Andrea Fortuna
AboutSearch
Tools
DFIR Toolkit OSINT Toolkit
  • May 15, 2020

    Weekly Privacy Roundup #7

    There's something really liberating about having some corner of your life that's yours, that no one gets to see except you.… read more »
  • May 14, 2020

    curl: my own cheatsheet

    curl is a project providing a library and command-line tool for transferring data using various protocols.The command line tool can be used inside shell scripts with ease and it has around 120 command line options for various tasks. Is a… read more »
  • May 13, 2020

    Weekly Cybersecurity Roundup #7

    "Amateurs hack systems, professionals hack people" - Bruce Schneier… read more »
  • May 12, 2020

    Thunderspy: a Thunderbolt security flaw that affects all systems released before 2019

    Björn Ruytenberg, a researcher of Eindhoven University of Technology, published a research about a new vulnerability in Thunderbolt ports.… read more »
  • May 11, 2020

    Weekly Tech Roundup #6

    "Computers are useless. They can only give you answers" - Pablo Picasso… read more »
  • May 8, 2020

    “Psychic Paper”: an amazingly simple iOS sandbox escape exploit

    Security researcher Siguza published a really interesting paper about a strange bug in iOS XML parsers, still unpatched, that allows sandbox escape… read more »
  • May 7, 2020

    Some thoughts about detectability and feasibility of mobile eavesdropping on smartphones

    A research presented in 2019 by Jacob Leon Kröger and Philip Raschke, during the 33rd Annual IFIP WG 11.3 Conference, analyze technical and economical feasibility of eavesdropping on modern smartphones… read more »
  • May 6, 2020

    Weekly Privacy Roundup #6

    "If someone steals your password, you can change it. But if someone steals your thumbprint, you can’t get a new thumb. The failure modes are very different." – Bruce Schneier … read more »
  • May 5, 2020

    Practical approach to Golden Ticket Attacks: one technique, five useful tools

    Some days ago, I read an interesting article by Raj Chandel (@rajchandel), in which is explained the usage of five tool (including mimikatz) to generate a Golden Ticket… read more »
  • May 4, 2020

    Weekly Cybersecurity Roundup #6

    "Being able to break security doesn't make you a hacker anymore than being able to hotwire cars makes you an automotive engineer." - Eric Raymond… read more »
  • May 1, 2020

    Weekly Tech Roundup #5

    "The first rule of any technology used in a business is that automation applied to an efficient operation will magnify the efficiency. The second is that automation applied to an inefficient operation will magnify the inefficiency." - Bill Gates… read more »
  • Apr 30, 2020

    iOS forensic acquisition methods

    Vladimir Katalov published, on ElcomSoft's blog, a good post about forensic acquisition techniques for iOS devices. It's a really interesting paper, from which I'd like to share some highlights: Logical acquisition Logical acquisition is the fastest, simplest, and most compatible… read more »
  • Apr 29, 2020

    Weekly Privacy Roundup #5

    "What does censorship reveal? It reveals fear" - Julian Assange… read more »
  • Apr 28, 2020

    COVID-19: some concerns about Contact Tracing apps

    The Electronic Frontier Foundation, one of the most respected associations for the protection of privacy and digital rights, that fights since its beginnings against abuses of digital technologies, has published a large article that takes stock of anti-pandemic tracking apps,… read more »
  • Apr 27, 2020

    Weekly Cybersecurity Roundup #5

    A lot of interesting links, this week: Ransonmware, new APT grops, new vulnerabilities and (as usual) some coronavirus-related news! TEMPEST@Home - Finding Radio Frequency Side Channels Have you ever listened to a photocopier or a car engine to infer what… read more »
  • Apr 24, 2020

    Weekly Tech Roundup #4

    "I do not fear computers. I fear lack of them."— Isaac Asimov Cloudflare Workers Now Support COBOL Recently, COBOL has been in the news as the State of New Jersey has asked for help with a COBOL-based system for unemployment claims. The system… read more »
  • Apr 23, 2020

    New iOS zero-days allows unassisted attacks via Mail.app

    Cybersecurity startup ZecOps discovered two zero-day vulnerabilities affecting iPhone and iPad devices during the analysis of a series of ongoing remote attacks that have targeted iOS users since at least January 2018. Following a routine iOS Digital Forensics and Incident… read more »
  • Apr 22, 2020

    Weekly Privacy Roundup #4

    D'oh! A lot of dataleaks! Telsy’s report on UniCredit’s data breach went viral worldwide On the evening of April 19, Telsy denounced that the personal data of about 3000 employees of the UniCredit S.p.A. bank, one of the largest banks… read more »
  • Apr 21, 2020

    Beware! A fully functional SMBGhost exploit will be coming soon!

    A proof-of-concept remote code execution exploit for the Windows 10 "SMBGhost" vulnerability (CVE-2020-0796) was developed and presented yesterday by Yuki Koike, a researcher by Ricerca Security. The vulnerability, that only impacts specific versions of Windows 10 and Windows Server, was… read more »
  • Apr 20, 2020

    Weekly Cybersecurity Roundup #4

    As was the case in the past weeks, threat actors attempt to capitalize on coronavirus outbreak. System32 Comics Is BGP Safe Yet? No. But we are tracking it carefully BGP leaks and hijacks have been accepted as an unavoidable part… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna

Cybersecurity expert, software developer, experienced digital forensic analyst, musician