82% of all websites that use a server-side programming language. This means that 8 out of 10 sites use PHP in one form or another. Being a scripting language, it is essential to update PHP to the latest version…

Network Lateral Movement Giacomo Lanzi

What is a Network Lateral Movement and how to defend yourself

During a cyber attack, hackers have only one goal in mind. This goal could be accessing a developer’s machine and stealing a project’s source code, analyzing emails from a particular executive, or extracting customer data from a server. All they have to do is log into the machine or system that contains the data they want, right? Not exactly. Actually,…

Mitre Att&ck cover Giacomo Lanzi

Mitre Att&ck ™: an overview

Mitre Att&ck is a global knowledge base of adversary tactics and techniques based on real observations of cyber attacks. These are displayed in arrays organized by attack tactics, from initial system access and data theft to machine control. There are arrays for common desktop platforms (Linux, macOS and Windows) and for mobile ones. What is MITRE ATT&CK ™ and what does…

SOCaaS - Post Cover Giacomo Lanzi

Is SOCaaS useful for your business?

In today’s article, we’ll explain what a Security Operations Center (SOC) is and help determine if a SOC-as-a-Service (SOCaaS) solution is right for your business. Just because you have to manage cybersecurity doesn’t mean your business has to deal with cybersecurity. In fact, your core business could be pretty much anything else. Proper management of IT security, however, is essential…

Sicurezza delle reti informatiche con il Pentest e il Vulnerability assessment Giacomo Lanzi

Computer network security: PT vs. VA

The security of computer networks is of vital importance for a company. With technologies increasingly relying on remote services, it is good to ensure that security is guaranteed. To do this, two tools are used: Vulnerability Assessment and Penetration Test. But what is the difference between them? The answer to this question is not as obvious as one might think….

cloud per piccole imprese Giacomo Lanzi

Cloud services for small local businesses

Small and medium-sized businesses have little room for maneuver when it comes to investment. Precisely for this reason, every step that involves an expense is weighed and evaluated in every aspect before being carried out. We know the fears that underlie such reasoning, and for this reason we have decided to dedicate an article precisely to the advantages that SOD…

cloud computing Giacomo Lanzi

Cloud computing services in Reggio Emilia

Il cloud computing consente alle aziende di accedere a server, archivi, database e servizi aggiuntivi (applicativi), tramite piani di abbonamento flessibili. Ad oggi il cloud e’ onnipresente. Gia’ dal 2009, piu’ del 90% delle aziende utilizza almeno una applicazione basata sul cloud computing per gestire dati aziendali in modo sicuro. Inoltre, un numero sempre maggiore di aziende e organizzazioni non…

Sviluppo informatico application programming interface Giacomo Lanzi

Application programming interface: our User API

In the IT development process, sooner or later we come across API services, which stands for Application Programming Interface. To date it is impossible to imagine IT development without. With the API it is possible to connect a service to an application and integrate it efficiently. Before introducing the specific APIs of the Cloud Server service, it is good to…

Programma di affiliazione Giacomo Lanzi

Secure Online Desktop affiliate program

Joining the Secure Online Desktop affiliate program is an interesting opportunity to make the most of your business and generate extra long-lasting revenue. To put it simply, affiliate marketing is a performance-based business model that rewards partners for generating a certain action, usually a sale. This form of business can be an incredibly beneficial and low-risk way of offering quality…

Managed service provider - gestione IT Giacomo Lanzi

Managed Service Provider

When you approach the world of the network in a professional way, whether it is a site, an online app, a storage system or a VPS, it is quite clear that the management of computer systems requires specific skills that are not always available . So how do you make your company competitive on the network without having specific resources…

Secure Online Desktop - Cloud Computing Giacomo Lanzi

The history of Secure Online Desktop

Since 2011, Secure Online Desktop is a Cloud Computing services company based in Reggio Emilia (Italy). Founded by a group of engineers experienced in distributed data centers, the first product was a Secure Virtual Desktop, hence the name chosen for the company. The expertise that marked the foundation of the project also includes cyber security, as underlined in the name….

