Skip to main content


What’s new in the Segment landscape?


HTCAP - new (cool) features released

htcap, our super powerful web crawler/security scanner, has been updated with lots of cool features, such as:

  1. heuristic engine to detect duplicated contents
  2. the ability to crawl the DOM even if no ajax requests are triggered
  3. improvements on the synchronous DOM crawler
  4. url deduplication based on the request pattern

Check'em out on github!


New Ransomware Attack Discovered

In the last hours a new ransomware attack is targetting companies and governament agencies across Europe, including the Kiev airport, Chernobyl nuclear power plant and many Italian companies.

Once infected, the PC reboots itselfs and gets stuck BEFORE loading the operating system asking for the ransom.
The Segment's Team analized a sample of the malware and it realized that (probably) only the first few bytes of the disk gets encrypted. Hence it could be possible to recover some of the locked files without paying the ransom.

It seems that with common "file rescue" programs (such as photorec or authopsy) it's possible to read the unencrypted data on the disk and try to restore the files.

Latest updates

Encrypts MFT (Master File Tree) tables for NTFS partitions and overwrites the MBR (Master Boot Record) 
with a custom bootloader that shows a ransom note and prevents victims from booting their computer.

Actions to be taken:
1. Block source E-mail address

2. Block domains:

3. Block IPs:
4. Apply patches:
Refer(in Russian):

5. Disable SMBv1

6. Update Anti-Virus hashes

myguy.xls EE29B9C01318A1E23836B949942DB14D4811246FDAE2F41DF9F0DCD922C63BC6
BCA9D6.exe 17DACEDB6F0379A65160D73C0AE3AA1F03465AE75CB6AE754C7DCB3017AF1FBD



Segment’s disclosure is reaching the hype

The recent disclosure of our CEO, Filippo Cavallarin, has rapidly spread creating a big fuss internationally and among the clients of Interlogica group, we are part of.

In fact, in making this a phenomenal discovery by Segment, we can list The Register, SoftpediaSecurity Info and Reddit among several international headlines and social platforms Cyber Security-oriented.

The unveiled vulnerability, the Remote Code Execution of Microsoft Remote Desktop Client for Mac, focused on a criticality on the implementation of the RDP url schema, which enables the remote access to local resources.

In the rdp url scheme it is possible to specify a parameter that allows a malicious terminal server to read and write the user’s home directory without any interaction or knowledge. The publication of the proof-of-concept made essential for Microsoft and Apple to solve the bug by providing systems updates.

The raising hype around the news has become so disruptive because all our clients are aware of it, giving us a wider exposure.


Segment and Alien Vault now partner!

Thanks to the brand new partnership with AlienVault and its high skilled team, Segment can now offer high quality Managed Security Services.

AlienVault products allow Segment to meet its customer needs by building and running advanced Security Operation Centers (SOC) to monitor and manage the security of the whole IT network.

AlienVault is acknowledged as one of the world's largest IT security platforms able to manage unified security tools to better defeat digital threats.


Segment in Verona, last stop of the 2016 #SecuritySummit roadshow!

Still going into the depth of the Cyber Security, still having something new to tell!

Don’t forget to follow Segment in Verona at the 2016 #SecuritySummit and on our social!.

Tweet with us!


Visit the Security Summit website!


Segment sponsorship still goes on at the June session of the 2016 Security Summit

The 2016 Security Summit roadshow continues and is about to arrive at the next stop: Rome.

Thus, even the Segment sponsorship goes along: in the capital city it’s going to provide you with news and focus on the most relevant speeches of those days.

Breaking news directly on Twitter!!


Segment technical sponsor of the spring session’s HackInBo 2016

At its 6th edition, HackInBo is the free event on Cyber Security held in Bologna, a format never conceived before 2013.

This happening aims to provide a spot where cyber security experts can unhurriedly talk about emerging trends, latest issues on IT and Security, and keep all hackers and professionals updated.

Segment will provide the live streaming which will take place on Saturday, May 14th and the interviews to the speakers on Sunday, May 15th.


Segment and its first appearance at the March 2016 Security Summit

Since 2010 Security Summit roadshow has become the major event so far in the evolving  italian security landscape. This occasion marks the hardship of safeguarding computing environments from cyber threats and the necessary call for security of digital data, networks and systems.

Over the years this showcase attracted more than ten thousands of people with details and overviews on the developing technology within the cyber protection market.

As a cybersecurity provider, Segment has decided to sponsor the streaming at the first session of the summit, that you can watch on the homepage.


Htcap: a web application scanner recently developed and already a success

The way to the success of this Segment tool, Htcap, has been paved by the article written by the editor in chief Mr.Zorz (here), describing it as “a free web application scanner that can crawl single page applications in a recursive manner by intercepting Ajax calls and DOM changes.

The app is focused mainly on the crawling process and uses external tools to discover vulnerabilities. It’s designed to be a tool for both the manual and automated penetration testing of modern web applications.[..]

The scan process is divided into two parts. Htcap crawls the target and collects as many requests as possible and saves them to a SQLite database. When the database is populated, you can explore it with tools such as SQLite3 or DBEaver, or export the results using built-in scripts.[..]

The tool supports three scan modes: passive, active and aggressive. When in passive mode, the app doesn’t interact with the page and only follows links. Active mode triggers all discovered events, while aggressive mode makes Htcap also fill input values and post forms.[...]”