In recent days, a suspected data breach involving Instagram users has surfaced publicly, generating significant attention. The leaked database allegedly contains information on approximately 17.5 million accounts: a scale that, even without exposed passwords, deserves…
For years, Endpoint Detection and Response (EDR) has been considered one of the main defense technologies against cyber threats, thanks to its ability to provide near real-time visibility and response on endpoints. However, recent ransomware…
In the landscape of cyber threats targeting Italy, a particularly sensitive new incident has emerged: the sale, on a well-known Russian underground forum, of a vast archive containing healthcare data of citizens from Northern Italy….
In recent months, a case has emerged that is reshaping how we view advanced threats. For the first time, a general-purpose artificial intelligence model, Claude AI Code, was exploited as an almost fully autonomous agent…
The recent, high-profile robbery at the Louvre Museum has raised crucial questions—not only about the physical security of priceless artworks, but also about critical gaps in the cybersecurity defenses of institutions that manage assets of…
In many cases, both in the virtual and real world, perceived security does not match actual security. Aligning these two aspects is, in fact, the main goal of security awareness. The use of instant messaging…
When a large-scale service goes offline — as has happened with Amazon Web Services (AWS) — the first reaction is almost always the same: “Are we under attack?” In this case, however, the reality may…
In recent weeks, we have seen a wave of reports about the so-called “receipt scam”: recovered or photographed ATM/POS receipts become the starting point for social engineering attacks that lead to accounts being emptied or…
Cyberoo I-SOC identified an advertisement on a cybercriminal forum for a possible pre-auth exploit for Cisco Firewall Management Center that would allow arbitrary commands to be executed as root on Linux virtual appliances. The author…
In recent years, the criminal ransomware market has been based on a reproducible model: pre-packaged kits, payment infrastructures, and affiliates that run campaigns (RaaS). The emergence of local AI tools changes the attack surface: PromptLock,…
Network Intrusion Detection Systems (NIDS) are fundamental tools in contemporary computer security, designed to identify malicious activity and security policy violations through continuous monitoring of network traffic. The primary objective of a NIDS is to…
In the cybersecurity landscape, the focus has often been on identifying threats, which is crucial but not sufficient to ensure a comprehensive defence. The Cyberoo team has observed a growing need to improve remediation management,…
In recent months CYBEROO has launched Cypeer Agent X: an advanced agent designed to enhance the Cypeer MDR (Managed Detection and Response) with an in-depth analysis of the company’s security posture. In this article, we…
In recent months, we have released a new module for the MDR Cypeer: CypeerPOT. This new functionality further enriches the capabilities of our Managed Detection and Response (MDR), offering an advanced way to identify ongoing…
Realized a new Dashboard for immediate horizontal correlation of alerts The introduction of the new alert management dashboard represents a significant step forward in the way companies monitor and manage internal security. In fact, this…
CSI (Cyber Security Intelligence) is CYBEROO’s Threat Intelligence service, based on Open Source Intelligence. Its goal is to detect, collect and analyze sensitive information and data found in the Deep and Dark Web to protect…
CYBEROO’s continuous investment in R&D has made possible the release of important updates to the Cypeer module, with the implementation of advanced Adaptive AI and Machine Learning technologies that enable improved analysis and stronger security…
In recent weeks, a company in Italy fell victim to a double ransomware compromise. This case demonstrates how the lack of a structured DFIR (Digital Forensics & Incident Response) approach can lead to a second…
In the world of cybersecurity, incident response is a crucial process that requires precision and expertise. A significant example of an effective intervention by Cyberoo Incident Response Team is the case of a well-known consultancy…
Infostealers: silent thieves in the digital world Infostealers are a particularly insidious type of malware, designed to steal personal and sensitive information stealthily and often unnoticed. These malicious programmes operate in the background, collecting data…
Knowing how to read a log and recognizing a behavioral anomaly, especially on non-working days and times, will inevitably reduce the risk of impairment. Recently, Cyberoo’s Incident Response team was engaged after a total Ransomware…
We often talk about data protection and how to protect against exfiltration as malware and ransomware attacks of different types continue to proliferate. Nevertheless, the reality is that companies are still doing too little. Cyberoo’s…
The statistics speak for themselves: the increase in ransomware attacks turns out to be across different organizations, regardless of their industry. This phenomenon can be attributed to several factors, including lack of adequate investment in…
It often happens to work with companies that have signed contracts with ICT service providers that turn out to be inefficient when needed. In today’s business environment, Cybersecurity management must be configured as a multidimensional…
It is common to have to deal with IT incidents and be faced with undesirable situations, not because of the type or severity of the incident, but rather because of the lack of organization of…
Recently, a company in northern Italy was victim of a serious cyber attack that resulted in the compromise of its infrastructure and the interruption of operations. The perpetrators of the malicious attack gained unauthorized access…
