By Deeba Ahmed
The Singaporean identity fraud scammer also tricked Google and Amazon Web Services (AWS) into providing $5.4 million worth…
This is a post from HackRead.com Read the original post: Scammer Who Used Info of Riot Games’ Co-Founder to Mine Crypto is Jailed

****The Singaporean identity fraud scammer also tricked Google and Amazon Web Services (AWS) into providing $5.4 million worth of cloud computing services by using the personal details of the co-founder and co-chairman of Riot Games Mr. Marc Merrill.****

A Singaporean national, Ho Jun Jia (a/k/a Matthew Ho, a/k/a, Prefinity a/k/a Ethereum Vendor), has been sentenced to ten years in jail for several offenses. He was sentenced on Thursday after pleading guilty to twelve charges, including cheating, drug consumption, and unauthorized access to computer material.

According to local media, fifteen additional charges were also considered for his sentencing. The convict is currently out on bail after his father paid $180,000. District Judge Brenda Tan let Ho defer serving a sentence by a month to fulfill personal commitments.

Ho Jun Jia (Image: ST PHOTO: KELVIN CHNG)

**Details of the Offence**

The 32-year-old secondary school dropout impersonated two individuals, including a US-based video game developer, to trick Google and Amazon Web Services (AWS) into providing $5.4 million worth of cloud computing services for an extensive cryptocurrency mining operation.

The convict obtained the developers’ personal information illegally via the Dark Web. Ho Jun Jia forged the US driving licenses for others to get their details. He forged the driving licenses in 2017, and after using photoshop, he traded them on a Dark Web forum in exchange for the names and credit card details of around 70 individuals.

The case was reported in October 2019 after the US Department of Justice stated that he had been charged with aggravated identity theft, wire fraud, and other federal crimes.

**Who Were the Victims?**

According to Straits Times, one of Ho Jun Jia’s victims of this cryptocurrency mining operation was Marc Merrill. He’s the co-founder and co-chairman of Riot Games. His company has developed popular games like Valorant and League of Legends.

Ho used Merrill’s information to open an account on Amazon Web Services, for which the latter’s American Express card (AMEX) was charged around $7 million after Ho accessed cloud computing services on 40 occasions between Nov 2017 and Jan 2018 mine for cryptocurrency.

He also used Merrill’s information for registering/buying cloud-computing services worth $250,000 via the Google cloud platform. He even convinced AWS to continue providing services despite not paying the withstanding $1.8 million bill.

Later, Ho used the details of Harold Borland in a similar scam with AWS and tricked the company into accessing cloud computing services worth around $21.

Ho mined for around 1,470 units of Ether between Nov 2017 and Mar 2018 and sold 203 units for $350,000. In 2019 , he was convicted of drug offenses for consuming methamphetamine.

The district judge stated that the accused didn’t make any restitution to his victims. Hence, the court considered the extent of his offenses, the harm caused to the victims, and the sophistication of scams while determining Ho’s sentence.

**More Cybercrime and Dark Web News**

*   Fraud & hacking guides are the most sold item on the dark web

*   On Dark Web, Your Facebook ID is worth $5.20 & Gmail ID is just $1

*   9 Years Jail for iCloud Phishing Scam Hacker Who Stole Nude Photos

*   Admin of DDoS-For-Hire Service “DownThem” Gets 2 Years Prison Sentence

*   Hacking tools & ready-made phishing pages being sold on the dark web for $2

Scammer Who Used Info of Riot Games’ Co-Founder to Mine Crypto is Jailed

Larger organizations are statistically more at risk, warns Imperva

Larger organizations are statistically more at risk, warns Imperva

API insecurity is responsible for between 4.1% and 7.5% of cybersecurity incidents, according to a new study.

The study, conducted by the Marsh McLennan Cyber Risk Analytics Center and based on an analysis of nearly 117,000 unique cybersecurity incidents, found that larger organizations were statistically more likely to have a greater preponderance of API\-related incidents.

