18th episode of CyberSeComics, comics series produced by Pluribus One.

Wallo, also this year during the holidays you will be able to sleep soundly! Seer Box takes care of the security of your E-commerce and of your data!
Seer Box is the first European Web Application Security Manager, the most advanced system for the protection of Web Applications and Services.

No animals were harmed in the production of this comic.

Need to check the security of your web services with Seer Box?
Request a DEMO.

Merry Christmas and Happy Holidays from Pluribus One.

The Italian version of this episode is available here: CyberSeComics Ep. #18 - Vacanze al sicuro.

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

By Igino Corona, Chief Technology Officer & Security Researcher @ Pluribus One

The main goal of criminals can be summarized into one word: Money. Regardless local and international laws, they basically do whatever they can to (easily) make money and exploit it for their personal benefits. 
Cybercriminals, i.e., criminal actors working on the virtual side of our world represent the biggest threat to Internet users.
As part of our mission for a better (safer) “virtual world”, we offer free DNS resolvers (see our Pluribus One Internet Security) and analyze the associated DNS traffic to detect and stop such threats.
Our detectors embed our expert knowledge of both DNS security and machine learning in the form of robust --adversary-aware-- measurements and classification models to generalize known threats and detect new threats.

In this article we will delve into one relevant threat we are currently tracking by means of our passive DNS analysis, i.e., Powershell Cryptostealer Attacks. This is an excellent example of how network monitoring and (adversarial) machine learning can be exploited to detect new threats.

16th episode of CyberSeComics, comics series produced by Pluribus One.

GDPR, what an hassle! How many rules, how many procedures! Even Wallo gets lost in the labyrinth of consent forms!

By the way, recently the new provisions of the Italian Data Protection Authority limit and deny the use of analytics (for websites) that export their data outside Europe.
GDPR is also a crucial regulatory matter for cybersecurity-related incidents.

All Pluribus One products are GDPR compliant and help your business stay compliant.
Do you want to design a GDPR compliant system? Contact us to learn more about our training offer and the course "Design of a GDPR-Compliant System".

And, speaking of analytics, our Pluribus One Web Application Security, an advanced and intelligent solution for monitoring and protecting web services, thanks to its traffic analysis tools, provides advanced and automatic reporting on the traffic toward your web services and toward your website!

The Italian version of this episode is available here: CyberSeComics Ep. #16 - GDPR.

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

15th episode of CyberSeComics, comics series produced by Pluribus One.

This episode is produced in collaboration with the European project ALAMEDA (Bridging the Early Diagnosis and Treatment Gap of Brain Diseases via Smart, Connected, Proactive and Evidence-based Technological Interventions - https://alamedaproject.eu).

An in-depth Italian article on the ALAMEDA project, by Maris Matteucci & Matteo Mauri (ALAMEDA: Intelligenza Artificiale per il trattamento dei disturbi cerebrali) is available in our blog and on Difesa Online.

The Italian version of this episode is available here: CyberSeComics Ep. #15 - Graf-IA.

In healthcare, the cost of treating brain disorders accounts for a significant percentage of total treatment costs. In Europe, the budget for treating brain disorders alone far surpasses the combined budget for other diseases.
Utilising cutting-edge Artificial Intelligence, the EU-funded ALAMEDA project could greatly reduce the cost of treating these conditions by enabling personalised care and improved treatments for major brain disorders. The goal is to demonstrate AI-enabled prediction, prevention and intervention, making the treatment of disorders such as Parkinson's, multiple sclerosis and strokes more affordable and easing the burden on healthcare systems across Europe.

Within the project, Pluribus One deals with a delicate aspect of ALAMEDA's IT security: the design of the platform to ensure the protection and privacy of data that will be hosted, processed and shared with the scientific community. Not an easy task, considering that in recent years cyberattacks against European health facilities have shown a growing and worrying trend.

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

14th episode of CyberSeComics, comics series produced by Pluribus One.

This episode is produced in collaboration with the European project AIDA (Artificial Intelligence and advanced Data Analytics for Law Enforcement Agencies - www.project-aida.eu).

Next Monday, on Difesa Online and on our blog, an in-depth Italian article on the AIDA project, by Maris Matteucci (Intelligenza Artificiale e Forze dell'Ordine: tecnologia ed etica del progetto AIDA).
This episode, along with further details and info on the project, is available also in the third edition of the AIDA official Newsletter: www.project-aida.eu/index.php/newsletter.
The Italian version of this episode is available here: CyberSeComics Ep. #14 - AIDA prevede (quasi) tutto.

