Marco Ramilli, PhD
Bologna, Emilia Romagna, Italia
17.761 follower
Oltre 500 collegamenti
Informazioni
With over 15 years of experience in the cybersecurity field, Marco Ramilli is a passionate leader, entrepreneur, and expert who founded and leads Yoroi, an innovative Managed Cyber Security Service Provider. Yoroi focuses on defending its customers with no compromise, using a unique platform called CyberSecurity Defence Center that empowers analysis and response.
Marco Ramilli holds a PhD in Information Communication Technology and has worked for the US Government, the IEEE, and various academic institutions as a researcher, speaker, and teacher. He has published multiple papers and books on malware detection, penetration testing, and digital security. He is also a white-hat hacker, a TEDx speaker, and a Paul Harris Fellow. He strongly believes in the human role in the digital age and his mission is to protect private and public organizations from cyber threats. His credo is: "Defence Belongs To Humans".
Articoli di Marco
-
Cosa Portare Nel Domani ?
Cosa Portare Nel Domani ?
Propongo di considerare la seguente domanda: "Cosa e' essenziale portare nel domani ?". Esistono vari modi per…
1 commento -
Navigating the Frontier of AI Agents: A Glimpse into the Future
Navigating the Frontier of AI Agents: A Glimpse into the Future
In the ever-evolving landscape of technology, AI agents stand as a testament to human ingenuity and the relentless…
2 commenti -
Yoroi: The Best Place To Rock
Yoroi: The Best Place To Rock
DISCLAIMER Questo racconto è del tutto personale, rappresenta il mio punto di vista in Yoroi, non pretende di…
124 commenti
Contributi
Attività
-
Le cucine popolari di Cesena: un posto dove accoglienza e vicinanza sono di casa. 📌 Ieri ho cenato alle cucine popolari di Cesena, un luogo di…
Le cucine popolari di Cesena: un posto dove accoglienza e vicinanza sono di casa. 📌 Ieri ho cenato alle cucine popolari di Cesena, un luogo di…
Consigliato da Marco Ramilli, PhD
-
Mark your calendars for next Tuesday! Our Chairman, Mr. Bob Diamond, and our new executive team members will be unveiling some exciting news. You…
Mark your calendars for next Tuesday! Our Chairman, Mr. Bob Diamond, and our new executive team members will be unveiling some exciting news. You…
Consigliato da Marco Ramilli, PhD
-
Eccoci arrivati al nostro interessante e attualissimo convegno!
Eccoci arrivati al nostro interessante e attualissimo convegno!
Consigliato da Marco Ramilli, PhD
Esperienza
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Formazione
Pubblicazioni
-
Man-in-the-Middle Attack to the HTTPS Protocol
CyberSecurity
Vedi pubblicazioneThe man-in-the-middle (MITM) attack exploits the fact that the HTTPS server sends a certificate with its public key to the Web browser. If this certificate isn't trustworthy, the entire communication path is vulnerable. Such an attack replaces the original certificate authenticating the HTTPS server with a modified certificate. The attack is successful if the user neglects to double-check the certificate when the browser sends a warning notification. This occurs all too often-especially among…
The man-in-the-middle (MITM) attack exploits the fact that the HTTPS server sends a certificate with its public key to the Web browser. If this certificate isn't trustworthy, the entire communication path is vulnerable. Such an attack replaces the original certificate authenticating the HTTPS server with a modified certificate. The attack is successful if the user neglects to double-check the certificate when the browser sends a warning notification. This occurs all too often-especially among users who frequently encounter self-signed certificates when accessing intranet sites.