Large enterprises were three to four times more likely to experience API insecurity than small or midsize businesses.

The accelerating pace of digital transformation and business development leaves large enterprises more at risk from exposed or unprotected APIs, according to Imperva, the cybersecurity vendor sponsoring the research.

Catch up on the latest API-related security research

APIs (application programming interfaces) are a class of software technology that offer a bridge to enable applications to access data or hook up with external software components, operating systems, or microservices.

Many APIs connect directly to backend databases where sensitive data is stored, a feature that attackers have latched onto resulting in an increase of attacks targeting what have become building blocks of modern online services.

APIs enable damaging attacks, from DDoS attacks taking a service out of commission to manipulator-in-the-middle attacks to intercept, steal, and modify or redirect communications, to injecting malicious code, taking over services or accounts, or simply stealing from the vast databases that many APIs connect to.

“As many as one in every 13 cyber incidents can be attributed to API insecurity,” according to Imperva. “As the number of APIs in production multiplies, this figure is expected to grow in the coming years.”

**Scale up**

Imperva told The Daily Swig that larger organizations are particularly exposed to the issue because they have “more APIs and limited visibility leaves a larger number of APIs vulnerable”.

Lebin Cheng, vice president of API security at Imperva, commented: “The growing security risks associated with APIs correlate with the proliferation of APIs, combined with the lack of visibility that organizations have into these ecosystems. At the same time, since every API is unique, every incident will have a different attack pattern. A traditional approach to security where one simple patch addresses all vulnerabilities doesn’t work with APIs.”

Cheng added: “The proliferation of APIs, combined with the lack of visibility into these ecosystems, creates opportunities for massive, and costly, data leakage.”

**Running the numbers**

Imperva’s study found a wide disparity in the extent to which different industries are exposed to API security-related issues.

For example, in the information technology industry the estimated percentage of incidents caused by API insecurity was between 18% and 23%.

By the same metric, professional services were also highly exposed to API-related problems (10%-15%) while manufacturing, transportation, and utilities (all 4-6%) are all in the mid-range. Industries such as healthcare have less than 1% of security incidents attributable to API-related security problems.

Many organizations are failing to protect their APIs because it requires equal participation from the security and development teams, which have historically have been somewhat at odds.

Cheng told The Daily Swig: “Developers move quickly and modify APIs constantly, making it nearly impossible for security teams to keep up. It means that many have defaulted to relying on ineffective tools because they hope a standardized approach can minimize threats.

“However, these defenses aren’t equipped to stop sophisticated API-related attacks targeting business logic vulnerabilities.”

“APIs are created and managed by the development team, often outside of the security team’s purview. Complicating matters, each API is designed for a specific application’s needs,” they concluded.

The Imperva-commissioned report, entitled Quantifying the Cost of API Insecurity, concludes with advice in getting a handle on the problem. This includes identifying and classifying data flowing through every API, automating discovery of APIs, and enabling an API governance model.

RECOMMENDED Internet scans find 1.6 million secrets leaked by websites

One in every 13 incidents blamed on API insecurity – report

By Deeba Ahmed
The Russian Economic Forum was taking place in St. Petersburg when its proceedings were stalled due to a…
This is a post from HackRead.com Read the original post: President Putin’s Economic Forum Speech Delayed due to DDoS Attack

****The Russian Economic Forum was taking place in St. Petersburg when its proceedings were stalled due to a DDoS attack.****

A Distributed Denial of Service attack (DDoS attack) disrupted the proceedings at the 25th St Petersburg International Economic Forum, regarded as the Russian answer to the Davos World Economic Forum.

The incident occurred on Friday.  As a result, the speech of Russian premier Vladimir Putin got delayed for around 100 minutes at the country’s flagship forum.  Putin had to start his speech more than an hour after its scheduled start time. 

