Andrea Fortuna
AboutSearch
Tools
DFIR Toolkit OSINT Toolkit
  • Aug 13, 2023

    MoustachedBouncer: Belarus-Linked threat group exploit ISPs for AiTM attacks

    Researchers at ESET have uncovered several cyber espionage campaigns carried out by the MoustachedBouncer group, which is linked to the Belarusian government. … read more »
  • Aug 5, 2023

    SOC Multi-tool, useful browser extension for security investigations

    SOC Multi-tool is a browser extension with a wide range of features and capabilities. The project is community-driven and the developer (Zachary Henard) encourages users to contribute and share better resources.… read more »
  • Jul 17, 2023

    Threat actor naming conventions: a big mess!

    The task of adversary attribution and how it should be done is a controversial topic in the cyber threat intelligence community.… read more »
  • Jul 14, 2023

    PyLoose: A new fileless malware targeting cloud workloads

    Analysts from cybersecurity firm Wiz discovered a new fileless malware named PyLoose targeting cloud workloads to hijack their computational resources for Monero cryptocurrency mining. … read more »
  • Jul 8, 2023

    APT42 malware campaign targets Windows and macOS

    Iran-linked threat actor APT42 has been identified as the source of a recent malware campaign that targets both Windows and macOS operating systems. … read more »
  • Jul 6, 2023

    RedEnergy: a sophisticated Stealer-as-a-Ransomware threat

    A new and highly sophisticated threat called RedEnergy has emerged, targeting energy utilities, oil, gas, telecom, and machinery sectors in Brazil and the Philippines. … read more »
  • Jun 27, 2023

    Mockingjay: a new Process Injection technique evading EDR detection

    A new process injection technique called Mockingjay has been discovered by researchers at cybersecurity firm Security Joes. The technique allows threat actors to execute malicious code on compromised systems without being detected by Endpoint Detection and Response (EDR) and other… read more »
  • Jun 25, 2023

    How to install Arch Linux on a Chromebook in a container, using Crostini

    Crostini is the technology used by Google to make Linux application support easy to use and integrate well with Chrome OS.… read more »
  • Jun 22, 2023

    Operation Triangulation: Apple releases patches for zero-day exploits in spyware campaign

    Apple has released security patches to address two zero-day vulnerabilities (CVE-2023-32434 and CVE-2023-32439) exploited in the spyware campaign known as Operation Triangulation. … read more »
  • Jun 17, 2023

    Uncovering Tor Hidden Service with Etag

    According to a recent research, The Onion Router network, which provides anonymity and resistance to identification and tracking, has a new vulnerability that could compromise the anonymity of its users.… read more »
  • Jun 16, 2023

    'Fragile Things' is out!

    'There are so many fragile things, after all. People break so easily, and so do dreams and hearts.' … read more »
  • Jun 15, 2023

    UNC4841: the Pro-China threat actor behind exploitation of Barracuda ESG Zero-Day Vulnerability

    A suspected pro-China threat group, UNC4841, has been identified as the perpetrator of data-theft attacks on Barracuda Email Security Gateway (ESG) appliances. The group exploited a now-patched zero-day vulnerability, CVE-2023-2868, to gain unauthorized access and steal sensitive data.… read more »
  • Jun 13, 2023

    What if ChatGPT had free access to the Internet?

    Greg Brockman, one of the co-founders of OpenAI, created a demo for a TED Talk in which ChatGPT is given the ability to access the Internet and external services. The ChatBot, with access to external reality, consults documents, provides links… read more »
  • Jun 10, 2023

    The rise of Asylum Ambuscade: from phishing campaigns to global cybercrime wave

    The threat actor known as Asylum Ambuscade has been observed straddling cybercrime and cyber espionage operations since at least early 2020.… read more »
  • Jun 7, 2023

    Rhysida Ransomware group: tactics and targets

    A new ransomware group named Rhysida has emerged in the cyber threat landscape, targeting various organizations between 23 May 2023 and 4 June 2023. … read more »
  • Jun 2, 2023

    Operation Triangulation: targets iOS devices with zero-click exploits

    A previously unknown and highly sophisticated Advanced Persistent Threat (APT) has recently come to light, targeting iOS devices in a long-running mobile campaign called Operation Triangulation. … read more »
  • Jun 1, 2023

    Terminator: a new BYOVD attack tool

    A recent discovery in the cybersecurity landscape has unveiled a concerning tool known as 'Terminator', promoted by a threat actor named Spyboy on a Russian-speaking forum, that claims to have the capability to terminate any antivirus, XDR, and EDR platform.… read more »
  • May 27, 2023

    Predator: a commercial Android spyware

    Security researchers from Cisco Talos have recently shared an in-depth analysis of the commercial Android spyware known as Predator, developed by Intellexa (previously Cytrox), an Israeli company. This spyware gained attention when Google's Threat Analysis Group (TAG) discovered its involvement… read more »
  • May 23, 2023

    BlackCat exploits Windows Kernel Drivers to avoid detection

    In a recent report, Trend Micro researchers uncovered a significant incident involving ALPHV/BlackCat ransomware, occured on February 2023. … read more »
  • May 22, 2023

    From Giraffes to Dogs: unveiling the unpredictability of Computer Image Recognition

    Most image recognition systems use what is known as Probabilistic Image Recognition, a technique used by computer systems to identify objects or patterns in images based on statistical probabilities. … read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna

Cybersecurity expert, software developer, experienced digital forensic analyst, musician