-
Multi-stage delivery of Malware
IEEE
Vedi pubblicazioneAbstract: Malware signature detectors use patterns of bytes, or variations of patterns of bytes, to detect malware attempting to enter a systems. This approach assumes the signatures are both or sufficient length to identify the malware, and to distinguish it from non-malware objects entering the system. We describe a technique that can increase the difficulty of both to an arbitrary degree. This technique can exploit an optimization that many anti-virus systems use to make inserting the…
Abstract: Malware signature detectors use patterns of bytes, or variations of patterns of bytes, to detect malware attempting to enter a systems. This approach assumes the signatures are both or sufficient length to identify the malware, and to distinguish it from non-malware objects entering the system. We describe a technique that can increase the difficulty of both to an arbitrary degree. This technique can exploit an optimization that many anti-virus systems use to make inserting the malware simple; fortunately, this particular exploit is ...
-
Multiprocess Malware
IEEE
Vedi pubblicazioneAbstract: Malware behavior detectors observe the behavior of suspected malware by emulating its execution or executing it in a sandbox or other restrictive, instrumented environment. This assumes that the process, or process family, being monitored will exhibit the targeted behavior if it contains malware. We describe a technique for evading such detection by distributing the malware over multiple processes. We then present a method for countering this technique, and present results of tests…
Abstract: Malware behavior detectors observe the behavior of suspected malware by emulating its execution or executing it in a sandbox or other restrictive, instrumented environment. This assumes that the process, or process family, being monitored will exhibit the targeted behavior if it contains malware. We describe a technique for evading such detection by distributing the malware over multiple processes. We then present a method for countering this technique, and present results of tests that validate our claims.
-
Return Oriented Programming
Computer by IEEE
Vedi pubblicazioneAbstract: Attackers able to compromise the memory of a target machine can change its behavior and usually gain complete control over it. Despite the ingenious prevention and protection mechanisms that have been implemented in modern operating systems, memory corruption attacks still account for a big share of the security breaches afflicting software systems. This article describes a growing attack trend that uses return-oriented programming (ROP) techniques to bypass the most common memory…
Abstract: Attackers able to compromise the memory of a target machine can change its behavior and usually gain complete control over it. Despite the ingenious prevention and protection mechanisms that have been implemented in modern operating systems, memory corruption attacks still account for a big share of the security breaches afflicting software systems. This article describes a growing attack trend that uses return-oriented programming (ROP) techniques to bypass the most common memory protection systems.
-
Splitting the HTTPS Stream to Attack Secure Web Connections
IEEE
Vedi pubblicazioneAbstract: Secure transactions over the World Wide Web are required for implementing services of economic value or dealing with sensitive data. The HTTPS protocol lets a browser verify a Web server's authenticity and establish an encrypted channel for protecting exchanged data.
Progetti
-
Touch My Table
- Presente
MyTable is an interactive table with touchscreen technology for order and play in bars, restaurants, clubs and discos
Altri creatori -
-
RoboAdmin
-
The goal of this research is to devise an unconventional model of communication between the system administrator and the remote administration interface. In the proposed solution, previously outlined in, the intrinsic vulnerability of the traditional scheme is addressed by reversing the client-server relation; an administration engine replaces the classical service, originating connections to an intermediate system rather then listening for connections. The immediate advantage arising from this…
The goal of this research is to devise an unconventional model of communication between the system administrator and the remote administration interface. In the proposed solution, previously outlined in, the intrinsic vulnerability of the traditional scheme is addressed by reversing the client-server relation; an administration engine replaces the classical service, originating connections to an intermediate system rather then listening for connections. The immediate advantage arising from this design choice is that there is nothing to attack on the remote host. On the other hand, the introduction of an additional system in the security chain must be carefully evaluated, to avoid introducing unexpected attack paths, and eventually making the system less robust than it originally was. We claim that, if properly modeled and implemented, a platform based on the meeting of the server and its administrator on an intermediate system is expedient in terms of security, availability, usability and opportunity for future extension. In the following section, we outline the design guidelines for the proposed system and describe the resulting architecture. Then, we proceed to discuss the deriving security issues. Finally, we draw conclusions based both on the present theoretical analysis and on preliminary experimental results.