To identify, prevent and combat modern crimes, it is nowadays necessary to implement innovative technologies and methods that are transversal to different types of crimes: cybercrime and terrorism pose distinct problems to Law Enforcement Agencies. The prevention of cybercrime relies on the analysis of different sets of input data compared to those used for the fight against terrorism. However, the same analysis of these data can benefit from the application and use of a common denominator: a technological framework equipped with Artificial Intelligence and Deep Learning algorithms applied to Big Data analysis, and tailor-made to provide law enforcement with specific additional analytical tools to combat individual criminal activities.

Let's see what happened in the episode, with a little spoiler. Wallo, technology can help but still can't make miracles!

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

13th episode of CyberSeComics, comics series produced by Pluribus One.

Happy new year from Pluribus One!

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

12th episode of CyberSeComics, comics series produced by Pluribus One.

Merry Christmas from Pluribus One!

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Eleventh episode of CyberSeComics, comics series produced by Pluribus One.

Pluribus One deeply loves our planet and believes in eco-sustainable progress. Pluribus One is a Treedom friend.

Treedom is a platform that allows anyone to plant trees in different countries around the world. The organization also provides the opportunity for its customers to receive an image of the planted trees, together with their GPS coordinates as an update on the growth of the tree.

Treedom also allows to donate already planted trees to those who will become effective custodians.

For Christmas Pluribus One has decided to give a tree to the users of its social channels (Facebook - Linkedin - Twitter).
The rules to partecipate are available in the Italian version of this episode here: CyberSeComics Ep. #11 - A Natale regala un albero! Il primo te lo regala Pluribus One!

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Tenth episode of CyberSeComics, comics series produced by Pluribus One.

This bizarre interview broadcast directly from the world of Wallo & Friends allows to think to Smart Working, and on the related increase in cybercrime that has accompanied this widespread way of working.

According to official data released by the Italian Government after the first lockdown of 2020, phishing increased by 600% compared to pre-pandemic levels.

Reminding to pay attention to all frauds in the digital world, we suggest also this time Pluribus One Internet Security®, our free service for safe Internet browsing, which, as its primary purpose, ensures to avoid domains containing Phishing, Malware, and Scam. And, among other features, it allows also to avoid unwanted advertising.

The episode is available also in Italian language here: CyberSeComics Ep. #10 - Smart Working.

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Ninth episode of CyberSeComics, comics series produced by Pluribus One.

It's time for gifts, Christmas is coming!

And Wallo was keen to give his opinion on the Green Pass... After all the scams and false certificates that circulated on Telegram and on the web.
What will Jennifer Lawrence think? 

Reminding to pay attention to all frauds in the digital world, we suggest also this time Pluribus One Internet Security®, our free service for safe Internet browsing, which, as its primary purpose, ensures to avoid domains containing Phishing, Malware, and Scam. And, among other features, it allows also to avoid unwanted advertising.

The episode is available also in Italian language here: CyberSeComics Ep. #9 - Merry GreenPass.

Credits: Wallo & Friends (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Eighth episode of CyberSeComics, comics series produced by Pluribus One.

Black Friday is coming !!! And then Christmas !!! The rush for gifts and compulsive online shopping is starting!

But beware of fraudulent SMS notifying alleged delivery attempts.

In this episode we warn against Smishing and other frauds affecting the mobile devices: it is a recent neologism that combines the acronym SM (Short Message), with the word Phishing.
These messages often contain malicious links, suitably designed to steal important credentials to act in the name and on behalf of the victim. Or links to sites that contain malware that can install itself without arousing suspicion on smartphones, tablets or other devices that the victim uses to visit these sites.

We cannot directly protect you from Smishing but we certainly have weapons against Phishing and against links conveyed through Smishing.
Pluribus One Internet Security® is our free service for safe Internet browsing, which, as its primary purpose, ensures to avoid domains containing Phishing, Malware, and Scam. And, among other features, it allows also to avoid unwanted advertising.

And, it's not over, stay tuned! Our free app for the protection of mobile devices, based on Machine Learning algorithms, is coming: Pluribus One Mobile Security® will soon be available on Google Play to protect Android devices.

The episode is available also in Italian language here: CyberSeComics Ep. #8 - Un (vero) pacco.

Credits: Mirko's Scribbles (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Seventh episode of CyberSeComics, comics series produced by Pluribus One.

Prevention is better than cure! The more you spend the less you spend! Think Before ... You Click!

We agree with dentists and with all the proverbs that protect us from the consequences of a lack of planning, in our case from the consequences of a cyber attack. October has just ended: it was the European Cyber Security Month - ECSM (ECSM, organized by ENISA), a European Union campaign designed to promote awareness on cyber threats and methods to face them.

