Andrea Fortuna
AboutRss
  • Oct 26, 2016

    Recognize and avoid IMSI-catchers with Android IMSI Catcher Detector

    “ You are being watched!” The Android-IMSI-Catcher-Detector (short: AIMSICD) is an Android open-source based project to detect and avoid fake base stations (IMSI-Catchers) or other base-stations (mobile antennas) with poor/no encryption, born in 2012 on XDA. The project aims to… read more »
  • Oct 25, 2016

    Apple devices are still vulnerable to malformed JPEGs, PDFs and font files

    Update, now! If you have an Apple device, you should update it to IOS 10.1 as soon as possible: the update addresses a vulnerability that allows you to take control of the device by simply sending a JPEG image specially… read more »
  • Oct 25, 2016

    ViperMonkey, VBA parser and emulation engine to analyze malicious macros

    An experimental but useful project ViperMonkey is a toolkit written in Python by Philippe Lagadec, developed to parse VBA macros and emulate their execution. ViperMonkey acts as a VBA Emulation engine, and tries to analyze and deobfuscate malicious VBA Macros contained… read more »
  • Oct 25, 2016

    The great DDoS against Dyn: my personal selection of best articles

    Continuously updated… Last Friday a sizable DDoS attack was launched against Dyn’s “Managed DNS” infrastructure using a Mirai-Fueled IoT Botnet, making unreachable services of some companies such as Twitter, Spotify, Netflix, GitHub, Amazon and Reddit. All sites that deal with… read more »
  • Oct 24, 2016

    Abusing emergency failover provisions, LTE traffic can be intercepted

    Using an IMSI-catcher and a Femtocell The security researcher Wanqiao Zhang of Qihoo 360 has published a research about a vulnerability in LTE networks. The attacks work through a series of messages sent between malicious base stations and targeted phones.… read more »
  • Oct 24, 2016

    A big collection of source code of various malware for Windows, Linux and Android

    “If you know your enemies and know yourself, you will not be imperiled in a hundred battles” (Yes, it’s a quote by Sun Tzu) The GitHub account of infosecguerrilla is a precious source of information about malware. Into two repositories is… read more »
  • Oct 21, 2016

    Dirty COW (CVE-2016–5195): a 0-day local privilege escalation vulnerability in the Linux kernel…

    Any user can become root in less than 5 seconds! The bug has existed since Linux kernel version 2.6.22 and was found by Phil Oester. Exploitation of this bug does not leave any trace of anything abnormal happening to the logs. So… read more »
  • Oct 21, 2016

    Naivechain : a blockchain implementation in 200 lines of code

    “Because understanding blockchains should not be a difficult task!” A very interesting Node.js project developed by Lauri Hartikka. Blockchain is a distributed database that maintains a continuously-growing list of records called blocks secured from tampering and revision. The blockchain format… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andrea-fortuna
  • andrea

Cybersecurity expert, software developer, experienced digital forensic analyst, musician