The boundaries of cyber-attacks are increasingly liquid today. Enabling technologies can be used to provoke unprecedented operations on an international scale, such as Israel’s operation against Hezbollah. As cybersecurity experts, let us analyse from an…
Tech Blog
CERT Posts
An advertisement for the sale of a vast database and 5 million pieces of data stolen from Italian websites. This is what was spotted on some forums dedicated to cyber attacks last August and concerning…
On 19 July 2024, a global technical failure affected Windows operating systems worldwide, causing the infamous ‘blue screen of death’ (BSoD). This problem knocked out 8.5 million Windows devices, including banks, airports, emergency services and…
An alarming escalation of attacks exploits the vulnerability CVE-2024-24919, which affects Check Point security gateways. This leak, classified as ‘serious’, allows attackers to extract sensitive information from devices connected to the Internet and enabled with…
Background: Open Directory and Threat Intelligence An open directory is a vulnerability that occurs when file access permissions are not properly configured on a Web server. This makes files and directories that should be confidential…
Introduction: Context DDoSia, an attack toolkit used to perpetrate Distributed Denial of Service (DDoS), has been created and utilized by the hacktivist nationalist group NoName057(16), which is supportive of Russia. This group primarily targets countries…
A due foreword on Ransomware as a Service: the ever-evolving threat Ransomware is a type of malware that encrypts victims’ data and demands a ransom in exchange for de-encryption. In recent years, ransomware has become…
Brute force attempts on national VPNs: The cybersecurity landscape right now is marked by a series of brute force attacks targeting various platforms, with a worrying focus on VPNs (Virtual Private Networks). The phenomenon, detected…
Ransomware and data encryption: a bit of history For years, criminals operating under ransomware attacks have been encrypting victims’ files directly from Windows operating systems. The effort of ransomware distribution has always been quite high,…
Tech Updates
In recent months, we have released a new module for the MDR Cypeer: CypeerPOT. This new functionality further enriches the capabilities of our Managed Detection and Response (MDR), offering an advanced way to identify ongoing…
Realized a new Dashboard for immediate horizontal correlation of alerts The introduction of the new alert management dashboard represents a significant step forward in the way companies monitor and manage internal security. In fact, this…
CSI (Cyber Security Intelligence) is CYBEROO’s Threat Intelligence service, based on Open Source Intelligence. Its goal is to detect, collect and analyze sensitive information and data found in the Deep and Dark Web to protect…
CYBEROO’s continuous investment in R&D has made possible the release of important updates to the Cypeer module, with the implementation of advanced Adaptive AI and Machine Learning technologies that enable improved analysis and stronger security…
Incident Response Reports
Infostealers: silent thieves in the digital world Infostealers are a particularly insidious type of malware, designed to steal personal and sensitive information stealthily and often unnoticed. These malicious programmes operate in the background, collecting data…
Knowing how to read a log and recognizing a behavioral anomaly, especially on non-working days and times, will inevitably reduce the risk of impairment. Recently, Cyberoo’s Incident Response team was engaged after a total Ransomware…
We often talk about data protection and how to protect against exfiltration as malware and ransomware attacks of different types continue to proliferate. Nevertheless, the reality is that companies are still doing too little. Cyberoo’s…
The statistics speak for themselves: the increase in ransomware attacks turns out to be across different organizations, regardless of their industry. This phenomenon can be attributed to several factors, including lack of adequate investment in…
It often happens to work with companies that have signed contracts with ICT service providers that turn out to be inefficient when needed. In today’s business environment, Cybersecurity management must be configured as a multidimensional…
It is common to have to deal with IT incidents and be faced with undesirable situations, not because of the type or severity of the incident, but rather because of the lack of organization of…
Recently, a company in northern Italy was victim of a serious cyber attack that resulted in the compromise of its infrastructure and the interruption of operations. The perpetrators of the malicious attack gained unauthorized access…