Andrea Fortuna
AboutSearch
Tools
DFIR Toolkit OSINT Toolkit
  • Nov 27, 2019

    Flan Scan: a lightweight network vulnerability scanner by Cloudflare

    Cloudflare released a new open source vulnerability scanner that uses Nmap results to generate more complex vulnerability reports. … read more »
  • Nov 26, 2019

    CVE-2019-14271: a Docker 'cp' container escape vulnerability

    Researchers from Paloalto Networks’ Unit42 discovered an issue in the implementation of the Docker cp command that can lead to full container escape if exploited by an attacker. … read more »
  • Nov 22, 2019

    A new Android vulnerability (CVE-2019-2234) allows attackers to hijack Camera App

    Researchers from Checkmarx Security Research Team has discovered and disclosed a vulnerability [2] in Android camera app that may allows a malicious app to bypass camera access permissions. … read more »
  • Nov 21, 2019

    New WhatsApp vulnerability allows remote command execution using a crafted MP4 file

    Update your client ASAP! … read more »
  • Nov 20, 2019

    ATFuzzer: exploiting AT commands on Android basebands using malicious USB and Bluetooth accessories

    Researchers at Purdue College and University of Iowa have revealed a paper detailing how the baseband processors of a large number of common Android smartphones may be compromised using malicious USB and Bluetooth accessories. … read more »
  • Nov 19, 2019

    146 new security vulnerabilities discovered in various Android versions

    Researchers by security firm Kryptowire have discovered and revealed 146 vulnerabilities in various version of Android. … read more »
  • Nov 15, 2019

    Court forces e-mail provider Tutanota to release unencrypted messages

    The e-mail provider Tutanota advertises to be the “world’s most secure e-mail service”. The company offers encrypted e-mail communication and claims to have six million customers relying on this security promise. … read more »
  • Nov 15, 2019

    Facebook phishing attempt using image share notifications

    Just a short post to report an interesting phenomenon! … read more »
  • Nov 14, 2019

    Vulnerabilities in 5G protocol may allows to track users and make fake emergency alerts

    Security researchers at Purdue University and the University of Iowa have found new vulnerabilities that can be used to track a victim’s real-time location, spoof emergency alerts or silently disconnect a phone from the 5G network. … read more »
  • Nov 13, 2019

    A glitch on Facebook App's UI reveals a weird camera activity

    UPDATE 2019/11/14: Facebook released version 247.0 that fixes the glitch. … read more »
  • Nov 12, 2019

    The myths of VPNs

    Some days ago, a group of servers belonging to multiple VPN providers has been breached. After this events, many people have expressed doubts about the real usefulness of VPNs. … read more »
  • Nov 8, 2019

    MESSAGETAP: Eavesdropping on SMS Messages inside Telco Networks

    FireEye reports on a Chinese-sponsored espionage campaign to eavesdrop on text messages, violating telco servers: yet another example that demonstrates why end-to-end message encryption is so important. … read more »
  • Nov 7, 2019

    Some thoughts about WS-Discovery DDoS attacks

    Security researchers from Akamai published interesting details about the Web Services Dynamic Discovery (WS-Discovery) protocol, which they say can be abused to launch massive DDoS attacks. … read more »
  • Nov 6, 2019

    Light Commands: hacking voice assistants via laser beam

    Researchers from the University of Michigan and the University of Electro-Communications in Tokyo, demonstrated that is possible to hack smart voice assistants like Siri, Alexa and Google using a lasers beam to send them inaudible commands. … read more »
  • Nov 5, 2019

    A brand-new mass attack uses BlueKeep exploit to infect with Monero miners

    It was just a matter of time: the first “mass exploiting” of BlueKeep vulnerability is spotted in the wild. If you haven’t already patched your servers, do it asap! … read more »
  • Nov 1, 2019

    CVE-2019-13720: new Chrome 0-day bug exploited in the wild

    Yesterday, Google engineers released an urgent update for the Chrome browser to patch an actively exploited zero-day. … read more »
  • Nov 1, 2019

    The warp drive is now a little less impossible

    How feasible are Warp Drives? A new theory opens the door to the possibility of creating a real warp drive (in the future!). … read more »
  • Oct 31, 2019

    CPDoS in a nutshell

    Recently, a team of cybersecurity researchers from Cologne University of Applied Sciences (Hoai Viet Nguyenand Luigi Lo Iacono) has disclosed a new cache poisoning attack against CDN systems that could be used to force a website into delivering error pages… read more »
  • Oct 30, 2019

    Pwnagotchi: the open source gadget for WiFi pwning!

    Remember the Tamagotchi? Simone Margaritelli/Evilsocket created the Pwnagotchi, a mix between a game from the 90s and a wardriving tool, with a touch of machine learning. … read more »
  • Oct 29, 2019

    Happy 50th Birthday, Internet!

    On October 29, 1969, a first data packet was transmitted between two computers. It was the spark that started Internet. … read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna

Cybersecurity expert, software developer, experienced digital forensic analyst, musician