Wallo also wants to make his contribution to this campaign. Each data breach on organizations costs the impacted company on average 3.86 million dollars globally and 2.90 million euros in Italy. This according to Cost of a Data Breach 2020, a report conducted by Ponemon Institute on behalf of IBM Security, an organization that also notes a 10% increase in costs for the 2021.

Don't be like Wallo's boss! Be aware, invest in Cybersecurity!

Pluribus One Web Application Security®, our solution for the protection of incoming traffic to web applications and services is smart and, thanks to sophisticated Machine Learning algorithms, tries to model the behavior of users who connect to the pages of a website, configuring a standard behavior profile. When we detect a behavior that deviates from the standard profile, the alarm is triggered.

The episode is available also in Italian language here: CyberSeComics Ep. #7 - Braccine corte.

Credits: Mirko's Scribbles (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Sixth episode of CyberSeComics, comics series produced by Pluribus One.

This time Wallo discovers that not all Web Application Firewalls work in the same wayl. Absolute protection? Let's block everything !!! And goodbye functionality!

Pluribus One Web Application Security®, our solution for the protection of incoming traffic to web applications and services is smart and, thanks to sophisticated Machine Learning algorithms, it self-learns the legitimate traffic, distinguishing it from the illegitimate one but also from the potentially suspicious one; it provides automatic alerts and reports, builds customized protection rules and involves the system operator in the decision-making process, in an explainable way.

Our protection systems essentially try to model the behavior of users who connect to the pages of a website, configuring a standard behavior profile. When we detect a behavior that deviates from the standard profile, the alarm is triggered.

The episode is available also in Italian language here: CyberSeComics Ep. #6 - Protezione assoluta.

Credits: Mirko's Scribbles (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Fifth episode of CyberSeComics, comics series produced by Pluribus One.

How nice it would be to surf the internet without displaying popups, banners, ads? And how great it would be to immediately view our favorite videos without having to display automatic ads that start at the beginning of the video? Everything immediate, everything faster. What? Is it already possible? What does Wallo think of this possibility?

This episode is fully dedicated to our Pluribus One Internet Security, free service for safe Internet browsing, which, as its primary purpose, ensures to avoid domains containing Phishing, Malware, and Scam. And, among other features, it allows also to avoid unwanted advertising.
Set the secure DNS numbers provided by Pluribus One: 15.161.13.182 and 15.161.200.219. Browse safely and without ads!!

The episode is available also in Italian language here: CyberSeComics Ep. #5 - Bye bye pubblicità.

Credits: Mirko's Scribbles (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Fourth episode of CyberSeComics, comics series produced by Pluribus One.

This time we enter the world of Social Engineering, the study of a person's individual behavior in order to extrapolate and exploit useful information to build a subsequent, personalized and effective attack. "People are often the weak link in a system of security measures, and it is they who constantly render them ineffective".
"Secrets and Lies: Digital Security in a Networked World", Bruce Schneier.

The episode is available also in Italian language here: CyberSeComics Ep. #4 - Domande segrete.

Credits: Mirko's Scribbles (concept, storyboard, drawings); Matteo Mauri, Dissemination & Communication Manager at Pluribus One (idea, subject, concept).

Third episode of CyberSeComics, comics series produced by Pluribus One.

This episode is produced in collaboration with the AssureMOSS project. This time Wallo is grappling with the task of finding bugs and vulnerabilities within a software project, and this work requires a lot of time and attention. Let’s see if Wallo is lucky and if he is doing the right thing.

But before, two more words on the lesson to be learnt. The Assurance and certification in secure Multi-party Open Software and Services (AssureMOSS) project aims to produce a coherent set of automated, lightweight techniques that allow software companies to assess, manage, and re-certify the security and privacy risks associated with the fast-paced development and continuous deployment of multi-party open software and services.

AssureMOSS tools for development-time analysis help save time in finding bugs and vulnerabilities by analyzing each commit to your code repository, speeding up the whole project re-certification process.

Wallo, be aware! Next time be sure to use AssureMOSS and contact us at https://assuremoss.eu!

Second episode of CyberSeComics, comics series produced by Pluribus One.

This time Wallo, a character from the world of Mirko's Scribbles, is grappling with a bizarre online order, the Anti-Covid Vaccine.

Pluribus one offers protection against other types of viruses, the computer viruses. But we can give you some advice even in this case.

The anti-covid vaccines are free and administered only by the National Health Service. They are not immediately available to everyone, we will have to wait, and this can frustrate our desire to obtain protection from Covid-19 as soon as possible or to immediately obtain more freedom to travel, through the so-called European Green Pass.
In any case, however, always be wary of those who want to subtly sell pharmaceutical products online. Fake Pharmacies represent a dangerous phenomenon of the digital world and, above all, of the Dark Web. They are a dangerous type of Scam and Phishing.

