Andrea Fortuna
AboutRss
  • Mar 9, 2017

    D’oh! Another Apache Struts 2 vulnerability!

    Upgrade now, some attacks are already in progress! Another serious vulnerability was discovered in Apache Struts 2. Affected versions Apache Struts 2.3.5–2.3.31 Apache Struts 2.5–2.5.10 The vulnerability The vulnerability (CVE-2017–5638), firstly reported by the security researcher Nike Zheng, is a… read more »
  • Mar 9, 2017

    VBA IP Functions: IP manipulation with Visual Basic for Applications

    “Seriously? Are you still using VBA?” Do you think that Visual Basic for Applications is ugly, slow, cumbersome, old and confusing? Well … I agree with you! But if you need to create a macro in Excel for IP lookup in a… read more »
  • Mar 8, 2017

    Wikileaks and Vault 7, my press review constantly updated

    CIA hackers are targeting smartphones, computers, Smart TV, and… cars? Yesterday, WikiLeaks published thousands leaked internal CIA documents. https://xkcd.com/1808/ The leak, dubbed “Vault 7”, is claimed to be “the largest ever publication of confidential documents on the agency” [embed]https://wikileaks.org/ciav7p1/[/embed] The first documents… read more »
  • Mar 8, 2017

    Best practices for addressing phishing threats in corporate environment

    Some useful tips from Flashpoint Chris Camacho and Pierre Lamy from Flashpoint have published and interesting article on corporate blog titled “Best Practices for Addressing Four Common Threats”. As cyber threat actors strive to acquire increasingly advanced skills and develop… read more »
  • Mar 7, 2017

    DNSMessenger: a fileless RAT uses DNS queries to receive commands from the C&C

    Theoretically invisible to standard anti-malware defenses. Cisco’s Talos threat research group has recently discovered a new kind of RAT (Remote Access Trojan), called DNSMessenger. DNSMessenger is completely fileless, it works only in memory and don’t save data on filestystem. Furthermore it… read more »
  • Mar 6, 2017

    BitErrant attack: exploiting SHA1 collisions

    What can go wrong in the BitTorrent protocol once SHA1 collisions become reality? A few days after the disclosure of SHAttered, it begins to pop up some ‘practical’ use of SHA1 collisions: The BitErrant attack is a fun little exploit that… read more »
  • Mar 3, 2017

    Friday humor: Real programmers vs. text editors

    Which editor is used by real programmers? XKCD tries to answer: https://xkcd.com/378/ Emacs, Nano, Vim, ed, cat or…butterflies? (Found on nixCraft’s twitter stream) … read more »
  • Mar 2, 2017

    How to practice effectively

    An interesting video by TED-Ed About the daily practice related to the music I already released a nice video of Tatyana Ryzhkova. In this video Annie Bosler and Don Greene instead explain how practice affects the inner workings of our brains:… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andrea-fortuna
  • andrea

Cybersecurity expert, software developer, experienced digital forensic analyst, musician