Andrea Fortuna | So Long, and Thanks for All the Fish

Android flaw allows attackers to permanently freeze your device

On December 7, 2019 By Andrea Fortuna In Cybersecurity

Android’s December 2019 updates patches a small list of system and Qualcomm flaws across the operating system’s two patch levels [1].According with Google, a specific flaws (CVE-2019-2232) may allows an attacker to cause a permanent …

Access Analyzer for S3: a new tool from Amazon for monitor, review, and protect S3 buckets

On December 6, 2019 By Andrea Fortuna In Cybersecurity

At the re:Invent event, Amazon Web Services reveiled a new tool that can help customers to avoid publishing of unsecured S3 buckets.

BlackDirect: a vulnerability in Microsoft OAuth 2.0 may allows attackers to takeover Microsoft and Azure Accounts

On December 5, 2019 By Andrea Fortuna In Cybersecurity

Security researcher Omer Tsarfati from CyberArk has discovered [1] a vulnerability in Microsoft’s OAuth implementation that may allows attacker to create authentication tokens with the victim’s permissions. This could let a malicious attacker access and …

RIPlace: a new evasion technique that allows ransomware to bypass most antivirus

On December 4, 2019 By Andrea Fortuna In Malware Analysis

Researchers by cybersecurity firm Nyotron has discovered a new way that lets windows malware to modify files in a unique style that current anti-ransomware solutions are unable to identify.