Let's see what happened to Wallo's order.

The Pluribus One comics on Cybersecurity are born: CyberSeComics!

Wallo is a character from the world of Mirko's Scribbles. Together with his partner Wallina, he will dive into the world of Cybersecurity and Pluribus One will follow his adventures at home and at work. From an idea by Matteo Mauri, subject and concept by Matteo Mauri and Mirko's Scribbles, storyboard and drawings by Mirko's Scribbles. In this first episode Wallo is grappling with the recent data leaks that happened to Facebook and Linkedin.

We remind all Internet users that on the site https://haveibeenpwned.com it is possible to check whether their personal data has been compromised by data breaches.
We also remind all users of our channels that Pluribus One has developed Pluribus One Internet Security, a free service for safe Internet browsing, which allows to avoid domains containing Phishing and Malware, and also to avoid unwanted advertising, even the one that appears on the videos being played.

Are you ready for this CyberSeComics journey? Let's go!

By Igino Corona, Matteo Mauri

Steganography is a secret mechanism for encoding information by any means of transmission. Its use has been known since ancient Greece and defined in the glossaries towards the end of the fifteenth century. Both encoding and medium of transmission are secret, that is, known only to the parties who intend to communicate in an occult way. Steganography therefore presents itself as an ideal tool for the creation of secret communication channels that can be used in sophisticated espionage scenarios, computer crime, data breaches in public and private sectors. 

Steganography differs from cryptography, in which encoding of information and medium of transmission are generally known (think for example to the HTTPS protocol used by this site). In this case, the encoding mechanism makes the extraction of information (extremely) difficult without the knowledge of additional data, known as encryption/decryption keys. These keys are known only to the parties authorized to communicate (for example, your browser and our web server).

By Matteo Mauri, Igino Corona, Davide Ariu

Stegomalware (or stegware) is a particular and sophisticated type of malware (malicious / unauthorized software) that uses steganography to evade detection and secretly exchange information.

Steganography was already used in ancient Greece and defined in the glossaries towards the end of the fifteenth century. In essence, it is a secret mechanism for encoding information through any means of transmission. Both the encoding and the transmission medium are secret, that is, known only to the parties who intend to communicate in an occult way.

In this sense, it differs from cryptography, in which the encoding of information and the transmission medium are generally known (e.g., the HTTPS protocol used by this website). In this case, the encoding mechanism makes the extraction of clear-text data (extremely) difficult without the knowledge of additional information, known as encryption / decryption keys. These keys are known only to the authorized communication parties (for example, your browser and our web server).

By Fabio Roli and Matteo Mauri

In the first part of this article “Artificial Intelligence: past, present and future. Part I - Short history of Artificial Intelligence”, previously published in this blog, we tried to unpack the "suitcase" of Artificial Intelligence. Now we will discuss  the "good", "ugly" and "bad" aspects inside this “suitcase”. As the reader will immediately notice, the title is a small tribute to the famous movie by Sergio Leone. We are not the first to use this leitmotiv to talk about Artificial Intelligence. AI certainly has "good", "ugly" and "bad" aspects; highlighting these aspects can help to understand what is Artificial Intelligence today. Always bearing in mind that, as in the case of the three characters of the movie, the good, the bad and the ugly cannot be clearly separated.

By Fabio Roli and Matteo Mauri

Marvin Minsky, one of the fathers of Artificial Intelligence, defined intelligence as a "suitcase word" which can lead to ambiguity and confusion, if we do not clarify in what sense we speak of "intelligence". For the same reason, writing a non-technical article on Artificial Intelligence is always a risk, especially for a technical person, and especially nowadays that the term “Artificial Intelligence” is, more than ever, a "suitcase" in which everybody puts a bit of everything. In this post, we will try to unpack this suitcase and to reorder the stuff inside, at least a little.

By Battista Biggio and Matteo Mauri

We know, this is an ill-posed question. It cannot be shown that a system is secure, if not with respect to a precise attack model and under very specific assumptions. It is instead possible to demonstrate, in a much clearer way, when a system is vulnerable, and this is what we will try to do in this article, in relation to Artificial Intelligence (AI) systems.

It is quite known that the security of a system depends solely on the strength of its weakest link. AI is now pervasive and integrated in a transparent way in many different application scenarios and deployed systems. From the viewpoint of computer security, it is therefore legitimate to ask ourselves if AI algorithms themselves do not introduce novel vulnerabilities in such systems, potentially becoming the weakest link in the corresponding security chain.

By Igino Corona et al.