Sono già due giorni che ricevo notifiche di aziende e soggetti colpiti da diverse versioni di Kryptoloker ed altri ransomware. Evidentemente c’è una recrudescenza di questi attacchi nel nostro paese in questi giorni. Alcune versioni sono rimaste “undetected” anche dai maggiori antivirus che stanno provvedendo a emettere patch specifiche (kudos a Sophos per la rapidità ed efficienza di intervento in un caso da me incontrato). Per i non addetti al settore, questi malware si installano in macchine ospiti infettate ed iniziano a procedere alla encryption di documenti, files e cartelle. Se la macchina ha accesso a share remoti anche questi…
Like this:
Like Loading...
When I’m talking about security with customers, partners or at an event the first question I usually receive is: how much this will cost to me? This is an understandable question, costs have to be monitored and expenditures have to be planned wisely; how much I can spend on security is a quite interesting topic. The problem, alas, is that usually IT managers do not use a clear model when planning investment in security but seemed to be attracted more by strange inner believes than an empirical analysis of cost and benefits. Another point that I’ve always found quite curious is that…
Like this:
Like Loading...
Advanced Persistent Threat: come muoversi tra il marketing e la realtà? Questo post riporta le immagini della presentazione che ho tenuto al Festival ICT il 6 di novembre. oltre al post metterò su slideshare a disposizione anche l’intera presentazione in visione sperando di fare cosa gradita. Ovviamente le prime due slide sono introduttive, la prima rappresenta il titolo, l’orario ed il numero della sala 🙂 nella seconda abbiamo la grande opportunità di vedere anche la mia foto e la mia e-mail come referenza per chi fosse interessato. Vi tralascio la descrizione della animazione di transizione tra una slide e l’altra…
Like this:
Like Loading...
#680080 / gettyimages.com Ok lo sappiamo, windows server 2003 sta andando in EOL, ma la domanda è noi ci stiamo preparando o faremo la stessa cosa che è successa con windows XP facendoci trovare impreparati? Quanto hanno pianificato migrazione ed aggiornamento? La questione sembra banale, ma alla luce dello sviluppo dei rischi di sicurezza legati al mondo dell’informatica, e la lentezza con cui affrontiamo le problematiche di aggiornamento forse la questione non è cosi secondaria e futile. L’esperienza di WindowsXP Windows XP ci ha insegnato, o almeno avrebbe dovuto farlo, che non preoccuparsi della attualizzazione dei sistemi può portare a…
Like this:
Like Loading...
Most of the security solutions in the market those days leverage sandboxing technologies to deal with Advanced Persistent Threats, “0”days vulnerability, target attack and so on. It would be interesting to analyze the good and the limits of this kind of technologies to be able to better choose our security solutions. What is a Sandbox? sandboxing means to create a “virtual”, “fake” image that can be targeted by malware attackers o unknown security problems. Monitoring the change that happen to this decoy it is possible to understand if something strange is going on. The idea basically is that since the fake machine…
Like this:
Like Loading...
Mercoledì 22 Ottobre 2014 presso la sede ESPRINET – Via Energy Park 20 – Vimercate SEMINARIO “Sicurezza informatica nell’ambito della legislazione italiana. Le soluzioni di RSA.” Relatori: Antonio Ieranò – Security Advisor Fabrizio Banfi – RSA Distribution Manager Italia Agenda: 09:30 – 10:00 Registrazione 10:00 – 11:00 Cybercryme, leggi e responsabilità civili e penali– Ilquadronormativo:leggi,norme edinterpretazioni- Lo status del Cybercrime: vittime e complici inconsapevoli (ma complici) 11:00 – 11:00 La legge Italiana e le responsabilità dell’IT 12:00 – 12:45 Requisiti minimi per stare tranquilli: Rete, Dati, Utenti 12.45 – 14.00 Le soluzioni di RSA: Authentication Manager,…
Like this:
Like Loading...
Industry Panel to Discuss Cybersecurity, Biometrics and Security Issues in the Public and Private Sector Ideas get bigger when you share them… ÃÂ ÃÂ ÃÂ New York, NY – March 6, 2014 (www.investorideas.com newswire) Investorideas.com, an investor…
Like this:
Like Loading...
TECHNOLOGY originally published on DaftBlogger.com Wanted Dead or Alive: The Human Factor By Antonio Ieranò on September 29, 2013 at 7:45 PM Contents [hide] 1 From where should we start? 2 I said it all but… 3 Theory? OK I confess I am quite bored to listen to all those knowledgeable IT security experts talking about what is needed to secure a system. Everyone has his own point of view; of course they’re right when they say we need end-point security, mobile protection, anti-malware, anti-hacking, dlp, advance threat defense and protection. We all know we need firewalls, IPSIDS, cypher encryption systems, SSO, 802.1x, strong authentication, anti-virus, anti-everything,…
Like this:
Like Loading...
In my previous article, security costs and security budget, I made some assumption to simplify an introductory analysis on how much we should spend on security. Some of those assumptions have been made to simplify out tasks. Today I would like to quickly analyse some of those simplifications. One of the biggest assumption I made on the previous article is that if a problem cost us X then we can find a number n that express the number of incidents I’m allowed to permit so that nX can express the cost I’m allowed to accept. This simplification was based on…
Like this:
Like Loading...
When I’m talking about security with customers, partners or at an event the first question I usually receive is: “how much this will cost to me?” This is an understandable question, costs have to be monitored and expenditure have to be planned wisely, the problem of how much I canshould spend on security is a quite interesting topic. The problem, alas, is that usually IT managers do not use a clear model when planning investment in security but seamed to be attracted more by strange inner believes than a empirical analysis of cost and benefits. Another point that I’ve always found quite curious is that I’ve…
Like this:
Like Loading...
You must be logged in to post a comment.