direttiva NIS Piergiorgio Venuti

NIS: what it is and how it protects cybersecurity

The NIS Directive (Network and Information Security) was issued in 2016 by the European Union with the aim of achieving a high level of security of networks and information systems in the European Union. It applies to essential service providers, such as energy, transport, banks, healthcare, and digital service providers, such as search engines, cloud and e-commerce. NIS has introduced…

Advanced Persistent Threat hacker Giacomo Lanzi

Advanced persistent threats (APTs): what they are and how to defend yourself

An advanced persistent threat (APT) is a broad term used to describe an attack campaign in which an intruder, or a group of intruders, establishes an illicit and long-term presence on a network in order to extract highly sensitive data. The targets of these assaults, which are chosen and studied with great care, typically include large corporations or government networks. The…

Penetration Testing e MFA Piergiorgio Venuti

Penetration Testing and MFA: A Dual Strategy to Maximize Security

In a digital world where cyber threats are increasingly sophisticated, multi-factor authentication (MFA) represents a crucial defense against unauthorized access. However, the growing prevalence of phishing attacks aimed at bypassing MFA raises significant questions about post-authentication security and the overall effectiveness of security strategies. In this context, we examine how penetration testing can be used to assess and strengthen the…

Penetration Testing Dove Colpire Piergiorgio Venuti

Penetration Testing: Where to Strike to Protect Your IT Network

Introduction In an increasingly interconnected and digital world, cybersecurity has become a top priority for companies of all sizes. One of the most effective techniques to identify vulnerabilities and improve security is penetration testing, also known as pen testing or ethical hacking. But in a complex network with different environments, which ones are the most suitable for pen testing efforts?…

attacco ransomware Piergiorgio Venuti

Ransomware: a plague that brings companies and institutions to their knees. Should you pay the ransom? Here is the answer.

The devastating impact of ransomware on businesses Ransomware has become one of the most damaging cyber threats to businesses in recent years. Cyber criminals target company networks, encrypt important files, and demand a ransom to provide the decryption key. The dilemma of whether or not to pay the ransom is something every affected company has to face. According to the…

Audit IT Piergiorgio Venuti

Why IT audit and log management are important for Cybersecurity

Introduction Cybersecurity has become a major concern for modern businesses. With the increase in cyber attacks, data breaches and privacy threats, organizations must take proactive measures to protect their systems and data. Two key components of any cybersecurity program are IT audit and log management. But what is the difference between these two aspects? And why are both necessary? What…

purple team cover Giacomo Lanzi

Red Team, Blue Team and Purple Team: what are the differences?

When we talk about cybersecurity and find ourselves on the side of the attacked, we often limit ourselves to thinking in terms of defense, protection and containment of threats. However, the approach that works best is one in which you put yourself in the attacker’s shoes and treat your infrastructure as the target of their actions. Only in this way…

Mercedes sicurezza informatica Piergiorgio Venuti

Mercedes’ Oversight Puts Company Secrets at Risk: Why Cyber Threat Intelligence is Critical

Mercedes-Benz recently suffered a major cybersecurity incident after an employee inadvertently posted an enterprise authentication token on GitHub. This oversight potentially allowed unauthorized access to Mercedes-Benz’s source code, projects, design documents, and other sensitive information. The incident was discovered by the security firm RedHunt Labs during a routine monitoring activity. The token, posted on GitHub in September 2022, could have…

SOC vs MDR Piergiorgio Venuti

SOC vs MDR: Complete Guide to Comparing Security Operations Center and Managed Detection and Response

The comparison between SOC and MDR is crucial when evaluating options for threat monitoring and response. But what are the key differences between an internal Security Operations Center and an external Managed Detection and Response service? This guide provides a detailed analysis of SOC vs MDR. What is a SOC? A Security Operations Center (SOC) is an internal facility dedicated…

validazione della sicurezza Piergiorgio Venuti

Strengthen Your Security Posture with Continuous Threat Validation

Improve Corporate Security Posture with Secure Online Desktop’s Posture Guard Service for Continuous Threat Validation Cyber threats are evolving at an increasingly rapid pace. To effectively protect a company, it is essential to regularly assess and validate the effectiveness of security controls. Secure Online Desktop’s Posture Guard service allows you to do this continuously and automatically, providing a unified view…

