Andrea Fortuna
AboutRss
  • Mar 21, 2023

    Chaos Engineering: breaking systems to make them stronger

    Chaos Engineering is a practice that aims to identify potential issues and vulnerabilities in a system by deliberately introducing controlled failures. The goal is to expose weaknesses before they cause significant damage in a real-world scenario.… read more »
  • Mar 20, 2023

    Vulnerability allows restoration of sensitive information on Google Pixel screenshots

    Security researchers David Buchanan and Simon Aarons have discovered a serious vulnerability in Google Markup, the screenshot editing tool available on Pixel devices. The bug, dubbed 'aCropalypse', allows certain parts of the image to be restored, potentially exposing sensitive information.… read more »
  • Mar 15, 2023

    Dero cryptocurrency mining campaign discovered by CrowdStrike

    CrowdStrike has discovered a cryptojacking campaign targeting Kubernetes infrastructure, believed to be the first Dero cryptojacking operation. … read more »
  • Mar 15, 2023

    March 2023 Patch Tuesday: Two actively exploited zero days disclosed

    Microsoft has release patches for two actively exploited zero-day vulnerabilities: a Critical elevation of privilege within Microsoft Outlook (CVE-2023-23397) and a Moderate security feature bypass within Windows SmartScreen (CVE-2023-24880)… read more »
  • Mar 14, 2023

    GoBruteforcer: new malware targets web servers

    Researchers at Palo Alto Networks Unit 42 have discovered a new malware called GoBruteforcer, written in Golang and targeting web servers running phpMyAdmin, MySQL, FTP and Postgres. … read more »
  • Mar 13, 2023

    Essential Tools for Gathering and Analyzing IOCs

    In Cyber Threat Intelligence, the collection and analysis of Indicators of Compromise (IOCs) is critical because they provide valuable information that can help organisations detect and respond to cyber threats more effectively. In this post, I have compiled some useful… read more »
  • Mar 11, 2023

    Plaso 20230226 has been released

    Plaso is a Python-based engine that can automatically create timelines from various files found on typical computer systems. It can extract timestamps from file system metadata, log files, registry files, browser history, email archives, and many other sources, and can… read more »
  • Mar 10, 2023

    UNC4540 targets unpatched SonicWall gateways with credential-stealing malware

    According to a recent report from cybersecurity firm Mandiant, Chinese cybercriminals are targeting unpatched SonicWall gateways with credential-stealing malware that persists through firmware upgrades.… read more »
Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna
  • andreafortuna
  • andreafortunatw

Cybersecurity expert, software developer, experienced digital forensic analyst, musician