Andrea Fortuna
AboutSearch
Tools
DFIR Toolkit OSINT Toolkit
  • Apr 16, 2023

    LockBit ransomware group tests encryptors targeting Macs

    According to some twitter threads published by cybersecurity researchers vx-underground and MalwareHunterTeam, the major ransomware operation LockBit has created encryptors specifically targeting MacOS for the first time.… read more »
  • Apr 16, 2023

    60 Legitimate Apps on Google Play Infected with Goldoson Malware

    A new Android malware called 'Goldoson' has been distributed via Google Play through 60 legitimate apps with 100 million downloads. The malware is part of a third-party library that developers have unwittingly added to their apps.… read more »
  • Apr 14, 2023

    Vice Society's new PowerShell script enables automated data theft in ransomware attacks

    The Vice Society ransomware gang has developed a new PowerShell script to automate data theft from compromised networks, which is fully automated and uses 'living off the land' binaries and scripts to remain undetected.… read more »
  • Apr 13, 2023

    RTM Locker: private Ransomware-as-a-Service provider with strict rules

    A cybercriminal gang called Read The Manual (RTM) Locker has been described in detail by cybersecurity researchers of Trellix .… read more »
  • Apr 13, 2023

    Legion: A Python-based Credential Harvester and SMTP Hijacking Tool

    Legion is a new Python-based tool being sold on Telegram by cybercriminals that targets online email services for phishing and spam attacks.… read more »
  • Apr 11, 2023

    QuaDream's Spyware exploits iPhones with Zero-Click ENDOFDAYS attack

    Microsoft and Citizen Lab reported that an Israeli-based company, QuaDream, had used a zero-click exploit named ENDOFDAYS to compromise the iPhones of high-risk individuals.… read more »
  • Apr 10, 2023

    Malicious JavaScript injection campaign affects over 51,000 websites since 2022

    According to a recent research by security firm Sucuri, a malware campaign called Balada Injector has infected over one million WordPress websites since 2017 by exploiting known vulnerabilities in themes and plugins.… read more »
  • Apr 9, 2023

    AlienFox: Unraveling the Multi-Functional Cloud Spammer's Swiss Army Knife

    In a comprehensive analysis published by SentinelOne Labs, researchers dissect the inner workings of AlienFox, a highly versatile and multi-functional malware highlighting its features and the risks it poses.… read more »
  • Apr 9, 2023

    GOPURAM Backdoor: A Deep Dive into the 3CX Supply Chain Attack

    In a recent article published by Securelist, researchers detailed the supply chain attack targeting the 3CX Phone System: the attackers managed to compromise the 3CX update infrastructure and deployed a malicious backdoor, dubbed GOPURAM, to unsuspecting users.… read more »
  • Apr 8, 2023

    Discovered a new Cylance variant with advanced features

    Security researchers at Cyble recently discovered a new ransomware variant with some concerning capabilities. Called 'Cylance, this ransomware has a number of advanced features that allow attackers to customize attacks.… read more »
  • Apr 8, 2023

    Bitdefender's Cybersecurity Assessment Report 2023: Companies Hiding Data Breaches

    The report, which summarizes the results of a survey conducted between December 2022 and January 2023, also shows that 52% of IT professionals admit their companies have experienced a data breach or leak in the last 12 months.… read more »
  • Apr 7, 2023

    Telegram becoming a Hub for Phishing Kits and campaigns

    Researchers have discovered that cybercriminals are using Telegram to sell phishing kits and set up phishing campaigns. … read more »
  • Apr 5, 2023

    Typhon Reborn malware returns with improved capabilities

    According to a report by Cisco Talos, the Typhon Reborn information-stealing malware has returned with an updated version that includes improved capabilities to evade detection and analysis. … read more »
  • Apr 4, 2023

    Rorschach raises the bar for ransomware attacks

    Check Point researchers have discovered a new strain of ransomware called Rorschach, with unique characteristics that make it one of the fastest ransomware threats today.… read more »
  • Apr 4, 2023

    Cybercriminals use SFX archives to install backdoors

    CrowdStrike researchers have discovered that SFX archives are being exploited to hide infected files capable of installing backdoors that bypass operating system security measures.… read more »
  • Apr 1, 2023

    3CX Desktop App targeted in supply chain attack

    Researchers at cybersecurity firm Cyble have conducted a comprehensive analysis of the supply chain attack targeting customers of 3CX, a VoIP IPBX software development company. … read more »
  • Apr 1, 2023

    Unauthenticated RCE vulnerability found in Azure Service Fabric Explorer

    Orca Security researchers discovered a new vulnerability called Super FabriXss (CVE-2023-23383 – CVSS score: 8.2) in Azure Service Fabric Explorer that allows unauthenticated remote code execution.… read more »
  • Mar 29, 2023

    Zero-Day exploits used by commercial spyware vendors to target dissidents and journalists

    Google's Threat Analysis Group (TAG) has released a report stating that commercial spyware vendors have been exploiting zero-day vulnerabilities that were addressed last year in order to target Android and iOS devices.… read more »
  • Mar 29, 2023

    TOR Browser installers used to spread cryptocurrency theft malware

    Since September 2022, trojanised installers for the TOR browser have been used to distribute Clipper malware, which steals cryptocurrency from users in Russia and Eastern Europe.… read more »
  • Mar 29, 2023

    APT43: a new North Korean espionage group

    A new report from cybersecurity firm Mandiant sheds light on a previously unknown threat actor operating on behalf of the North Korean regime and using cybercrime to fund its espionage operations.… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna

Cybersecurity expert, software developer, experienced digital forensic analyst, musician