Andrea Fortuna
AboutRss
  • Mar 9, 2023

    CERT, CSIRT or SOC?

    CERT and CSIRT are often used synonymously describing incident response teams, while SOC has a broader cyber security scope.… read more »
  • Mar 9, 2023

    Bitwarden vulnerability allows attackers to steal passwords using iframes

    The popular open-source password management service, Bitwarden, offers an auto-fill feature that can automatically fill in users' saved credentials when they visit a website. However, this feature has a potentially dangerous behavior that could allow malicious iframes embedded in trusted… read more »
  • Mar 8, 2023

    Sharp Panda is starting to use a new version of the Soul framework

    Chinese threat actor Sharp Panda has targeted high-profile government agencies in Southeast Asia with a cyber espionage campaign using a new version of the Soul modular framework. … read more »
  • Mar 6, 2023

    MITIGA expose Google Cloud Platform's lack of forensic storage visibility

    A new report from cybersecurity firm MITIGA has revealed that malicious actors can exploit a lack of forensic visibility in Google Cloud Platform to exfiltrate sensitive data.… read more »
  • Mar 5, 2023

    CrowdStrike released the 2023 Global Threat Report

    CrowdStrike has released its 9th Annual Global Threat Report, which provides a comprehensive overview of threat actor behaviour, tactics and trends over the past year. The report is based on the activities of more than 200 cyber adversaries and covers… read more »
  • Mar 3, 2023

    CISA released DECIDER, an open source tool that helps generate MITRE ATT&CK mappings.

    The Cybersecurity and Infrastructure Security Agency (CISA) recently launched a free tool called Decider to help the cybersecurity community map threat actor behaviour to the MITRE ATT&CK Framework. … read more »
  • Mar 2, 2023

    Iron Tiger group creates Linux version of its custom malware

    According to research recently published by cybersecurity firm Trend Micro, Iron Tiger, a Chinese-speaking threat group known for targeting organisations in East Asia, has created a Linux version of its custom malware known as SysUpdate.… read more »
  • Feb 28, 2023

    Blind Eagle has reappeared with a refined toolset

    Blind Eagle, a financially motivated threat actor also known as APT-C-36, has launched attacks targeting organizations in Colombia and Ecuador since at least 2018. … read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna
  • andreafortuna
  • andreafortunatw

Cybersecurity expert, software developer, experienced digital forensic analyst, musician