posture guard Piergiorgio Venuti

Introduction to the Posture Guard Managed Cyber Security Service

What is Posture Guard? Posture Guard is the new managed Cyber Security service offered by Secure Online Desktop to protect companies from cyber attacks and data breaches. It is a cutting-edge solution that uses continuous Breach Attack Simulation (BAS) techniques to constantly evaluate an organization’s security posture and identify potential vulnerabilities before they can be exploited by hackers. The Posture…

malware zero click Piergiorgio Venuti

Zero Click Malware: The Invisible Digital Threat – How to Recognize and Defend Yourself

What is Zero Click Malware Zero click malware, also known as non-click malware or in-memory malware, is a new type of malware that can infect a device without the user taking any action. Unlike traditional malware that requires the user to click on a link or open an infected attachment, zero click malware is able to install itself on the…

ICT_Disaster_Recovery_Plan Piergiorgio Venuti

Disaster Recovery Plan: Safeguarding the Future of Your Company

Today’s digital world is a dynamic and constantly evolving environment, where security and operational continuity represent not only a need, but a true imperative for companies of all sizes and sectors. In this context, a well-structured Disaster Recovery (DR) Plan is essential to ensure resilience and rapid response in the event of unexpected events and IT disasters. In this article,…

quishing Piergiorgio Venuti

Quishing: the dangerous hybrid between phishing and QR code

Introduction The advent of digital technology has brought with it numerous opportunities, but also new threats to cybersecurity. Among these threats, phishing has gained notoriety as one of the most popular methods to obtain sensitive information from users. However, an evolution of this threat has emerged recently, called “quishing”. In this article, we will explore the concept of quishing in…

data loss prevention data protection Giacomo Lanzi

Data Loss Prevention: definition and uses

Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused or accessed by unauthorized users. DLP software classifies regulated, confidential and business-critical data and identifies violations of policies defined by organizations or within a predefined policy package. Default policies are typically dictated by regulatory compliances such as HIPAA, PCI-DSS,…

XDR laptop Giacomo Lanzi

XDR as an approach to security

Just like any other IT field, the cybersecurity market is driven by hype . Currently hype towards XDR, ie eXtended Detection and Response . XDR is the latest in threat detection and response, a key element of a company’s infrastructure and data defense . What exactly is XDR? XDR is an alternative to traditional responsive approaches that only provide layer…

Threat Intelligence Virtual Giacomo Lanzi

What is threat intelligence?

I dati di threat intelligence forniscono alle aziende approfondimenti rilevanti e tempestivi necessari per comprendere, prevedere, rilevare e rispondere alle minacce alla sicurezza informatica. Le soluzioni di intelligence sulle minacce raccolgono, filtrano e analizzano grandi volumi di dati grezzi relativi a fonti esistenti o emergenti di minacce. Il risultato sono feed di threat intelligence e rapporti di gestione. I data…

Giacomo Lanzi

What is Vishing and how does it work

Vishing is a particular type of phishing that uses VoIP (Voice over IP) technology to carry out attacks. Unlike traditional landline telephone services, with VoIP technology it is possible to carry out telephone conversations using the Internet connection. Hackers often use VoIP in their vishing attacks because this allows them to spoof their caller ID with great ease. Posing as…

Security Data Lake Concept laptop Giacomo Lanzi

What is it for? Hadoop Security Data Lake (SDL)

New cybersecurity threats continue to emerge every day and hackers develop new intrusion techniques to access sensitive data and breach IT systems. This is why it is necessary to collaborate with high-level experts who keep track of new developments in the field of IT security. With the birth and continuous evolution of Big Data, the concept of Data Lake and…

ISO 27001 Secure Online Desktop.jpg Piergiorgio Venuti

Secure Online Desktop achieves ISO 27001: the security certification for managed services

Secure Online Desktop recently achieved ISO 27001 certification for its information security management system (ISMS). Let’s explore what this important milestone means for customers who rely on the company to protect their data and critical IT systems. What is ISO 27001 certification? ISO 27001 is a certification issued by an accredited third party which attests to the compliance of a…

webinar sicurezza IT Piergiorgio Venuti

SOCaaS and Active Defense Deception Webinar – Guide to the next cybersecurity online event

