Andrea Fortuna
AboutRss
  • May 18, 2016

    Check and Fix SD Card from the android terminal emulator

    Your Android SD card gets “corrupted” and you don’t have a PC to connect the smartphone and make the check of SD card? It’s possibile to make this operation directly from the smartphone? (rooted and with busybox installed, of course!)… read more »
  • May 17, 2016

    A Memory Access Violation in Symantec Antivirus Engine could crash your windows system

    Symantec’s Anti-Virus Engine was susceptible to memory access violation due to a kernel-level flaw when parsing a specifically-crafted PE header file. The most common symptom of a successful attack would result in an immediate system crash, aka. Blue Screen of Death… read more »
  • May 16, 2016

    Microsoft will double the number of Ads in the start menu of Windows 10?

    I just read this on The Verge: [embed]http://www.theverge.com/2016/5/16/11682164/microsoft-windows-10-promoted-apps-start-menu-anniversary-update[/embed] Seriously? Ads? But, what kind of Ads? Really, by reading the article it turns out that the “Ads” are just placeholders for applications that Microsoft ‘recommends’ for download, differentiated by country: Promoted apps… read more »
  • May 16, 2016

    SQL Injection in a Nutshell

    Ay Caramba! … read more »
  • May 16, 2016

    Crashing OSX and iOS apps with a simple PNG image

    Lander Brandt has discovered a denial of service vulnerability in ImageIO, a library of utilities for parsing various image formats. Which apps as affected? It’s used in many OS X and iOS applications including: Tweetbot Safari Messages Mail Preview Some… read more »
  • May 16, 2016

    Practical Malware Analysis, a complete starter kit

    Anyone who works in cybersecurity should read Practical Malware Analysis. Topics covered are the following: Set up a safe virtual environment to analyze malware Quickly extract network signatures and host-based indicators Use key analysis tools like IDA Pro, OllyDbg, and… read more »
  • May 14, 2016

    CVE-2016–4117: a new Adobe Flash 0-DAY in the wild

    Adobe has released a patch (APSB16–15) for a flash vulnerability (CVE-2016-4117) detected on May 8, 2016 by FireEye. FireEye has discovered an attack method based on embedding the Flash exploit inside a Microsoft Office document. The attacker hosts the MSOffice… read more »
  • May 12, 2016

    Fast de-obfuscation of javascript code

    In the last days, I had to examine the obfuscated JavaScript code inside of some malicious html pages. The original javascript code The obfuscation method is the classic ‘array-mapped’: you declare an array of functions and variable names that will… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andrea-fortuna
  • andrea

Cybersecurity expert, software developer, experienced digital forensic analyst, musician