Andrea Fortuna
AboutRss
  • Dec 10, 2019

    Integrating Security into DevOps

    Security should be built into every part of the DevOps lifecycle, including inception, design, build, test, release, support, maintenance, and beyond. This model of security in DevOps is often called DevSecOps. DevSecOps aims to improve security through shared responsibility with… read more »
  • Dec 9, 2019

    My Weekly RoundUp #119

    Last week was challenging: i left my old job and started in the same role in a new company.But, despite I haven’t had much spare time for reading my RSS feeds, I was able to collect some interesting news, especially… read more »
  • Dec 7, 2019

    Android flaw allows attackers to permanently freeze your device

    Android's December 2019 updates patches a small list of system and Qualcomm flaws across the operating system’s two patch levels [1].According with Google, a specific flaws (CVE-2019-2232) may allows an attacker to cause a permanent denial of service by simply… read more »
  • Dec 6, 2019

    Access Analyzer for S3: a new tool from Amazon for monitor, review, and protect S3 buckets

    At the re:Invent event, Amazon Web Services reveiled a new tool that can help customers to avoid publishing of unsecured S3 buckets. Access Analyzer for S3 is a new feature that monitors your access policies, ensuring that the policies provide… read more »
  • Dec 5, 2019

    BlackDirect: a vulnerability in Microsoft OAuth 2.0 may allows attackers to takeover Microsoft and Azure Accounts

    Security researcher Omer Tsarfati from CyberArk has discovered [1] a vulnerability in Microsoft's OAuth implementation that may allows attacker to create authentication tokens with the victim’s permissions. This could let a malicious attacker access and control a victim’s account and… read more »
  • Dec 4, 2019

    Netsons.com security breach: some customers' data may have been leaked

    Recently, the italian hosting provider Netsons [1] discovered some unauthorized access on its Management System, occurred on March 2019. According with GDPR article 34 [2], Netsons had to inform its custover about the databreach. Here the statement: we would like… read more »
  • Dec 4, 2019

    RIPlace: a new evasion technique that allows ransomware to bypass most antivirus

    Researchers by cybersecurity firm Nyotron has discovered a new way that lets windows malware to modify files in a unique style that current anti-ransomware solutions are unable to identify. The technique [1] exploits documented Windows file system rename operations, altering… read more »
  • Dec 3, 2019

    New frontiers of planned obsolescence: your SSD may dies after 32.768 hours of use

    Hewlett Packard Enterprise has issued a notice about some of its solid-state hard drives: they have a defect that causes the crash of the drive after exactly 32.768 hours of operation (3 years, 270 days and 8 hours). A firmware's… read more »
« Previous page Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andrea-fortuna
  • andrea

Cybersecurity expert, software developer, experienced digital forensic analyst, musician