The online webinar “SOCaaS and Active Defense Deception: a winning approach for managed security” organized by Secure Online Desktop will be held on October 20th at 10am. Let’s see why it is interesting to participate in the free event presenting these solutions for corporate cybersecurity. What is SOCaaS with Next Generation SIEM? SOCaaS (Security Operation Center as a Service) is…

Piergiorgio Venuti

Auditing IT della sicurezza: guida completa all’analisi proattiva di vulnerabilità e conformità

Eseguire controlli di sicurezza regolari e approfonditi sull’infrastruttura IT è fondamentale per identificare e mitigare rischi cyber ed eventuali vulnerabilità prima che vengano sfruttate dagli attaccanti. In questo articolo esaminiamo l’importanza di implementare un programma continuativo di auditing della sicurezza IT e come esternalizzarlo a fornitori specializzati. Cos’è l’auditing della sicurezza IT? L’auditing IT consiste nell’analizzare nel dettaglio configurazioni, policy,…

CIS Controls e Vulnerability Assessment Piergiorgio Venuti

CIS Controls and Vulnerability Assessment: practical guide to adopting best practices

Critical Security Controls, also known as CIS Controls, are a series of cybersecurity actions and technologies developed to protect organizations from common and effective cyber attacks. This article explains what CIS is, the benefits of adopting CIS Controls and how to integrate them into the Vulnerability Assessment process to improve your security posture. What is CIS (Center for Internet Security)?…

Kerberoasting Piergiorgio Venuti

Kerberoasting: a threat to cybersecurity and how to mitigate it with Security Posture analysis

Introduction Cyber security is a crucial aspect for companies and organizations of all sizes. One of the most insidious attacks in the IT security landscape is Kerberoasting. This type of attack exploits weaknesses in the Kerberos protocol, used to authenticate users in network systems. In this article, we will explore in detail this threat, its consequences and how to mitigate…

servizio SOC con EDR Piergiorgio Venuti

Protect Your Business: Antivirus vs. SOC Service with EDR and Next Generation Antivirus (NGA)

Cybersecurity has become crucial for businesses of all sizes and industries. The growing complexity of cyber threats has made it necessary to use increasingly advanced tools and services to protect networks and devices. In this article, we will look at the differences between traditional antivirus software and a Security Operations Center (SOC) service with Endpoint Detection and Response (EDR) that…

CSIRT e SOC Piergiorgio Venuti

CSIRT and SOC: Differences between incident management and security monitoring

Introduction The protection of corporate information has become an essential necessity for any organization. To achieve this goal, having teams specialized in IT security is essential. But what are the differences between a CSIRT and a SOC? And how can they complement each other? In this article we will analyze CSIRT and SOC in detail, highlighting similarities and differences between…

analisi della postura di sicurezza Piergiorgio Venuti

Security posture analysis: Complete guide to strengthening cybersecurity

The analysis of the security posture: how to evaluate the protection of the IT infrastructure Security posture analysis is a fundamental process for assessing the protection of an organization’s IT infrastructure against cyber threats. Knowing the strengths and weaknesses of IT security allows you to implement targeted controls to reduce cyber risks. What is Security Posture Analysis Security posture analysis,…

deception vs edr Piergiorgio Venuti

Deception vs EDR: What’s the Best Threat Defense Strategy?

Introduction Cybersecurity is a daily challenge for businesses, with threats constantly evolving. Two approaches that are emerging to strengthen your security posture are Deception technology and Endpoint Detection and Response (EDR) tools. But what are the differences and advantages of each? This article compares Deception and EDR to help choose the best strategy. What is Deception Technology? Deception technology uses…

deception technology Piergiorgio Venuti

Deception: Tricking Hackers to Secure Your Network

Deception: Comparison with Hackers on Their Ground “We pay hackers their own coin by using the same defenses and techniques that malware uses against computer systems by modeling the attackers’ decision-making process.” Introduction to Deception Deception is a proactive cybersecurity approach that uses traps or decoys to trick attackers into revealing their presence. By transforming the computer system into a…

