Cyber Threat Trends Dashboard

Introduction Information sharing is one of the most important activity that cybersecurity researchers do on daily basis. Thanks to “infosharing” activities it is possible to block or, in specific cases, to prevent cyber attacks. Most of the infosharing activities involved in cybersecurity are mostly focused on Indicator of Compromise such as: URL, IPs, Domains and […]

Read more "Cyber Threat Trends Dashboard"

SWEED Targeting Precision Engineering Companies in Italy

Introduction Today I’d like to share a quick analysis of an interesting attack targeting precision engineering companies based in Italy. Precision engineering is a very important business market in Europe, it includes developing mechanical equipment for: automotive, railways, heavy industries and military grade technology . The attacker pretended to be a customer and sent to […]

Read more "SWEED Targeting Precision Engineering Companies in Italy"

Is Emotet gang targeting companies with external SOC?

Introduction The group behind Emotet malware is getting smarter and smarter in the way the deliver such a Malware. While the infection schema looks alike from years; the way the group tries to infect victims improves from day to day.Today I’d like to share a quick analysis resulted by a very interesting email which claimed […]

Read more "Is Emotet gang targeting companies with external SOC?"

Scraping the TOR for rare contents

Scraping the “TOR hidden world” is a quite complex topic. First of all you need an exceptional computational power (RAM mostly) for letting multiple runners grab web-pages, extracting new links and re-run the scraping-code against the just extracted links. Plus a queue manager system to manage scrapers conflicts and a database to store scraped data […]

Read more "Scraping the TOR for rare contents"