WebRTC per videoconferenze Giacomo Lanzi

WebRTC vs. proprietary software

When it comes to the topic of video conferencing, the solutions available on the market are divided into two main categories: those that require the installation of a specific proprietary software and those that use the WebRTC standard instead. This type of web service has nothing to envy to proprietary software, such as Skype, but offers the undeniable advantage of…

gestione-wordpress-seo Giacomo Lanzi

Manage WordPress from the hosting panel

With Secure Online Desktop hosting plans, you have access to a convenient control panel. In addition to the collection of all information on the status of the server, the management of mailboxes and files, it is also possible to access a dedicated panel to manage WordPress in all its aspects. The section of the panel is called WordPress Toolkit and…

Zabbix: monitoraggio ICT Giacomo Lanzi

Zabbix: Web console for monitoring

An indispensable tool for keeping complex infrastructure controlled is a monitoring system. Secure Online Desktop (SOD) Web Console does just that: it offers the tools to control a network of machines and devices to verify its efficiency. Web Console is based on Zabbix, a scalable Open Source platform with huge capabilities. Among the advantages of the SOD Web Console, there…

monitoring system Giacomo Lanzi

IT monitoring system – Operation

Once you set up an IT development and management environment, it can be difficult to keep everything under control. IT monitoring systems come in handy, specifically designed to keep the entire system monitored. The monitoring system of an ICT infrastructure allows you to report any anomalies that may occur within the components of the IT network. In this world, it…

Serve VPS SuperCloud di Secure OD Giacomo Lanzi

SuperCloud – manage your VPS cloud network

When the resources required by a single virtual server are no longer enough, it’s time to move on to a more complex solution. SuperCloud of the Secure Online Desktop (SOD) allows the creation of a VPS cloud network to support every need for data processing and web software distribution. With the flexible management of the server infrastructure in connection with…

Virtual Data Center con Secure OD Giacomo Lanzi

Virtual data center and its advantages

One of the biggest advantages of using cloud technology is that it allows relatively small businesses to access an IT infrastructure at low cost. In the form of a virtual data center, the expected expenditure is clearly lower than the capital needed to build a real one. As a guarantee of flexibility and scalability, the cost remains limited to the…

hosting sito web Giacomo Lanzi

Server hosting for SOD website

Based on what the actual need is, choosing hosting for a website is essential. The resources needed to host a fast and secure portal must be the basis on which to decide which plan to choose. Choosing the right provider for the server hosting plan can be complicated, and it’s easy to get lost in the alternatives that the network…

Cloud Server di Secure OD Giacomo Lanzi

Your virtual machine with Cloud Server

The Cloud Server service allows flexible management of the resources of a remote virtual server (VPS). That is, the concrete advantage of having complete control over the server machines without the disturbance of their physical management. There will be no need to update, manage or restart a physical machine. The servers created through the Secure Online Desktop (SOD) service are…

Hosting sito web - server e funzionalità Giacomo Lanzi

Online hosting for websites

Online hosting is the process of using space on a remote server to host a website. The content of the pages (HTML, CSS, images, etc.) must be loaded into the server space to be reached online. Website hosting service providers have servers, connectivity and associated services for hosting online pages. By offering a variety of plans for online hosting, they…

pentest e sicurezza informatica Giacomo Lanzi

Security: pentest and verification of vulnerabilities

The computer security of a system is very important to avoid unpleasant inconveniences due to malicious attacks. In principle, it is not enough to set up a complete security system, you must also check that the above systems are working. To do this we turn to professionals who can carry out pentest (penetration tests) and carry out a vulnerability check….