Active Defence Deception Piergiorgio Venuti

Active Defense Deception: cybersecurity that beats hackers with their own weapons

We pay hackers their own coin by using the same defenses and techniques that malware uses against computer systems by modeling the attackers’ decision-making process. What is Active Defense Detection The Active Defense Deception is an innovative cybersecurity service offered by the Secure Online Desktop company to protect companies from the most sophisticated cyber attacks. It is a deception technology…

decezione informatica Piergiorgio Venuti

Deception: what it is, how it works and why it is essential for cybersecurity

Deception: what is it and what is it for? Cyberdeception, also known as “decemption“, is an emerging cybersecurity technique that is increasingly popular among companies. In this article we will see in detail what it is, how it works and what advantages it offers for protection against advanced cyber threats. What is deception? Cyberdeception or “decemption” is the deliberate distribution…

CSIRT Piergiorgio Venuti

CSIRT: respond to IT incidents to protect the business

Introduction In recent years, cybersecurity has become a priority for all companies of all sizes. Cyber attacks are increasingly sophisticated and can cause serious damage, both economic and reputational. To protect themselves from attacks, companies must adopt 360-degree cybersecurity solutions, which include not only prevention tools but also incident detection and response tools. In this context, the CSIRT (Computer Security…

Dati ransomware pubblicati in chiaro Piergiorgio Venuti

The data exfiltrated during a double extortion ransomware attack is not public. Let’s dispel a myth

Introduction Ransomware attacks are becoming more common and lucrative for cybercriminals. In particular, the “double extortion” variant involves not only encrypting the victim’s data, but also stealing and threatening to publish it online for ransom. It is commonly believed that stolen data is not actually disclosed publicly, but remains confined to the dark web. In reality, things are not like…

Piergiorgio Venuti

Deception – Grazie per averci contattato!

Di seguito alcune informazioni utili FAQ Knowledge-base Documenti Supporto

Falsi miti sicurezza informatica Piergiorgio Venuti

False IT security myths: because backup, cloud, firewall and antivirus alone are no longer enough

Introduction Cyber security has become a major concern for businesses and individuals. With cyberattacks and data breaches on the rise, many still believe that solutions like data backup, cloud storage, firewalls, and antivirus are enough to protect their digital assets. However, these solutions alone are no longer enough to deal with today’s threats. In this article we will analyze why…

right boom Piergiorgio Venuti

How to manage the “right boom” after a security incident with Log Management, IT monitoring and SOCaaS services

The “right boom” refers to the frenetic situation that occurs in the immediate aftermath of a major cybersecurity incident such as a data breach or ransomware attack. When a business suffers a breach, it’s critical to act quickly to contain the damage, restore systems, assist affected customers, and initiate a forensic investigation. This intense phase of activity is known as…

Threat Hunting nei servizi Piergiorgio Venuti

What is Threat Hunting activity and why is it included in SOCaaS services

In today’s digital world, cybersecurity has become a priority for companies of all sizes and industries. Cyberthreats are constantly evolving, and to stay ahead, organizations need to implement a variety of tactics and strategies. One of these is Threat Hunting, which has become a key component of SOCaaS (SOC as a Service). In this article, we’ll explore what exactly threat…

servizio di vulnerability assessment continuativo Piergiorgio Venuti

Protect your company with a continuous vulnerability assessment service: the perfect solution to integrate VA and PT

Cybersecurity has become a fundamental pillar of modern businesses, and with the increase of threats and risks, it is imperative to adopt ever more advanced protection measures. In this context, the Vulnerability Assessment (VA) and the Penetration Test (PT) play a crucial role. However, it is also necessary to consider the importance of an ongoing vulnerability assessment service to guarantee…

Advanced Persistent Threat (APT) Piergiorgio Venuti

Advanced Persistent Threat (APT): because they make the backup system useless and the false perception of security

Index Introduction Cybersecurity is an area of growing importance to businesses, due to the increase in frequency and complexity of cyberattacks. One of the more insidious threats are Advanced Persistent Threats (APTs), which can penetrate computer systems and remain hidden for long periods, causing long-term damage. In this article, we’ll look at APTs and why they render your backup system…