Another aspect worth noting was the absence of Western businesses and stakeholders at the forum, which is due to the recent wave of sanctions against Russia after the country invaded Ukraine. However, At the forum, state companies signed deals, and many companies displayed floor-to-ceiling display screens. 

**More Cyber Attackers on Russia News**

*   Top Russian Banks Suffer Powerful DDoS Attacks
*   Official website of Russian Parliament, MoD and Kremlin go offline
*   Russian electronic voting system hit by 19 DDoS attacks in one day
*   DDoS Attacks by Hacktivists Disrupted Russian Alcohol Supply Chain
*   Anonymous hacks & defaces Russian Space Research Institute Website

**Kremlin Confirms the Attack**

According to Reuters, the Russian government’s spokesperson Dmitry Peskov confirmed the DDoS attack, explaining that the accreditation and admissions systems were cut off after the attack.

However. Peskov didn’t specify any particular entity or individual responsible for the attack. The forum continually suffered from internet connectivity issues and low speed even during the premier’s speech. 

During his speech, Putin lashed out at the Western world’s sanctioning and referred to it as a “blitzkrieg” on the Russian economy. 

**More DDoS Attack News**

*   Cloudflare Thwarted Largest Ever HTTPS DDoS Attack
*   Admin of DDoS-For-Hire Service “DownThem” Gets 2 Years Jailtime
*   FBI Seizes WeLeakInfo, IPStress and OVH-Booter Cybercrime Portals
*   Pro-Iran Group ALtahrea Hits Port of London Website by DDoS Attack
*   The Growing Threat of Ransom DDoS Attacks Requires Effective Mitigation

President Putin’s Economic Forum Speech Delayed due to DDoS Attack

A Kremlin spokesman said that the St. Petersburg International Economic Forum accreditation and admissions systems were shut down by a DDoS attack.

Billed as the "Russian Davos," the St. Petersburg Economic Forum was stalled on Friday by a distributed denial-of-service (DDoS) attack, delaying a speech from Russian President Vladimir Putin for more than an hour.

The attack was confirmed by Kremlin spokesman Dmitry Peskov, who told Reuters that the admissions and accreditation systems were shut down by the DDoS attack. He did not place blame on any specific individual or group, but as Reuters reported, the "situation in Ukraine loomed large."

About 100 minutes after its scheduled start time, Reuters reported that Putin gave his remarks and lashed out at the West's sanctions put in place following the Russian invasion of Ukraine, which he called a "blitzkrieg" on his country's economy.

Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

Subscribe

DDoS Attacks Delay Putin Speech at Russian Economic Forum

Matthew Gatrel has been found guilty of three counts of computer-related crime. His partner in crime, Juan "Severon" Martinez, pleaded guilty before the trial.
The post DDoS-for-hire service provider jailed appeared first on Malwarebytes Labs.

Matthew Gatrel, a 33-year-old man from St. Charles, Illinois, has been sentenced to two years in prison for running websites that provide powerful distributed denial-of-service (DDoS) attacks against internet users and websites. This sentencing resulted in the seizure of his websites, making the internet a little safer from DDoS attacks.

Gatrel was the administrator and owner of DownThem.org and AmpNode.com, two DDoS-for-hire websites with thousands of clients which launched attacks against more than 200,000 targets. He was convicted of three charges, including conspiracy to commit unauthorized impairment of a protected computer, conspiracy to commit wire fraud, and unauthorized impairment of a protected computer.

“Gatrel ran a criminal enterprise designed around launching hundreds of thousands of cyberattacks on behalf of hundreds of customers,” prosecutors wrote in a sentencing memorandum. More from that memorandum:

> “He also provided infrastructure and resources for other cybercriminals to run their own businesses launching these same kinds of attacks. These attacks victimized wide swaths of American society and compromised computers around the world.”

Prosecutors said that DownThem.org was a subscription-based service that allowed paying customers to launch DDoS attacks at targets of their choice.

