Andrea Fortuna
AboutSearch
Tools
DFIR Toolkit OSINT Toolkit
  • Oct 10, 2019

    Two NTLM vulnerabilities may allow full AD domain compromise

    On October 2019 Patch Tuesday, Microsoft released patches for CVE-2019-1166 and CVE-2019-1338, two serious vulnerabilities that may leading to a full Active Directory domain compromise. … read more »
  • Oct 9, 2019

    Venator: <a href="https://www.andreafortuna.org/2019/08/15/os-x-forensic-acquisition-a-basic-workflow/">information gathering on OSX</a> systems

    Some weeks ago I’ve already written about information gathering on OSX systems, related to the forensic investigation process. … read more »
  • Oct 8, 2019

    How to upgrade BIOS on a Lenovo laptop running linux

    Usually, Lenovo releases BIOS updates in two formats: a single .EXE file, that needs to be executed on a Windows OS, and a .ISO file that needs to be burned on a CD. … read more »
  • Oct 4, 2019

    Watch out! A new vulnerability in WhatsApp for Android allows attackers to perform remote commands on devices

    Security researcher Awakened has identified a vulnerability in the Android version of WhatsApp messaging app which could allow attackers to launch remote code execution attacks (with privilege elevation) on victims. … read more »
  • Oct 3, 2019

    Some thoughts about Windows 10 "Timeline" forensics artifacts

    Today i’ll talk you briefly about the Windows 10 “Timeline”: a feature that can come in handy during a forensic analysis. How to access it and how to analyze it? … read more »
  • Oct 2, 2019

    Also Node.js has been used to perform a Living off the Land (LotL) attack

    Researchers from Cisco Talos recently discovered a new malware loader being used to deliver and infect systems using NodeJS as well as the legitimate open-source utility WinDivert. … read more »
  • Oct 1, 2019

    CVE-2019-16928: a new vulnerability on Exim exposes millions of email servers to remote attacks

    Another potential RCE in Exim! Let’s update, folks! … read more »
  • Sep 28, 2019

    #WIBattack: Not only S@T Browser, but also WIB SIM toolKit is vulnerable to SimJacker attacks

    Do you remember the Simjacker vulnerability, that resides in the S@T Browser toolkit, installed on a variety of SIM cards provided by mobile operators in at least 30 countries? … read more »
  • Sep 27, 2019

    Checkm8: a new 'unpatchable' jailbreak for all iOS devices from iPhone 4s to iPhone X

    The security expert Axi0mX has released a new jailbreak, dubbed Checkm8, that works on all iOS devices running on A5 to A11 chipsets: so all Apple products released between 2011 and 2017, including iPhone models from 4S to X. … read more »
  • Sep 27, 2019

    How the progress bar keeps you sane, by Daniel Engber

    It don’t really matter if the progress bar is giving you the accurate percent done. What matter is that it is there at all: just see it there made people feel better! … read more »
  • Sep 26, 2019

    Windows Forensics: analysis of Recycle bin artifacts

    The Windows Recycle Bin contains files that have been deleted by the user, but not yet purged from the system: a valuable source of evidence for an examiner. … read more »
  • Sep 25, 2019

    PEpper: a python script to perform malware static analysis on Portable Executable format

    A useful tool: fast and easy to use. … read more »
  • Sep 24, 2019

    How to install latest Widevine plugin on Chromium

    In order to watch Netflix! … read more »
  • Sep 20, 2019

    How to record screen on Linux from command line

    Using just FFMPEG! … read more »
  • Sep 19, 2019

    i3 window manager on laptops: my configuration

    In a previous post I’ve explained the setup of my “ultra geek” laptop: a cheap Dell with Debian, a minimal graphical interface (i3) and a small subset of light applications. … read more »
  • Sep 18, 2019

    Nano editor: a configuration for code editing

    12 simple configuration tips for your .nanorc file, useful for programmers! … read more »
  • Sep 17, 2019

    Richard Stallman leaves MIT and Free Software Foundation: let's summarize

    A thorny issue, I admit. … read more »
  • Sep 13, 2019

    Win32/StealthFalcon malware uses Windows Background Intelligent Transfer Service (BITS) to communicates to its C&C servers

    Stealth Falcon is a state-sponsored cyber espionage group that since 2012 targets political activists and journalists in the Middle East. … read more »
  • Sep 12, 2019

    Simjacker: a brand new mobile vulnerability exploited by surveillance companies for espionage operation

    Some updates here! … read more »
  • Sep 12, 2019

    Some thoughts about Browser Fingerprinting

    Browser fingerprinting is an incredibly accurate method of tracking online activity but, luckily, there are a few things you can do to try to wipe your fingerprints. … read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna

Cybersecurity expert, software developer, experienced digital forensic analyst, musician