Andrea Fortuna
AboutRss
  • Feb 9, 2017

    Ticketbleed, a TLS vulnerability on F5 appliances

    Similar to the well known Heartbleed vulnerability Ticketbleed is a vulnerability (CVE-2016–9244) in the TLS/SSL stack of F5 BIG-IP appliances allowing a remote attacker to extract up to 31 bytes of uninitialized memory at a time, that can potentially contain… read more »
  • Feb 9, 2017

    Analyze websites and the resources they request with urlscan.io

    Find out which HTTP requests your website triggers in the background and where they call out to This is not my discovery, but a very useful resource found through a Florian Roth tweet: [embed]https://twitter.com/cyb3rops/status/828581308792176646[/embed] urlscan.io is a service which analyses websites… read more »
  • Feb 8, 2017

    Emil Zátopek, 4 lessons about running and life

    If you are a runner that gives up at the first difficulty, here some advice from the “Czech Locomotive” 0. Who was Emil Zátopek? From Wikipedia: Emil Zátopek was a Czechoslovak long-distance runner best known for winning three gold medals at… read more »
  • Feb 7, 2017

    Simple malware downloader obfuscation with Powershell and Base64

    Maybe i have reinvented the wheel… …but i think is useful to share this discovery. I recently had the opportunity to analyze an email with attached a link that downloads a suspicious file. From a first analysis, it seemed be a .lnk… read more »
  • Feb 6, 2017

    Nope, 432 Hz is not the “frequency of universe”

    Let’s try to separate fact from fiction If you happen to meet some musician who claims that 432 Hz is “the natural frequency of the Universe”, which this frequency has the power of “attract the masses to the music” and cure… read more »
  • Feb 3, 2017

    A great malware removal guide from Heimdal Security

    A great collection of useful tools Paul Cucu has published on Heimdal Security Blog a really good article on malware removal, a useful guided checklist for removal malicious software from PCs: So how do you remove malware? Let’s not waste time… read more »
  • Feb 2, 2017

    Zero-day content injection vulnerability found in WordPress REST API

    Patch your CMS Now! Just a very quick post to warn you of a new vulnerability discovered by Sucuri on Wordpress. The vulnerability could be exploited by an unauthenticated attacker to inject malicious content, to modify posts, pages and any other… read more »
  • Feb 2, 2017

    The “GitLab meltdown”: moral of the story?

    Pretty simple: verify your backups! GitLab.com is in crisis after experiencing a severe data loss caused by human errors and ineffectual backups. What happened? On Tuesday evening, one database experience a severe performance degradation, and the sysadmin tries to start an… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andrea-fortuna
  • andrea

Cybersecurity expert, software developer, experienced digital forensic analyst, musician