AmpNode.com was a “bulletproof” server hosting service provider “with an emphasis on ‘spoofing’ servers that could be pre-configured with DDoS attack scripts and lists of vulnerable ‘attack amplifiers’ used to launch simultaneous cyberattacks on victims”.

Gatrel’s services helped launch attacks against targets worldwide, including homes, schools, universities, financial institutions, and local government websites. Many clients of AmpNode also operated DDoS-for-hire services.

This website seizure splash screen appears when you visit DownThem.

Prosecutors also said that Gatrel offered expert advice and guidance to clients of both services, ranging from different methods to “down” different types of computers to bypassing DDoS protection services. To get potential clients to buy in, he used DownThem to launch a DDoS attack against these clients’ intended victims and provide proof that their internet connection had been severed.

Juan “Severon” Martinez from Pasadena, California, Gatrel’s co-defendant and criminal partner, pleaded guilty to the unauthorized impairment of a protected computer. He was sentenced to five years’ probation.

DDoS-for-hire service provider jailed

The U.S. Department of Justice (DoJ) on Thursday disclosed that it took down the infrastructure associated with a Russian botnet known as RSOCKS in collaboration with law enforcement partners in Germany, the Netherlands, and the U.K.
The botnet, operated by a sophisticated cybercrime organization, is believed to have ensnared millions of internet-connected devices, including Internet of Things (

The U.S. Department of Justice (DoJ) on Thursday disclosed that it took down the infrastructure associated with a Russian botnet known as RSOCKS in collaboration with law enforcement partners in Germany, the Netherlands, and the U.K.

The botnet, operated by a sophisticated cybercrime organization, is believed to have ensnared millions of internet-connected devices, including Internet of Things (IoT) devices, Android phones, and computers for use as a proxy service.

Botnets, a constantly evolving threat, are networks of hijacked computer devices that are under the control of a single attacking party and are used to facilitate a variety of large-scale cyber intrusions such as distributed denial-of-service (DDoS) attacks, email spam, and cryptojacking.

"The RSOCKS botnet offered its clients access to IP addresses assigned to devices that had been hacked," the DoJ said in a press release. "The owners of these devices did not give the RSOCKS operator(s) authority to access their devices in order to use their IP addresses and route internet traffic."

Besides home businesses and individuals, several large public and private entities, including a university, a hotel, a television studio, and an electronics manufacturer, have been victimized by the botnet to date, the prosecutors said.

Customers wanting to avail proxies from RSOCKS could rent access via a web-based storefront for different time periods at various price points ranging from $30 per day for access to 2,000 proxies to $200 per day for access to 90,000 proxies.

Once purchased, criminal actors could then redirect malicious internet traffic through the IP addresses associated with the compromised victim devices to conceal their true intent, which was to carry out credential stuffing attacks, access compromised social media accounts, and send out phishing messages.

The action is the culmination of an undercover operation mounted by the Federal Bureau of Investigation (FBI) in early 2017, when it made covert purchases from RSOCKS to map out its infrastructure and its victims, allowing it to determine roughly 325,000 infected devices.

"Through analysis of the victim devices, investigators determined that the RSOCKS botnet compromised the victim device by conducting brute force attacks," the DoJ said. "The RSOCKS backend servers maintained a persistent connection to the compromised device."

The disruption of RSOCKS arrives less than two weeks after it seized an illicit online marketplace known as SSNDOB for trafficking personal information such as names, dates of birth, credit card numbers, and Social Security numbers of about 24 million individuals in the U.S.

Found this article interesting? Follow THN on Facebook, Twitter __ and LinkedIn to read more exclusive content we post.

Authorities Shut Down Russian RSOCKS Botnet That Hacked Millions of Devices

All versions of package pg-native; all versions of package libpq are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed.