Ethical Phishing Piergiorgio Venuti

Ethical Phishing: the key to protecting your business from cyber threats

Index Introduction In the digital age, cyber security has become a priority for all businesses. One of the most insidious threats is phishing, a social engineering technique used to steal sensitive information by sending fraudulent emails. To combat this threat, it is imperative that companies implement effective security measures, including Ethical Phishing campaigns. In this article, we’ll explore why every…

Penetration Test Interno Piergiorgio Venuti

Why it is essential to carry out the Internal Penetration Test as well as the external one: a complete guide to IT security

In an increasingly connected and digitized world, cyber security has become a major concern for businesses. An effective protection system must provide for the implementation of both external and internal measures to ensure maximum security of data and company resources. In this article, we will explore the importance of performing Internal as well as external Penetration Testing and how Secure…

benefici soar cover Giacomo Lanzi

The SOAR benefits: simplifying investigation and response

The growing impact of cyber threats, on private or corporate operating systems, leads more and more users to use third-party applications to protect work information. Fortunately, the implementation of new technologies improves this condition. Among the most interesting solutions, aimed at protecting corporate systems, is the SOAR technology with its benefits. What are the potential and the advantages that a…

security code review cover Giacomo Lanzi

Security Code Review: How the service works

The Security Code Review (SCR) service is increasingly used by companies looking for effective solutions for cyber security . The large number of programming languages require well-defined security parameters to benefit from thorough control. Thanks to our dedicated service for Security Code Review it is possible to identify critical defects and serious data breaches without necessarily investing a significant budget….

automated response integration cover Giacomo Lanzi

Integration of the automated response: the automations in SOCaaS

The issue of information security is very topical in this historical period characterized by digitization. To protect themselves, businesses and individuals can use a variety of tools that can prevent an attack, but also help manage it. In this article we talk about Automated Response Integration and the automations in the SOCaaS offered by SOD . Although the systems used…

Giacomo Lanzi

Coordination between CTI and SOC: how to further raise the defenses

The Cyber Threat Intelligence (CTI) and a Security Operations Center (SOC) are two important parts in a company’s security process. They help identify and mitigate the risks involved in the digital world. CTI is a proactive measure that helps identify potential threats, while SOC is a reactive measure that helps detect and mitigate an attack. Together, CTI and SOC are…

server ridondanti cavi Giacomo Lanzi

New Cloud Server: redundant internet

One of the biggest fears an IT team can have is data loss caused by a sudden lack of server connection. To meet the needs of our customers, present and future, we have decided to offer free the redundant internet functionality for our service Cloud Server . Today we want to explain what redundant internet means and how this functionality…

Certificato di qualità Giacomo Lanzi

Quality certificate for the SOCaaS of SOD

The technology we use to deliver our SOCaaS has been awarded a quality certificate . Today we want to talk about this, explaining again what a SOC is and why a SOCaaS is an ideal solution for companies. Of course, we will also explain what it is about when we talk about the quality certificate and how this ensures excellent…

Managed Detection and Response cover Giacomo Lanzi

Managed Detection and Response: a new preventive approach

The constant use of communications over the network in a corporate context makes it essential to take precautions for computer security. As we have seen on other occasions, the dangers can come from different fronts: phishing , ransomware , data breach , etc. The implementation of new strategies such as Managed Detection and Response allows to mitigate risks and identify…

CLUSIT e il team Giacomo Lanzi

CLUSIT: our collaboration for better services

Cyber security is an important point for all companies that use the network as a communication tool. This is why we have decided to carry out a fundamental operation that allows us to offer a better service to our customers . We have partnered with CLUSIT to make our services even more professional. A fundamental-collaboration to improve and improve The…

intelligenza artificiale monitoring chip Giacomo Lanzi

The use of artificial intelligence in monitoring

When we refer to artificial intelligence, we often refer to the great technologies that could control the world, with an obvious streak of science fiction. The reality is very different and is characterized by a technology with great potential, which is able to ensure countless advantages . Today we talk about how artificial intelligence can be implemented in monitoring. The…