Altri creatori -
-
Mouse Glove
-
Vedi progettoMouseGlove is an open source project for a new generation of mouse. The goal of this project is to provide an open source hardware and software stimulating new developers to improve the usability of computers through new interfaces. MouseGlove is a new kind of interface born for helping people affected by disabilities who cannot use common interfaces such as mouse and keyboard. MouseGlobe offers a natural way to move the screen pointer, click and drag objects. Each action is natural as using…
MouseGlove is an open source project for a new generation of mouse. The goal of this project is to provide an open source hardware and software stimulating new developers to improve the usability of computers through new interfaces. MouseGlove is a new kind of interface born for helping people affected by disabilities who cannot use common interfaces such as mouse and keyboard. MouseGlobe offers a natural way to move the screen pointer, click and drag objects. Each action is natural as using your hands to keep, move and touch real objects on a desktop. I encourage every developer to grab my source code and electronics and build an improved version of MouseGlove, keeping alive the next generation of computer mouse interfaces.
-
Malware Control Center
-
Vedi progettoGathering open data from malware analysis websites is the main target of Malware Control Monitor project. Visualize such a data by synthesize statistics highlighting where threats happen and what their impact is, could be useful to identify malware propagations
Riconoscimenti e premi
-
Excelsa Award Innovation
Confindustria Romagna
-
Excelsa Award
Confindustria Romagna
Giovani Leader "Under 40"
-
Paul Harris Fellow
Rotary
Individual Rotary clubs may from time to time award the honor to an individual who meets the high professional and personal standards exemplified by Paul Harris, the founder of Rotary International, without the honored individual having made any monetary contribution. The recognition is not limited to Rotarians.
A Paul Harris Fellow receives a special certificate and a gold pin. At the discretion of the Fellow's club, they may also receive a gold medallion on a blue-and-gold ribbon.
Lingue
-
Italian
-
-
English
-
Referenze ricevute
3 persone hanno scritto una referenza per Marco
Iscriviti ora per vedereAltre attività di Marco
-
“This merger is terrific news for both the users and the content creators on our app. Whether they are fans of BKFC, or they watch sports and…
“This merger is terrific news for both the users and the content creators on our app. Whether they are fans of BKFC, or they watch sports and…
Consigliato da Marco Ramilli, PhD
-
We were so honored to "walk" on the Green Carpet of Forbes. Our founder Marco Ramilli, PhD was kindly hosted by Enzo Argante to talk about the…
We were so honored to "walk" on the Green Carpet of Forbes. Our founder Marco Ramilli, PhD was kindly hosted by Enzo Argante to talk about the…
Consigliato da Marco Ramilli, PhD
-
📰 Martedì 15 ottobre è stato pubblicato un articolo su #Login del Corriere della Sera, nel quale si è parlato di #intelligenzaartificiale. Più…
📰 Martedì 15 ottobre è stato pubblicato un articolo su #Login del Corriere della Sera, nel quale si è parlato di #intelligenzaartificiale. Più…
Consigliato da Marco Ramilli, PhD
-
Massimo Chiriatti sarà speaker di ComoLake2024. Chief Technical & Innovation Officer di Lenovo, tecnologo e dirigente informatico, Chiriatti…
Massimo Chiriatti sarà speaker di ComoLake2024. Chief Technical & Innovation Officer di Lenovo, tecnologo e dirigente informatico, Chiriatti…
Consigliato da Marco Ramilli, PhD
-
Quando qualcuno fa qualcosa di innovativo, bisogna togliersi il cappello e fare i complimenti. Se poi il progetto è italiano, ancora meglio! L'amico…
Quando qualcuno fa qualcosa di innovativo, bisogna togliersi il cappello e fare i complimenti. Se poi il progetto è italiano, ancora meglio! L'amico…
Consigliato da Marco Ramilli, PhD
Altri profili simili
Esplora altri post
-
Innovate International (Malta)
