Alberto Bartoli - Blog

Reti di Calcolatori e Principi di Cybersecurity , intorno alla fine di settembre: " Il DNS è una infrastruttura critica per il funzionamento della società. Pensiamo a cosa accadrebbe se si bloccasse completamente la risoluzione di alcuni nomi. " Il 20 ottobre 2025 molti servizi Internet usati da molti milioni di utenti in tutto il mondo si sono bloccati o sono diventati lentissimi. Tra questi Apple Music, Airbnb, Spotify, Reddit, Perplexity AI, Duolingo, Goodreads, Fortnite, Apple TV, Mc Donald's App, Signal e molti altri (compresi alcuni servizi della pubblica amministrazione UK). Tutti questi servizi dipendono in tutto o in parte da funzionalità software in Amazon Web Services (AWS), uno dei principali fornitori di servizi cloud al mondo. AWS è composto internamente da molti servizi software. Il motivo scatenante del blocco globale è stato un problema nella risoluzione DNS del nome di un particolare servizio usato internamente in AWS. Cybersecurity , corso aziendale i...

The title of this blog says it all. It is a deep truth of fundamental importance in every profession . I have always tried hard to convince students of this fact. Explaining things clearly and correctly, whether in written or in spoken form, is hard .  It takes a lot of time and experience. Most importantly, some people may have more innate talent. Others may have fewer. However, the first step is to convince oneself of the importance of this fact. Otherwise, the battle is lost before it has begun. I have come to believe that many students have a problem in this respect, as they do not realize how important it is to be clear and correct in our own language. They either believe that technical skills are all that is needed, or that they will magically become perfectly understandable to everyone at some unspecified point in the future. This is definitely not the case. Consequently, they will encounter many unexpected and challenging obstacles in their professional careers. Writing...

More than a year ago (January 2024), I gave a presentation at a meeting entitled "Crime and new technological frontiers", held at the University of Trieste and aimed mainly at local police forces. A major focus of the meeting was, needless to say, the cybersecurity implications of so-called artificial intelligence. My opinion was quite strong and somewhat unpopular (as is often the case): We should not be particularly worried. There is no significant evidence of AI usage for phishing/spearphishing.  I think this fact will hold for a long time. The main AI-related risk in cybersec is "getting distracted by its promises": for MANY serious problems we have practical and effective solutions...but we don't apply them! Every year, cybersecurity companies publish a report summarising the main trends they have observed. A few days ago, I read two commentaries on the 2024 data that confirmed my opinion. This is Kevin Beaumont : My main observations: Firstly, no mention o...

Every day there is a lot of interesting news related to cybersecurity. Many of these news items are closely related to topics discussed in my Cybersecurity course . Sometimes these news are very closely related to the lectures of a few days ago. Yesterday was a very interesting day in this respect. On Tuesday we discussed how to attribute a specific attack campaign to a specific threat group, what IoCs (Indicators of Compromise) are, their role in attribution, and how they can be used by a defender. Yesterday I found a report that discusses all these issues in a nice and easy to read way, with reference to a specific attack campaign attributed to a Chinese threat group. The report includes a technical description of the software tools used, including "living off the land" tools (another term we discussed), a description of the download and execution steps of the infection chain and, of course, a mapping to the MITRE ATT&CK Enterprise Matrix (the report mentions LSASS dum...