Andrea Fortuna
AboutRss
  • Jun 29, 2025

    Cybersecurity and chess: strategy, defense, and sacrifice

    Among my many passions, one stands out for being as humbling as it is addictive: chess. Despite being a fairly mediocre player (my win/loss ratio is… let’s say balanced by optimism), I absolutely love spending my free time playing online… read more »
  • Jun 20, 2025

    Unpopular opinion: Kubernetes is a symptom, not a solution.

    Today I decided to run a little experiment. I asked an AI to write a brutally honest, no-holds-barred critique of Kubernetes, something really spicy that would make the container orchestration crowd squirm in their ergonomic office chairs. “Make it controversial,”… read more »
  • Jun 15, 2025

    The songs that never were

    A few days ago, a friend dropped what she probably thought was a simple compliment: “I’ve been listening to your music on Spotify: I really love your guitar pieces. But why don’t you ever play them live?” Her face when… read more »
  • Jun 13, 2025

    Task Masking: the art of looking busy

    A new phenomenon has emerged that’s capturing the attention of managers, HR departments, and workplace psychologists alike. It’s called “task masking,” and it represents a fascinating intersection of technology, psychology, and workplace rebellion that’s reshaping how we think about productivity.… read more »
  • May 23, 2025

    iCloud Mail vs Gmail: privacy and security comparison

    Recently, a friend asked me about the differences between Gmail and iCloud email services, particularly from a security and privacy standpoint. I found myself unable to give a definitive answer on the spot, which prompted me to dive deeper into… read more »
  • May 3, 2025

    Rethinking 'Quiet Quitting': from perceived crisis to healthy evolution

    In recent years, a term has infiltrated our collective workplace vocabulary, seemingly striking apprehension into the hearts of managers globally: “quiet quitting.” If you have been following workplace trends, you have likely encountered a barrage of articles, often painting this… read more »
  • Apr 29, 2025

    Digital breadcrumbs: tracking Threat Actors through Favicon hashes

    Cyber Threat Intelligence (CTI) is critical for identifying, monitoring, and responding to malicious actors and infrastructures. Traditionally, CTI has relied on obvious indicators of compromise (IoCs) like IP addresses, domain names, and malware hashes. However, these indicators can quickly lose… read more »
  • Apr 24, 2025

    Reflecting on my leadership journey: identifying subtle habits that undermine team success

    Over the years, I’ve come to recognize and work on a series of leadership habits that, despite appearing beneficial at first glance, can significantly disrupt team dynamics and hinder overall performance. These habits often stem from a genuine desire to… read more »
  • Apr 20, 2025

    LOLBins: when good tools go bad

    “Why bring your own tools when the house is already full of them?” This is precisely the principle behind one of the most cunning techniques employed by cybercriminals: the use of LOLBins. What are LOLBins? LOLBins, an acronym for “Living… read more »
  • Apr 18, 2025

    From Zero Day to Zen Day: a mindful approach to Cybersecurity Stress

    On this blog, i usually dive deep into the worlds of technology and cybersecurity , discussing the latest threats, exploring new architectures, and debating the best security postures. These are fields demanding precision, vigilance, and often, high stakes. The pressure… read more »
  • Apr 15, 2025

    Slopsquatting: a new attack vector that exploits AI's programming mistakes

    Recently, a new method of attack has emerged that specifically targets the growing intersection between artificial intelligence and software development. This technique, known as “slopsquatting,” represents a clever exploitation of AI-assisted programming that could potentially bypass traditional security measures and… read more »
  • Apr 11, 2025

    Face Value: the hidden privacy risks of AI photo filters

    With just a click, platforms like ChatGPT can transform your everyday selfie into a pastel character straight out of a Studio Ghibli film. The process is charming, the results endearing, and the entire experience takes mere seconds. But in our… read more »
  • Apr 7, 2025

    The OSINT playbook: essential tools and tutorials for every analyst

    Over the years, I’ve published numerous tutorials and resource lists dedicated to OSINT (Open Source Intelligence). Many of you have found these resources valuable for your research and investigations. Today, I wanted to compile a fresh, comprehensive, and updated article… read more »
  • Mar 28, 2025

    Is your boss quietly firing you? Unmasking the silent workplace sabotage

    I’ve previously discussed similar toxic workplace dynamics in my article on mobbing and straining, where we explored the silent, insidious threats that can destroy employee morale and wellbeing (read it here). Today, I want to focus on another particularly reprehensible… read more »
  • Mar 23, 2025

    From Open Data to Cyber Defense: leveraging OSINT for effective NIS2 compliance

    Today I’d like to explore how OSINT can help companies, especially small and medium-sized enterprises (SMEs), comply with the European NIS2 directive—a regulation designed to boost cybersecurity standards across the continent. We will also delve into insights from Mirko Lapi’s… read more »
  • Mar 20, 2025

    That time my 90s computer teacher predicted the AI Coding Revolution

    Remember when writing code meant hunching over a keyboard, manually typing out every semicolon and bracket? Those days are vanishing faster than floppy disks at a tech convention. We’re living through a seismic shift in software development—one where developers are… read more »
  • Mar 16, 2025

    Measuring the breaking point: how Intezer's SOC Burnout Index can save your Security Team

    Disclosure: This article is based on publicly available information about Intezer’s SOC Burnout Index. I have no professional relationship, partnership, or collaboration with Intezer. This analysis represents my independent perspective on their methodology and its potential benefits for security teams.… read more »
  • Mar 11, 2025

    No juniors allowed: how cybersecurity is shooting itself in the foot

    In recent years, as cyber threats multiply by the hour, the desperate need for cybersecurity talent has never been more acute. Industry reports paint a staggering picture: over 3.5 million cybersecurity positions remain unfilled globally, with the gap widening each… read more »
  • Feb 22, 2025

    The 'corridor syndrome': why company welfare programs miss the point

    In today’s work environment, companies have been striving to improve employee welfare and work-life balance. However, a recent report by CENSIS highlights a critical oversight: the blurring lines between work and personal life, often referred to as the “corridor syndrome”.… read more »
  • Feb 1, 2025

    The uncomfortable truth: cybercriminals don't care about your KRIs

    When I first stepped into the IT world in 1999, the term “cybersecurity” wasn’t the buzzword it is today. In fact, most people would have given you a puzzled look if you’d mentioned it in casual conversation. Back then, we… read more »
Next page »

Andrea Fortuna

  • Andrea Fortuna
  • andrea@andreafortuna.org
  • andreafortuna
  • andreafortunaig
  • andrea-fortuna
  • andrea
  • andreafortunatw

Cybersecurity expert, software developer, experienced digital forensic analyst, musician