Social Engineering Social Engineering

Interview on Social Engineering threads with an Italian high school student within the Alternanza Scuola-Lavoro project

Written by Matteo Mauri, CNIT

Alternanza Scuola Lavoro is a project that involves high school students in Universities' research activites. CNIT - PRA Lab hosted 2 students from the high school liceo Euclide of Cagliari, involving them in Social Engineering themes and teaching them modern techniques against digital targeted attacks. The students were involved also in some activites carried on within the project DOGANA - aDvanced sOcial enGineering And vulNerability Assesment framework.

Marco G., one the two students involved in the project, released an interview to the DOGANA's Social Engineering Blog. Available in English and in Italian.

Read more


Video Games and Information Security – Uneasy Bedfellows?

Written by Marc Busch, AIT

We like it when things fall easily into place and we like to have fun. We, as humans are playful in nature and appreciate competitions and collaboration with strangers, colleagues, friends or family. Video games are a welcome distraction, whether it is just a quick session of Candy Crush in the subway or an advanced gaming evening full of World of Warcraft.

Even people who do not have video games on their bucket list probably get nostalgic feelings when they think of PacMan or hear the iconic Tetris music. Video games are fun and a nice way to spend some minutes or even hours.

Read more


Things to know for GDPR-proof handling of employee data

Written by Yung Shin Van Der Sype, KU LEUVEN

The General Data Protection Regulation (GDPR) has been adopted on 16 April 2016. After four years of preparation and negotiation between the EU institutions, the GDPR is ready to make “a high, uniform level of data protection throughout the EU a reality” (Jan Phillip Albrecht, German Green MEP).

Two years from now, in the first half of 2018, the new framework will come into force, with direct effect in all EU Member States. Hence, companies and organisations have two years to prepare for the major changes to come.

And things will change...

Read more


Health and unSafety. Why is your medical data so valuable? 10 famous recent hackings to healthcare systems

Written by Alessio Mulas, Matteo Mauri, CNIT

As NBC reported, on February 16th, Main Line Health (MLH) has become victim of a phishing attack that compromised personal information of nearly 11,000 employees.
MLH is a not-for-profit healthcare provider based on Philadelphia that operates on four acute care hospitals and other institutions.

Read more

Which could be the consequences of a social engineering attack?

Written by Enrico Frumento, CEFRIEL

Recently the news reported this attack, which apparently is associated to a ransomware problem for an Hospital.
Hollywood hospital’s systems held hostage by hackers
The Hollywood Presbyterian Medical Center, an “acute-care facility” located in Los Angeles, has had its computer systems compromised by hackers. The attackers are asking for 9,000 Bitcoin (approximately $3.6 million) in exchange for giving the hospital access to the systems again. The apparent problem is that part if not all the Hospital Information Service (HIS) was compromised by a ransomware.

Read more

This project has received funding from the European Union’s Horizon 2020 Research and Innovation programme, under grant agreement No. 653618




The DOGANA phishing videogame

Want to try it?
Read more here and contact us


Phishing: awareness through play

Want to try it?
Read more here and contact us


Contraband pixels and texts
Read all about our liteary-graphic competition on phishing and social engineering

All the pictures and novels