Posts by Francesco Ongaro

Hacker White Hat VS Black Hat VS Grey Hat Comments Off on Hacker White Hat VS Black Hat VS Grey Hat

Hacker White Hat VS Black Hat VS Grey Hat

Posted by on Sep 26, 2013 in Training

The Hackers have become mythological figures of our time. We saw them hack in front of a PC in spy movies, intent to steal secret information and sensible data. We hear the news stations talking about it, just look back at the cases of Wikileaks and Anonymous. In the majority of the cases they are presented like out laws. But do we know really who they are and what the hackers do? There are three main figures of hackers, who called in the jargon of information security are respectively: White Hat, Black Hat and Grey Hat. In short, The good, The bad, and the middle way between the previous ones. Today we also talk also about ethical hacker: a professional who is able to penetrate informational systems using the same instruments and techniques of Black Hat hackers, but in a controlled way and within a set of professional services well coded (there are nearly fifteen years of literature on the subject, as there is always someone who suddenly claims themselves an expert). Hackers are not created equal: White Hat – Are the hackers that are hired by agencies and companies, to find out their own vulnerability that way at the end they can make their own changes. Black Hat – Are the bad ones...

Learn More
Vulnerable information systems? Penetration testing is the answer Comments Off on Vulnerable information systems? Penetration testing is the answer

Vulnerable information systems? Penetration testing is the answer

Posted by on Sep 26, 2013 in Training

It’s science: a weak immune system , bacteria or malicious viruses can trigger diseases that weaken the human body. So we try to support a healthy diet and do regular check-ups to make sure that everything is normal. A computer system is not very different from us in this regard. Vulnerability tests Cyber ​​attacks are becoming more frequent, so it’s good to periodically test the vulnerability through penetration tests. Why? Answers may vary: Finding weaknesses in infrastructure, applications and between people in order to develop appropriate controls. Ensuring that properly functioning security measures have been implemented, as this provides an assurance to the senior management. Testing your applications at risk. You have to take into account that those who develop the software can make mistakes and create unsafe application. Identifying new bugs in existing software and creating patches and updates to fix them. It’s good to know that even new updates may cause new bugs. The penetration test looks for vulnerabilities, it tests them and uses them to access the system. Most of the times, the test is over when it reaches this goal. A dangerous habit, since there could be other vulnerabilities that have not been assessed yet. The vulnerability tests may also generate false positive result ,...

Learn More