VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages

Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics SVG files as part of phishing attacks impersonating the Colombian judicial system. The SVG files, according to VirusTotal, are distributed via email and designed to execute an embedded...

Blind Eagle's Five Clusters Target Colombia Using RATs, Phishing Lures, and Dynamic DNS Infra

Cybersecurity researchers have discovered five distinct activity clusters linked to a persistent threat actor known as Blind Eagle between May 2024 and July 2025. These attacks, observed by Recorded Future Insikt Group, targeted various victims, but primarily within the Colombian government acros...

The Everyday Security of Living with Conflict

When cyber' is used as a prefix, attention is typically drawn to the technological and spectacular aspects of war and conflict -- and, by extension, security. We offer a different approach to engaging with and understanding security in such contexts, by foregrounding the everyday -- mundane --...

PT-2024-7974

Name of the Vulnerable Software and Affected Versions Microsoft Windows versions prior to the November 2024 security updates Description This is a spoofing issue in the New Technology LAN Manager NTLM protocol that allows attackers to steal NTLMv2 hashes with minimal user interaction. The...

colombes.admin-touriz.fr Cross Site Scripting vulnerability OBB-3860982

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Formbook Takes the Throne as Most Prevalent Malware

By Waqas September 2023’s Most Wanted Malware: Remcos Wreaks Havoc in Colombia and Formbook Takes Top Spot after Qbot Shutdown, reveals Check Point. This is a post from HackRead.com Read the original post: Formbook Takes the Throne as Most Prevalent Malware...

eco.colombiaaprende.edu.co Cross Site Scripting vulnerability OBB-3719140

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered

The cyber espionage actor tracked as Blind Eagle has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social...

APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia. The activity, which was detected by the BlackBerry Research and Intelligence Team on February 20, 2023, is also said to encompass Ecuador, Chile, and Spain, suggesting a slow...

APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia

The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia. The activity, which was detected by the BlackBerry Research and Intelligence Team on February 20, 2023, is also said to encompass Ecuador, Chile, and Spain, suggesting a slow...

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

The first-ever Linux variant of the Clop ransomware has been detected in the wild, but with a faulty encryption algorithm that has made it possible to reverse engineer the process. "The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying...

Linux Variant of Clop Ransomware Spotted, But Uses Faulty Encryption Algorithm

The first-ever Linux variant of the Clop ransomware has been detected in the wild, but with a faulty encryption algorithm that has made it possible to reverse engineer the process. "The ELF executable contains a flawed encryption algorithm making it possible to decrypt locked files without paying...

Blind Eagle Hackers Return with Refined Tools and Sophisticated Infection Chain

A financially motivated threat actor tracked as Blind Eagle has resurfaced with a refined toolset and an elaborate infection chain as part of its attacks targeting organizations in Colombia and Ecuador. Check Point's latest research offers new insights into the Spanish-speaking group's tactics an...

colombia-travels.com Cross Site Scripting vulnerability OBB-3112913

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

carpascolombia.com Cross Site Scripting vulnerability OBB-2960593

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

colombiachamber.com Cross Site Scripting vulnerability OBB-2780657

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

agenciaespacialdecolombia.org Cross Site Scripting vulnerability OBB-2774085

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Imperva is on Top of the World as it Announces New PoP in Bogotá

Imperva is on top of the world to announce the opening of our newest and highest data center yet in Bogotá, Colombia. This latest move represents our commitment as an organization to improve performance, security and connectivity for our customers in the Colombian market. In the very center of th...

Security giant exposed 3TB of sensitive airport & employees data

By Waqas The exposed data impacted airports in Colombia, Peru, and probably other countries “or even the rest of the… This is a post from HackRead.com Read the original post: Security giant exposed 3TB of sensitive airport & employees data...

pekeUpload cross-site scripting vulnerability

PekeUpload is a Jquery Html5 file upload plugin from the personal developer Pedro Molina in Colombia. pekeUpload suffers from a cross-site scripting vulnerability that exists due to insufficient cleanup of user-supplied data. A remote attacker could exploit the vulnerability to be able to trick a...