More Articles…

Categories …


RSS darkreading

RSS Full Disclosure

  • BACKDOOR.WIN32.DUMADOR.C / Remote Stack Buffer Overflow (SEH) April 19, 2024
    Posted by malvuln on Apr 19Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/6cc630843cabf23621375830df474bc5.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Backdoor.Win32.Dumador.c Vulnerability: Remote Stack Buffer Overflow (SEH) Description: The malware runs an FTP server on TCP port 10000. Third-party adversaries who can reach the server can send a specially […]
  • SEC Consult SA-20240418-0 :: Broken authorization in Dreamehome app April 19, 2024
    Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 19SEC Consult Vulnerability Lab Security Advisory < 20240418-0 > ======================================================================= title: Broken authorization product: Dreamehome app vulnerable version:
  • MindManager 23 - full disclosure April 19, 2024
    Posted by Pawel Karwowski via Fulldisclosure on Apr 19Resending! Thank you for your efforts. GitHub - pawlokk/mindmanager-poc: public disclosure Affected application: MindManager23_setup.exe Platform: Windows Issue: Local Privilege Escalation via MSI installer Repair Mode (EXE hijacking race condition) Discovered and reported by: Pawel Karwowski and Julian Horoszkiewicz (Eviden Red Team) Proposed mitigation:...
  • CVE-2024-31705 April 14, 2024
    Posted by V3locidad on Apr 14CVE ID: CVE-2024-31705 Title : RCE to Shell Commands" Plugin / GLPI Shell Command Management Interface Affected Product : GLPI - 10.X.X and last version Description: An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary code via the insufficient validation of user-supplied input. […]
  • SEC Consult SA-20240411-0 :: Database Passwords in Server Response in Amazon AWS Glue April 14, 2024
    Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 14SEC Consult Vulnerability Lab Security Advisory < 20240411-0 > ======================================================================= title: Database Passwords in Server Response product: Amazon AWS Glue vulnerable version: until 2024-02-23 fixed version: as of 2024-02-23 CVE number: - impact: medium homepage: https://aws.amazon.com/glue/ found:...
  • [KIS-2024-03] Invision Community <= 4.7.16 (toolbar.php) Remote Code Execution Vulnerability April 11, 2024
    Posted by Egidio Romano on Apr 10------------------------------------------------------------------------------ Invision Community
  • [KIS-2024-02] Invision Community <= 4.7.15 (store.php) SQL Injection Vulnerability April 11, 2024
    Posted by Egidio Romano on Apr 10-------------------------------------------------------------------- Invision Community
  • Multiple Issues in concretecmsv9.2.7 April 11, 2024
    Posted by Andrey Stoykov on Apr 10# Exploit Title: Multiple Web Flaws in concretecmsv9.2.7 # Date: 4/2024 # Exploit Author: Andrey Stoykov # Version: 9.2.7 # Tested on: Ubuntu 22.04 # Blog: http://msecureltd.blogspot.com Verbose Error Message - Stack Trace: 1. Directly browse to edit profile page 2. Error should come up with verbose stack trace […]
  • OXAS-ADV-2024-0001: OX App Suite Security Advisory April 11, 2024
    Posted by Martin Heiland via Fulldisclosure on Apr 10Dear subscribers, We&apos;re sharing our latest advisory with you and like to thank everyone who contributed in finding and solving those vulnerabilities. Feel free to join our bug bounty programs for OX App Suite, Dovecot and PowerDNS at YesWeHack. This advisory has also been published at https://documentation.open-xchange.com/appsuite/security/advisories/html/2024/oxas-adv-2024-0001.html. […]
  • Trojan.Win32.Razy.abc / Insecure Permissions (In memory IPC) April 11, 2024
    Posted by malvuln on Apr 10Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2024 Original source: https://malvuln.com/advisory/0eb4a9089d3f7cf431d6547db3b9484d.txt Contact: malvuln13 () gmail com Media: twitter.com/malvuln Threat: Trojan.Win32.Razy.abc Vulnerability: Insecure Permissions (In memory IPC) Family: Razy Type: PE32 MD5: 0eb4a9089d3f7cf431d6547db3b9484d SHA256: 3d82fee314e7febb8307ccf8a7396b6dd53c7d979a74aa56f3c4a6d0702fd098 Vuln ID: MVID-2024-0678...