Alessandro Mirani

Whaling

Phishing is a well-known Social Engineering strategy, which consists of constructing emails containing malicious links and/or files in legitimate guise, i.e., containing images, references, fonts, and text that would lead one to believe they are such. Although it is a dated attack strategy and one that has been combated a great deal, especially through security … Read more

Vulnerability Assessment

Vulnerability Assessment, sometimes abbreviated to VA, is one of the fundamental activities of cybersecurity. Vulnerability assessment, is the set of activities that are performed to learn about all possible vulnerabilities in a system or entity. What is Vulnerability Assessment Not to be confused with Risk Assessment, as much as risk and vulnerability may seem synonymous, … Read more

SAST VS DAST

You have just finished launching your web application that will allow your customers to use your product online. However, you have the feeling that everything has been concluded in a hurry to launch your product as soon as possible without too much concern for security. Doing security-focused, rather than feature-focused, testing is therefore the way … Read more

Ransomware

ENISA reported ransomware as one of the fastest growing attack and compromise strategies in 2022. Ransomware is called a type of malware (such as viruses, Trojans, etc.) that infects computer systems by making it impossible for the victim (partially or completely) to have access to a system and the data on it. The victim is … Read more

Phishing and Spear Phishing

If you have had an email account for some time, phishing is one of the social engineering strategies you have surely already been exposed to. Phishing is called that technique of constructing emails containing malicious links and/or files in legitimate guise, i.e., containing images, references, fonts, and text that would lead one to believe they … Read more

Hybrid Cloud

Cloud infrastructures are generally described using three macro categories: public, private and hybrid. A public cloud is defined as a cloud that is accessible via the public Internet. The goal for those who offer a public Cloud service is, ususally, to acquire as many customers as possible. The largest cloud services such as Amazon AWS, … Read more

Cloud Migration

It was 2011 when Steve Jobs announced at WWDC 11 that iCloud would replace MobileMe. A product the latter that Steven called “not our finest hour.” Amid the distrust and criticism that also followed this product, some 20 million users decided to synchronize songs, email calendars, and contacts with this technology rather than using dropbox … Read more

Cloud Cost Management

You plan to open a new online business, or you want to revamp your facility by switching to the newest and flamboyant cloud technologies. Your innovative ideas and unstoppable spirit will surely launch you on an exciting adventure, but one that would be short-lived if expenses exceeded revenues. After all, revenue management is not the … Read more

Cloud 7R

Defining a cloud strategy is the first step in building a modern infrastructure; we have seen in other articles what elements to consider when formulating a strategy. In this article we will look at the actual types of strategies that are adopted during a cloud migration, commonly called the 7r’s. The 7r’s of the cloud … Read more

Bruteforce

You may have noticed that most services that require an account have begun to require more complex passwords or multi-factor authentication to gain access. This requirement stems from the need for service providers to minimize the possibility that a brute force attack on user passwords will be successful. What these kinds of attacks consist of, … Read more