**Note:**
pg-native is a mere binding to npm's libpq library, which in turn has the addons and bindings
to the actual C libpq library. This means that problems found in pg-native  may transitively impact 
npm's libpq.




Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

*   **snyk-id**
    
    SNYK-JS-LIBPQ-2392366
    
*   **published**
    
    14 Jun 2022
    
*   **disclosed**
    
    3 Feb 2022
    
*   **credit**
    
    Cristian-Alexandru Staicu, Snyk Security Labs
    

**How to fix?**

There is no fixed version for libpq.

**Overview**

libpq is a node native bindings to the PostgreSQL libpq C client library.

Affected versions of this package are vulnerable to Denial of Service (DoS) when the addons attempt to cast the second argument to an array and fail. This happens for every non-array argument passed.

**Note:** pg-native is a mere binding to npm's libpq library, which in turn has the addons and bindings to the actual C libpq library. This means that problems found in pg-native may transitively impact npm's libpq.

**PoC**

    //pg-native -> poc.js
    
    let Client = require('pg-native') 
    let client = new Client(); 
    client.connectSync(); 
    client.query('some str', 1, function() {});
    
    //libpq -> poc.js
    
    var Libpq = require('libpq') 
    const pq = new Libpq(); 
    pq.sendQueryParams("some str", 1) 
    

**Details**

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

Two common types of DoS vulnerabilities:

*   High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
    
*   Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

CVE-2022-25852: Denial of Service (DoS) in libpq | CVE-2022-25852 | Snyk

All versions of package @discordjs/opus are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.



Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

*   **snyk-id**
    
    SNYK-JS-DISCORDJSOPUS-2403100
    
*   **published**
    
    16 Jun 2022
    
*   **disclosed**
    
    16 Feb 2022
    
*   **credit**
    
    Cristian-Alexandru Staicu
    

**How to fix?**

There is no fixed version for @discordjs/opus.

**Overview**

@discordjs/opus is a native bindings to libopus.

Affected versions of this package are vulnerable to Denial of Service (DoS) when trying to encode using an encoder with zero channels, or a non-initialized buffer. This leads to a hard crash.

**PoC**

// Zero channels:

    const { OpusEncoder } = require('@discordjs/opus');
     const encoder = new OpusEncoder(48000, 0);
     try {
         const encoded = encoder.encode(Buffer.from("aaa"));
     } catch(e) {
    console.log("This will never run")
         // never executed because of the hard crash
     }
    

// Non-initialized buffer:

    const { OpusEncoder } = require('@discordjs/opus');
    const encoder = new OpusEncoder(48000, 2);
    try {
         const encoded = encoder.encode(null);
    } catch(e) {
    // never executed because of the hard crash
    }
    

**Details**

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

Two common types of DoS vulnerabilities:

*   High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
    
*   Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

CVE-2022-25345: Denial of Service (DoS) in @discordjs/opus | CVE-2022-25345 | Snyk

All versions of package fast-string-search are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation.




Do your applications use this vulnerable package?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

*   **snyk-id**
    
    SNYK-JS-FASTSTRINGSEARCH-2392367
    
*   **published**
    
    15 Jun 2022
    
*   **disclosed**
    
    3 Feb 2022
    
*   **credit**
    
    Cristian-Alexandru Staicu
    

**How to fix?**

There is no fixed version for fast-string-search.

**Overview**

fast-string-search is a module that can search substrings in a string by using N-API and boyer-moore-magiclen.

Affected versions of this package are vulnerable to Denial of Service (DoS) when computations are incorrect for non-string inputs. One can cause the V8 to attempt reading from non-permitted locations and cause a segmentation fault due to the violation.

**PoC**

    const fss = require('fast-string-search');
    
    let res1 = fss.indexOfSkip("no way this will", "w");
    let res2 = fss.indexOfSkip(1, 1); 
    
    console.log(res1);
    console.log(res2);
    
    // you can also crash it after a very long useless computation, by running this instead of lines 6-11: 
    let a = new Array(10000)
    let res2 = fss.indexOfSkip(1, 1); // segfaults after 5 seconds
    

**Details**

Denial of Service (DoS) describes a family of attacks, all aimed at making a system inaccessible to its intended and legitimate users.

