Alberto Bartoli - Blog

Maybe I should prove that I am not against AI and that I do use AI for my daily job. In this post I will describe how I extracted  MITRE ATT&CK  techniques from an incident report automatically , by using Gemini (MITRE ATT&CK is a powerful framework for reasoning about attacks and I use this framework intensively in my Cybersecurity course). First a bit of context. Yesterday I posted this note on the team of the course: A recent technical report by Google is a concrete example of many of the concepts discussed in some of the recent lectures. New attack campaigns are discovered by highly skilled organizations, there is an infection chain leading to the final malware, the infection chain may be composed of multiple obfuscated scripts downloaded and executed from different locations, vulnerabilities that may or may not be publicly known at the time of their exploitation allow escalating privilege, IoC and YARA rules are released for the benefit of the rest of the world ....

The impact of so-called "AI" in coding, programming, cybersecurity is deep and will be more and more so. Many kinds of activities will become much faster or are already so. Predicting the implications of these facts on the job market is hard, though, as predicting the future always is. When I was a student I used to buy the BYTE magazine  every now and then. In September 1990 I bought this issue, that I still have in my library:  The Internet had been "invented" several years earlier ( TCP September 1981, DNS November 1983). I took my degree in December 1989 and at the time we did have the ability to download files from very far away and obscure locations, with ftp . A couple of lectures about computer networks were part of one of the courses I took in 1988. Yet, in 1990, none (none) of the " 63 of the World's Most Influential People in Personal Computing " included the Internet in their " predictions of the future ". One of the few truly ...

I am using NotebookLM more and more, for various tasks related to teaching and research. I have to read quite a lot of technical and scientific reports as part of my job and I find it really hard to keep track of all the important insights and news that I discover every day. One extremely useful application of NotebookLM is summarising such sources: sources that I have actually read and that I actually find important . I have decided to start sharing some of these reports publicly. I think some of these topics are very important and maybe there is someone interested in looking at an automatically-generated summary ( that I have read and checked ) of sources that I have carefully selected . Clickable links here : AI-assisted coding Selection of highly insightful analyses of the state of LLM-assisted coding (March 2026) Agents of Chaos An exploratory red-teaming study concerning autonomous language-model-powered agents. The study involved deploying agents in a live...

I wish I had the time to write down my thoughts on all the important news and misleading information related to 'AI and cybersecurity'. I don't expect people to be interested in reading my thoughts on this topic, but I feel the need to write something down anyway. Even though I don't have enough time to write a clear and concise summary, recent news has urged me to write something, if only to get my thoughts down on paper. While reading the following, please bear in mind that it is an incomplete summary of my views. Why should I study Cybersecurity? I can defend my systems by asking the AI. AI is going to harden my defenses and solve all my defensive problems. Microsoft is one of the companies trying to convince us that AI, including in the field of cybersecurity, will solve all our problems. They are heavily pushing us to use Copilot — one of many incarnations of the LLM models that support ChatGPT — in almost all Microsoft tools. One of the most heavily promoted appl...

Reti di Calcolatori e Principi di Cybersecurity , intorno alla fine di settembre: " Il DNS è una infrastruttura critica per il funzionamento della società. Pensiamo a cosa accadrebbe se si bloccasse completamente la risoluzione di alcuni nomi. " Il 20 ottobre 2025 molti servizi Internet usati da molti milioni di utenti in tutto il mondo si sono bloccati o sono diventati lentissimi. Tra questi Apple Music, Airbnb, Spotify, Reddit, Perplexity AI, Duolingo, Goodreads, Fortnite, Apple TV, Mc Donald's App, Signal e molti altri (compresi alcuni servizi della pubblica amministrazione UK). Tutti questi servizi dipendono in tutto o in parte da funzionalità software in Amazon Web Services (AWS), uno dei principali fornitori di servizi cloud al mondo. AWS è composto internamente da molti servizi software. Il motivo scatenante del blocco globale è stato un problema nella risoluzione DNS del nome di un particolare servizio usato internamente in AWS. Cybersecurity , corso aziendale i...

The title of this blog says it all. It is a deep truth of fundamental importance in every profession . I have always tried hard to convince students of this fact. Explaining things clearly and correctly, whether in written or in spoken form, is hard .  It takes a lot of time and experience. Most importantly, some people may have more innate talent. Others may have fewer. However, the first step is to convince oneself of the importance of this fact. Otherwise, the battle is lost before it has begun. I have come to believe that many students have a problem in this respect, as they do not realize how important it is to be clear and correct in our own language. They either believe that technical skills are all that is needed, or that they will magically become perfectly understandable to everyone at some unspecified point in the future. This is definitely not the case. Consequently, they will encounter many unexpected and challenging obstacles in their professional careers. Writing...