Some shocking numbers from our neighbour to the north. Wonder if Malta is fairing any better? Based on our knowledge and exposure to the local market, we don't think so. So it begs the question, what are 𝘆𝗼𝘂 waiting for? Time to review your policies, assure they are adequate 𝗮𝗻𝗱 adequately adhered to. 𝗔𝗻𝗱 properly implemented. Do a vulnerability assessment and get the right tools in place. Don't know how to start? Its OK, we do! We are Innovate International (Malta), your expert cybersecurity partner. And we are one click away. => https://lnkd.in/ePV8yTNk
-
Prateek Bhajanka
This requires your immediate attention. Palo Alto Networks GlobalProtect Feature has a high Risk Vulnerability that is getting exploited in the wild. According to the report below, there are 22,500 vulnerable instances across the globe. Check the post below. #cybersecurity #vulnerability #attacksurfacemanagement #attacksurface #vulnerabilitymanagement #threatintelligence #shadowserver
-
TheSysRAT - CYBER SECURITY
🚨 BIG Update >> CVE-2024-6387 🐞 OpennSSH - From OSS Security forum >> Many people have asked us about an alleged proof of concept named "7etsuo-regreSSHion.c": it is not a proof of concept, it is essentially empty code (🚨it might even be dangerous to compile and execute, we have not checked🚨). It is not just the shellcode that is missing, everything else is missing too: the key-exchange code does nothing, the public-key code does nothing useful, etc etc. It looks great but it does nothing. A working proof of concept for this vulnerability will be much longer and complex, and will take much more time to write than this. I checked and exploit really do nothing. No exploitation was success. I try it on version 6.6p1 , 7.1p1, 8.5p1 nothing was success. And really exploit nothing do. CVE was rescored from 9.8 to 8.1, sources below. Exploit >> https://lnkd.in/enSi4Sqg Source >> https://lnkd.in/esU9sNmg Rescored CVE >> https://lnkd.in/dGAkqjsP #openssh #eploit #CVE #RegreSSHion
-
Linux Professional Institute (LPI)
Want to improve your #ITSecurity knowledge? Learn the fundamentals of #cryptography, from symmetric to asymmetric #encryption to public and private keys, and their practical applications in the article from #Cybersecurity Expert Simone Davide Bertulli: https://lpi.org/ypbr #SecurityEssentials #LPI #Security #Encryption #AES #RSA #PKI #DataSecurity #SecurityEssentials #Tech
-
Aghiath Chbib
One of the most crucial aspects of our work as Cybersecurity Defenders is understanding and analyzing malware traffic. 🌐 Why Focus on Malware Traffic Analysis?: - Reveal Hidden Threats: By examining HTTP requests and network streams, we can uncover communication with command-and-control servers, identify data exfiltration, and spot other malicious activities. - Real-Time Threat Detection: Using tools that integrate real-time analysis capabilities helps us detect and respond to threats as they emerge, reducing potential damage. - Counter Evasion Tactics: Sophisticated malware often tries to evade detection. Understanding its behavior in a controlled environment allows us to adapt and counter these tactics effectively. 🔎 Key Concepts in Malware Traffic Analysis: - HTTP Request Examination: Analyzing the details of connection requests can reveal malware's behavior and intent. This includes identifying specific URLs, monitoring response content, and filtering connections. - Rule Detection: Leveraging rulesets to detect suspicious traffic and malware-related activities helps in early identification and mitigation of threats. - Network Stream Analysis: Delving into packet content and network streams provides deep insights into malware configuration, data theft, and other malicious activities. Mastering malware traffic analysis equips us with the knowledge to defend against cyber threats proactively. It’s not just about having the right tools but also about developing the expertise to interpret and act on the data they provide. #CyberSecurity #MalwareAnalysis #NetworkSecurity #ThreatDetection https://lnkd.in/dCWret3Y