Unlike other vulnerabilities, DoS attacks usually do not aim at breaching security. Rather, they are focused on making websites and services unavailable to genuine users resulting in downtime.

One popular Denial of Service vulnerability is DDoS (a Distributed Denial of Service), an attack that attempts to clog network pipes to the system by generating a large volume of traffic from many machines.

When it comes to open source libraries, DoS vulnerabilities allow attackers to trigger such a crash or crippling of the service by using a flaw either in the application code or from the use of open source libraries.

Two common types of DoS vulnerabilities:

*   High CPU/Memory Consumption- An attacker sending crafted requests that could cause the system to take a disproportionate amount of time to process. For example, commons-fileupload:commons-fileupload.
    
*   Crash - An attacker sending crafted requests that could cause the system to crash. For Example, npm ws package

CVE-2022-22138: Denial of Service (DoS) in fast-string-search | CVE-2022-22138 | Snyk

Proietti Tech srl Planet Time Enterprise 4.2.0.1,4.2.0.0,4.1.0.0,4.0.0.0,3.3.1.0,3.3.0.0 is vulnerable to Remote code execution via the Viewstate parameter.

**Cloud Cyber Security PlatformEuropean Cyber Research TeamThreat Intelligence PlatformThe Cyber Security Partner**

La piattaforma di Security Testing e Threat Intelligence e il Cyber Competence Center di Swascan per il Cyber Security Framework Aziendale.  
Sicurezza Predittiva. Sicurezza Preventiva. Sicurezza Proattiva.

Prova il Free Trial

**In evidenza**

**Webinar - Framework Nazionale per la Cyber Security e la Data Protection: how to**

All'interno del panorama nazionale italiano, il Framework Nazionale per la Cybersecurity e la Data Protection, rappresenta un punto di riferimento adottato da realtà fortemente eterogenee come strumento per l’organizzazione della propria strategia di difesa rispetto alle minacce informatiche.

Iscriviti

**Corso propedeutico alla certificazione CISSP**

La certificazione CISSP non è solo un riconoscimento oggettivo di eccellenza, ma uno standard riconosciuto a livello globale per i professionisti e i manager chiamati a gestire le problematiche di Cyber Security e Information Security. Registrati al corso e frequenta le lezioni a partire dal 05 settembre 2022.

Scopri di più

**Report Cyber Risk Indicators: Sanità Italiana 2022 e 2021 a confronto**

ll servizio di Cyber Risk Indicators determina e misura il potenziale rischio cyber del settore oggetto di analisi. In questa analisi abbiamo preso in esame il livello di esposizione al rischio cyber delle infrastrutture critiche italiane. Gli indicatori sono stati identificati con il servizio di Domain Threat Intelligence (DTI) e Cyber Threat Intelligence (CTI).

Scopri di più

**Cyber Security Framework**

Il Cyber Security Framework è il fondamento della postura di sicurezza della tua azienda. Un insieme di processi e tecnologie che operano all’unisono per ridurre al minimo l’esposizione al rischio cyber. Si fonda sulla sicurezza predittiva, preventiva e proattiva.

**Sicurezza Predittiva**

La Sicurezza Predittiva opera a livello di Threat Intelligence. Attraverso l’analisi di fonti OSINT e CLOSINT, a livello di Web, Dark Web e Deep Web identifica minacce, rischi e informazioni relativi all’azienda target. La Sicurezza Predittiva permette di anticipare le criticità impostando correttamente la sicurezza preventiva e proattiva.

