Category: Post

Understanding LOLBins, file-less attacks, and the power of Activity Monitor

The continuous evolution and appearance of new threats demand innovative approaches to protect against them. Two such sophisticated techniques that have gained prominence in recent years are LOLBins and file-less attacks. Individually potent, their combination poses a formidable challenge to traditional security measures. In this blog, we will delve into the intricacies of LOLBins and file-less attacks, explore their synergy, and introduce an advanced solution, Activity Monitor, designed to counteract these threats effectively.

Navigating the regulatory maze: How TRUST aWARE’s Privacy Search Engine simplifies compliance for software and solution developers

In the rapidly evolving landscape of technology, software and solution developers face a significant challenge in staying compliant with an array of regulatory requirements. The complexity of these requirements cannot be understated, especially in the domains of artificial intelligence (AI), personal data, cybersecurity, and data governance.

Exploring Activity Monitor amidst the ransomware landscape

The recent attack on China’s Industrial and Commercial Bank (ICBC) underscores the sophisticated threat landscape associated with ransomware, emphasising the need for heightened cyber security measures. The development of Activity Monitor is aimed at assisting organisations in addressing these kinds of threats.

Private search engines and traditional advertising platforms: uncovering the privacy risks

Is it possible for private search engines to preserve user privacy while depending on traditional advertising platforms?

Obfuscation in the Android ecosystem

Modifying a software application to make it harder to analyse is a task that has been done for years. One common goal is hiding Intellectual Property (IP) that is embedded in the code, and also licensing algorithms or program’s logic. Software protection techniques are also used by threat actors to hide malicious behavior in malware. The term obfuscation is typically used to refer to such modifications.

Harnessing the power of information sharing

Information sharing plays a pivotal role in the realm of cybersecurity due to the dynamic and sophisticated nature of the cyber threats. It entails the exchange of intelligence, insights, and knowledge about cyber threats, vulnerabilities, and defensive measures among organisations, government agencies, security researchers, and relevant stakeholders.

Data protection and security as important issues in education

The educational progression, specifically the challenges of more data protection and security tools, has led to the emergence to explore these issues. Our effort tries to define data protection and security as important issues in education and focuses on a popular subarea of it, namely “digital data protection”. In recent years, there has been a rise of concern in using digital tools in education. While there are a lot of potential advantages to adopting digital tools to improve education, there are also big obstacles to overcome. Digital technology must be used in a way that is open, just, and equitable.

Learnings of deploying machine learning models on endpoints via ONNX

Modern approaches to securing the computing infrastructure of organisations against cyberattacks are founded on solutions that monitor all systems in a network simultaneously. This paradigm relies on endpoint sensors – lightweight programs which monitor endpoint activities and collect behavioural events that feed into detection and response systems. In this paradigm, traditional data collection approaches involve streaming all collected events into a cloud backend, where data is then processed and analysed through rules-based detection logic and machine learning models. A complementary approach to this involves placing some detection logic on the sensor itself, closer to the data source. This blog post details WithSecure’s research in TRUST aWARE into using the ONNX framework to port machine learning models and functionality onto endpoint sensors.

Android OS customisations and the accompanying security risks

The research community has exhaustively analysed and put on the spotlight a lot of privacy and security abuses on applications published on mobile app markets like Google Play. However, pre-installed applications have not received so much attention despite their potential for causing security and privacy harm: they are privileged Operating System-level applications. In TRUST aWARE, we are actively developing new methodologies to gain a better understanding of the risks to which end-users can be exposed just by owning an Android handset.

Cybersecurity beyond IT: The human factor and the need for holistic protection – Interview with Microsoft expert Gaia Guadagnoli

Why is it important to involve both a company’s internal and external resources in the protection of cybersecurity? Because attacks will become increasingly sophisticated and evolved and will be linked to delicate geopolitical issues, but also because the human factor plays a crucial role among the elements of vulnerability. Cybersecurity represents an excellent professional opportunity for those beginning their careers, independently from their curriculum of studies. Onelia Onorati Social Media Manager at Fondazione Mondo Digitale interviewed Gaia Guadagnoli, Privacy, Data Protection & Security Technology Specialist at Microsoft Italy and coach of the Course organised as part of Fondazione Mondo Digitale Programme Ambizione Italia for Cybersecurity (March 6-9-13-16)

error: Content is protected !!