Piattaforma per la videoconferenza Giacomo Lanzi

Videoconferencing platform

Secure Online Desktop offers a Videoconferencing platform (cloud conference) that does not require any installation of dedicated software on the computer. The only requirements to be met are Adobe Flash support and an internet connection. Video call features include real-time sharing of audio, video, presentations, screen sharing. But not only, also collaboration tools among the participants such as: the blackboard,…

Share


RSS

More Articles…

Categories …

Tags

RSS Dark Reading:

RSS Full Disclosure

  • Backdoor.Win32.Hupigon.adef / Remote Stack Buffer Overflow January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/c8f55ce7bbec784a97d7bfc6d7b1931f.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Hupigon.adef Vulnerability: Remote Stack Buffer Overflow Description: Backdoor Hupigon (Cracked by bartchen) bartchen () vip sina com, listens on TCP ports 8001,8002,8003,8004 and 8005. Sending a large contaminated HTTP POST request...
  • Backdoor.Win32.Xel / Remote Authentication Buffer Overflow January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/3648c68bfe395fb9980ae547d881572c.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Xel Vulnerability: Remote Authentication Buffer Overflow Description: Xel listens on TCP port 8023 and requires authentication good for them!, upon connecting you are greeted with a password prompt: XeL TROJAN based […]
  • Backdoor.Win32.Verify.f / Missing Authentication January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/119cd00c48678d63ec07762a7ff08ac7.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Verify.f Vulnerability: Missing Authentication Description: Backdoor.Win32.Verify by pMK, yet another self-hating backdoor as it lacks authentication granting access to whoever can reach the infected system. This malware listens on...
  • Backdoor.Win32.Onalf / Missing Authentication January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/ba815d409cd714c0eac010b5970f6408.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Onalf Vulnerability: Missing Authentication Description: WinRemoteShell (Onalf) listens for commands on TCP port 2020. Interestingly, it will only start listening once it can connect outbound to SMTP port 25. Not much […]
  • Backdoor.Win32.WinShell.30 / Remote Stack Buffer Overflow / Missing Authentication January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/56a2b135c8d35561ea5b04694155eb77.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.WinShell.30 Vulnerability: Remote Stack Buffer Overflow / Missing Authentication Description: WinShell.30 listens on TCP port 5277 for commands. Attackers or responders who can reach the infected host can trigger a buffer […]
  • Backdoor.Win32.Zxman / Missing Authentication January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/6b2a9304d1c7a63365db0f9fd12d39b0.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zxman Vulnerability: Missing Authentication Description: Backdoor.Win32.Zxman by Zx-man listens on TCP port 2048 for commands. However, anyone who can reach the infected host can take control as there is no authentication […]
  • Backdoor.Win32.Whisper.b / Remote Stack Corruption January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/a0edb91f62c8c083ec35b32a922168d1.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Whisper.b Vulnerability: Remote Stack Corruption Description: Whisper.b listens on TCP port 113 and connects to port 6667, deletes itself drops executable named rundll32.exe in Windows\System dir. The malware is prone to […]
  • Backdoor.Win32.Whirlpool.10 / Remote Stack Buffer Overflow January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/bf0682b674ef23cf8ba0deeaf546f422.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Whirlpool.10 Vulnerability: Remote Stack Buffer Overflow Description: Whirlpool listens on UDP Datagram ports 8848 and 8864. Sending a 192 byte payload to port 8864 triggers a stack buffer overflow overwriting both […]
  • Backdoor.Win32.Zombam.geq / Remote Buffer Overflow January 22, 2021
    Posted by malvuln on Jan 22Discovery / credits: Malvuln - malvuln.com (c) 2021 Original source: https://malvuln.com/advisory/fd14cc7f025f49a3e08b4169d44a774e.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Zombam.geq Vulnerability: Remote Buffer Overflow Description: Zombam.geq listens for connections on TCP port 80 and trys connect to SMTP port 25. By sending a HTTP GET request of about 2000 bytes […]
  • [REVIVE-SA-2021-001] Revive Adserver Vulnerabilities January 22, 2021
    Posted by Matteo Beccati via Fulldisclosure on Jan 22======================================================================== Revive Adserver Security Advisory REVIVE-SA-2021-001 ------------------------------------------------------------------------ https://www.revive-adserver.com/security/revive-sa-2021-001 ------------------------------------------------------------------------ CVE-IDs: CVE-2021-22871, CVE-2021-22872, CVE-2021-22873 Date:...

Customers

Newsletter