Andrea Fortuna
AboutSearch
Tools
DFIR Toolkit OSINT Toolkit
  • May 21, 2024

    Unlocking Productivity with the GTD Method

    The world of work today if full of tasks, emails, meetings, and personal projects: In this situation, you may feel overwhelmed. But the Getting Things Done (GTD), a productivity system developed by David Allen, may helps you! GTD is not… read more »
  • May 20, 2024

    How to install Ruby (and Jekyll) on Chromebook

    For several years I have been using Jekyll as a platform for my site, and for publication I use a simple GitHub Action which converts an issue into a markdown file which is then processed by Jekyll (in one of… read more »
  • May 13, 2024

    Poland investigates use and misuse of Pegasus

    In the past I have often spoken (1,2) about Pegasus, the spyware originally produced and distributed by the Israeli company NSO, which has been used by various states to spy on activists, opponents and journalists. Now, with the upcoming European… read more »
  • Apr 26, 2024

    OSINT investigations using the Wayback Machine

    The Wayback Machine is a digital archive of the internet, maintained by the Internet Archive. It allows you to view past versions of websites, which can be a valuable tool for OSINT investigations. … read more »
  • Apr 3, 2024

    Is Your Pixel Safe? Google Acknowledges Exploited Vulnerabilities

    Google recently disclosed two critical vulnerabilities (CVE-2024-29745 and CVE-2024-29748) affecting Pixel smartphones that are being actively exploited by forensic companies. These zero-day flaws could potentially allow unauthorised access to user data.… read more »
  • Mar 31, 2024

    XZ Backdoor: A Stealthy Attack on Linux Systems (CVE-2024-3094)

    On March 29, 2024, a serious security vulnerability was discovered in the XZ Utils library. This library is used by many Linux distributions for data compression. The vulnerability, which has been assigned the CVE identifier CVE-2024-3094, is a backdoor that… read more »
  • Mar 26, 2024

    8 Ways to Stop Procrastinating

    Procrastination is the act of delaying or postponing a task or set of tasks. … read more »
  • Jan 28, 2024

    Integrating Password Manager pass into i3 Desktop Environment with Bash Script

    Today I'd like to show you my setup for integrate the pass password manager into the i3 desktop environment using a Bash script. … read more »
  • Dec 8, 2023

    Are push notifications being used to spy on users?

    In a letter to the Department of Justice, Senator Ronnie Wyden reveals that foreign governments have been spying on how American citizens use their iPhones and Android phones through push notifications.… read more »
  • Nov 19, 2023

    LitterDrifter: a new USB worm used by the Gamaredon group

    The Russian cyber espionage group Gamaredon, affiliated with Russia's Federal Security Service (FSB), has been observed using a worm called LitterDrifter, which spreads through USB devices in targeted attacks against Ukrainian entities. This tactic signifies an evolution in the group's… read more »
  • Nov 12, 2023

    Android and privacy: my guidelines

    At first glance, the relationship between privacy on Android phones may seem complicated.… read more »
  • Oct 29, 2023

    Octo Tempest: extortion through phishing, SIM swapping and ransomware

    Microsoft has monitored the actions of a group named Octo Tempest (identified by Crowdstrike as Scattered Spider), which has targeted multiple firms to extort money. The cybercriminals, linked to the BlackCat group (ALPHV), use a range of methods to gain… read more »
  • Oct 20, 2023

    IoC vs. IoA

    What's the difference between IoA and IOC, and why is it crucial to incorporate them into a security strategy?… read more »
  • Oct 8, 2023

    The evolution of ransomware kill chains: Top-level evasion activity in the summer of 2023

    Ransomware groups are constantly evolving their tactics and techniques to stay ahead of defenders. … read more »
  • Oct 7, 2023

    How to Use Cloudflare Zero Trust Gateway as a DNS Ad Blocker

    Personally, I am a big fan of NextDNS, a DNS service that (similar to PiHole) allows you to block traffic to advertising circuits, tracking and telemetry systems.… read more »
  • Sep 26, 2023

    RansomedVC: some details about the new ransomware group

    RansomedVC is a recent ransomware collective, which was initially detected by Malwarebytes and SocRadar in August 2023 after publishing information about nine victims on its dark web page:… read more »
  • Sep 24, 2023

    Deadglyph: a new advanced backdoor from Stealth Falcon

    Stealth Falcon APT (aka Project Raven or FruityArmor), a state-sponsored hacking group from the United Arab Emirates (UAE), is mainly known for targeting activists, journalists, and dissidents in the Middle East.… read more »
  • Sep 15, 2023

    UNC3944: SMS Phishing, SIM Swapping, and Ransomware Attacks

    UNC3944, a financially motivated threat group, has been leveraging SMS phishing (smishing) campaigns to target organizations and gain unauthorized access to their systems. … read more »
  • Aug 29, 2023

    New ‘MalDoc in PDF’ attack technique

    Japan’s computer emergency response team (JPCERT) recently identified a new attack method named ‘MalDoc in PDF’, which manages to elude detection by incorporating a malicious Word file within a PDF file.… read more »
  • Aug 28, 2023

    Kaspersky Lab's technical analysis of Lockbit v3 Builder

    Lockbit v3 (also known as Lockbit Black), surfaced in June 2022. However, September 2022 saw the leakage of its builder, enabling the creation of custom ransomware versions. The builder's availability empowered any individual to tailor the ransomware, leading to the… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna

Cybersecurity expert, software developer, experienced digital forensic analyst, musician