Cyber Security News 26/12/2020
Cyber Security News, the daily round-up of the main news in the cyber world. The Osint Cyber Search Engine service:
Security Blog
Cyber Security News 24/12/2020
Cyber Security News, the daily round-up of the main news in the cyber world. The Osint Cyber Search Engine service:
Cyber Security News 23/12/2020
Cyber Security News, the daily round-up of the main news in the cyber world. The Osint Cyber Search Engine service:
How to bypass the Cloudflare WAF using a padding technique
Cloudflare analysis by Giuseppe Fuggiano, Pierguido Iezzi and the Cyber Security Research Team . During a Penetration Testing activity, the Swascan Cyber Security Research Team (CSRT) and Incident Response Team discovered that it may be possible to bypass the Cloudflare Web Application Firewall (WAF) if not configured correctly, allowing attackers to exploit a wide range
SOC as a Service: Monitoring & Early Warning
SOC as a Service and Soc?: The Security Operation Center Soc as a service and SOC the differences: A Security Operations Center is a Cyber competence centre that provides services aimed at governance, monitoring and security management of corporate information systems. A Security Operation Center ( SOC ) provides the following managed services: Governance: guarantees
VenomRAT Malware analysis – Remote access Trojan
VenomRAT – Malware analysis Venomrat Malware. – The Swascan Cyber Research Team has tracked and analysed a RAT called VenomRat. The malware in question is named Venom Software or VenomRAT, a remote access Trojan (RAT) currently on sale on various forums on the darkweb but also available on websites accessible via a simple Google search.
ICT Security Assessment: do you really know your Risk level?
ICT Security Assessment -Today’s Cyber Security landscape requires the utmost attention to a set of internal macro indicators for all organisations. Maybe your organisation has an antivirus software to protect your company’s data? Or maybe you also have firewalls and encryption technology, so you think you can sit back and let the technology protect you
Smishing Attack Simulation: the mobile Cyber Sec solution
Smishing Attack Simulation – The word Smishing comes from the union of Phishing and SMS. This is simply the classic online Cyber Attack vector translated on a mobile platform, as the name suggests. If in the case of traditional Phishing Criminal Hackers use fraudulent e-mails – relying on a number of tricks of the trade
Pay2Key: New ransomware strain targets European companies
By: Pierguido Iezzi, Riccardo Paglia and Jim Koohyar Biniyaz In the last two weeks companies have reported a number of attacks by a new Ransomware strain called “Pay2Key”. Pay2Key has been developed in C++ programming language and threat actors weaponized its first iteration in October 2020. The Swascan Cyber Security Research Team has been one
Brochure Cyber Security: Swascan – Security Testing & Compliance
Brochure Cyber Security At the following link: Brochure Cyber Security you can download the latest Swascan brochure. In it, you’ll find, in detail, our services: Vulnerability Assessment: The Web App Scan is the automated service that scans for Web Vulnerabilities, this service identifies security vulnerabilities and criticalities of websites and web applications. A Vulnerability analysis is
Swascan in the CERT-EU Hall of Fame
Another success for the Swascan Cyber Research Team, which adds to the long list of Vulnerability Disclosure and collaborations already successfully completed in less than 12 months: Swascan has been officially included in the CERT-EU Hall of Fame. Speaking about the recognition – particularly in such a complex moment -, Pierguido Iezzi, Co-Founder of Swascan
Swascan works with Xfinity to responsibly remediate security vulnerabilities
Recently, the Swascan vulnerability team uncovered potential security vulnerabilities (further details of the vulnerability are provided below) and notified Xfinity’s Product Security Incident Response Team (PSIRT) through their responsible disclosure program. The Swascan notification included all of the necessary information for Xfinity to remediate the vulnerability in a timely fashion. Thereafter, we collaborated with the