**Sicurezza Preventiva**

La Sicurezza Preventiva agisce in termini di Analisi del Rischio tecnologico, umano e di processo. Attività che rientrano negli obblighi legislativi e in termini di best practice internazionale. Le attività fanno riferimento a penetration test, vulnerability assessment, ransomware attack simulation, phishing simulation, formazione, CIS, NIST, ISO27001, GDPR Assessment.

**Sicurezza Proattiva**

La Sicurezza Proattiva permette l’adozione degli approcci relativi alla security by detection e alla security by reaction. Attraverso l’adozione di security operation center (SOC) permette di monitorare, identificare, analizzare, gestire e bloccare eventuali minacce in essere all’interno dell’azienda. La componente incident response management garantisce la corretta gestione degli incidenti aziendali attraverso l’utilizzo di Team specializzati e competenti.

Scopri i nostri servizi

**La Piattaforma di Swascan**

Swascan è la prima suite interamente in Cloud di Security Testing e Threat Intelligence: scopri tutti i servizi disponibili ora!

Domain Threat Intelligence

Cyber Threat Intelligence

Phishing Attack Simulation

Smishing Attack Simulation

Prova il Free Trial

**Cyber Security Competence Center**

**Cyber Incident Response**

Un Cyber team dedicato di pronto intervento Cyber per la gestione di Cyber Incident, attacchi DDOS, Data Breach e Attacchi Ransomware.

**Soc as a Service**

Il servizio dedicato di Monitoring & Early Warning di Swascan per la corretta gestione della sicurezza proattiva e sicurezza preventiva.

**Penetration Test**

Le attività di Penetration Test sono svolte Penetration Tester certificati e in linea con gli standard internazionali OWASP, PTES e OSSTMM.

**GRC Management**

Servizi di Security Advisory  a livello consulenziale e a livello operativo per supportare i clienti nei piani di remediation, gestione della Cyber Security, Compliance Management e Risk Management.

**Cyber Academy**

Corsi di formazione dedicati di Cybersecurity in aula o tramite Webinar. Attività di Awareness per il personale tecnico, per i dipendenti e per i Top Manager.

**Cloud Security**

Un Cyber Competence Center dedicato al mondo Cloud per le attività di governance, supporto e tutela dell’ intero insieme di tecnologie, protocolli e best practice degli ambienti cloud computing.

**24/7 Cyber Security Operation Center**

Un team dedicato nell’attività di Sicurezza Proattiva e Reattiva delle minacce informatiche sulle reti locali, ambienti cloud, applicazioni ed endpoint aziendali. Il nostro team di Security Analyst monitora i dati e le risorse, H24, 7 giorni su 7 per 365 giorni all’anno.

Threat Detection & Analysis

Valutazione minacce e vulnerabilità

Endpoint detection and response (EDR)

Network detection response

Event Correlation / Log Management

**Penetration Testing**

Il team offensive di Swascan è certificato ISO27001 e ISO9001  
Tutte le attività rispettano gli standard OWASP, PTES e OSSTMM.

**Cyber Academy**

Nella sicurezza informatica sono indubbiamente i comportamenti umani a fare la differenza, prima ancora che la tecnologia.  
La nostra Cyber Academy offre una vasta gamma di percorsi formativi strutturati per rispondere a differenti livelli di esperienza e di specializzazione tecnica.

Scopri i nostri Corsi

**Cyber Threat Intelligence**

Il servizio di Cyber Threat Intelligence di Swascan ha lo scopo e l’obiettivo di individuare le eventuali informazioni pubbliche disponibili a livello Web, Dark Web e Deep Web relative ad un determinato target. L’attività prevede la raccolta e l’analisi delle informazioni relative ad una serie di macro aree critiche quali:

Domain Threat Intelligence

**Diventa Partner Swascan**

Scopri di più sullo Swascan Partner Program, grazie al quale i nostri partner servono al meglio i clienti, forniscono soluzioni rapide e ne promuovono la crescita.

Scopri il Partner Program

Tag

#ddos