Finnish Authorities Detain Crew After Undersea Internet Cable Severed

After a sudden internet cable break between Finland and Estonia, authorities have seized the cargo ship Fitburg. With two crew members arrested and sanctioned steel found on board, investigators are now probing if this was an accident or a deliberate act of hybrid warfare...

Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide

Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service CaaS platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud. The coordinated law enforcement effort, dubbed Operation...

E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia's Key Ministries

The Council of the European Union has sanctioned three individuals for allegedly carrying out "malicious cyber activities" against Estonia. The three Russian nationals – Nikolay Alexandrovich Korchagin, Vitaly Shevchenko, and Yuriy Fedorovich Denisov – are officers of the General Staff of the Arm...

Payoro: A Glimmer of Disruption in the Banking Sector

By Owais Sultan Estonias Tallinn, renowned for its medieval aesthetic, is not typically the first name one considers when reflecting upon… This is a post from HackRead.com Read the original post: Payoro: A Glimmer of Disruption in the Banking Sector...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at Future Summits in Antwerp, Belgium, on May 18, 2022. I’m speaking at IT-S Now 2022 in Vienna, Austria, on June 2, 2022. I’m speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn,...

Upcoming Speaking Engagements

This is a current list of where and when I am scheduled to speak: I’m speaking at the RSA Conference 2022 in San Francisco on February 8, 2022. I’m speaking at IT-S Now 2022 in Vienna on June 2, 2022. I’m speaking at the 14th International Conference on Cyber Conflict, CyCon 2022, in Tallinn,...

Webware Webdesktop Code Issue Vulnerability

Webware Webdesktop is an application software from the company Webware in the Republic of Estonia. A document management software. A code issue vulnerability exists in Webware Webdesktop version 5.1.15. The vulnerability stems from the system allowing an attacker to read all files on the server. ...

Estonia's Volunteer Cyber Militia

Interesting -- although short and not very detailed -- article about Estonia's volunteer cyber-defense militia. Padar's militia of amateur IT workers, economists, lawyers, and other white-hat types are grouped in the city of Tartu, about 65 miles from the Russian border, and in the capital,...

WordPress FV Flowplayer 7.2.0.727 Cross Site Scripting Vulnerability

Exploit for php platform in category web applications Reflected XSS in FV Flowplayer Wordpress plugin ================================================================ Author: Janek Vind "waraxe" Date: 20. September 2018 Location: Estonia, Tartu Web: http://www.waraxe.us/advisory-107.html Target...

Martem TELEM-GW6/GWM (Update B)

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Martem Equipment : TELEM-GW6/GWM --------- Begin Update B Part 1 of 5 -------- Vulnerabilities : Missing Authentication for Critical Function, Incorrect Default Permissions, Resource Exhaustion,...

tartumaa.kontakt.ee XSS vulnerability

Open Bug Bounty ID: OBB-501365 Description| Value ---|--- Affected Website:| tartumaa.kontakt.ee Open Bug Bounty Program:| Not created yet Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N...

Lessons Learned from the Estonian National ID Security Flaw

Estonia recently suffered a major flaw in the security of their national ID card. This article discusses the fix and the lessons learned from the incident: In the future, the infrastructure dependency on one digital identity platform must be decreased, the use of several alternatives must be...

A week in security (October 30 – November 5)

Last week on our blog, we told you what to expect at the upcoming Irisscon security conference in Dublin. We gave you a quick introduction into the why and how of analyzing malware based on their API calls. And we issued a warning about some lesser-known cybercrimes. Plus we explained why emergin...

Updated opensc_etc packages fix security vulnerability

A vulnerability, dubbed ROCA, was identified in an implementation of RSA key generation due to a fault in a code library developed by Infineon Technologies. The affected encryption keys are used to secure many forms of technology, such as hardware chips, authentication tokens, software packages,...

Ecava IntegraXor

CVSS v3 7.3 ATTENTION: Remotely exploitable/low skill level to exploit. Vendor: Ecava Equipment: IntegraXor Vulnerability: SQL Injection AFFECTED PRODUCTS The following versions of IntegraXor, a web SCADA/HMI solution, are affected: IntegraXor Versions 5.2.1231.0 and prior. IMPACT Successful...

Sky Plus Estonia - AWS Credentials, Base64 encoded String, Customized SSL vulnerabilities

HackApp vulnerability scanner discovered that application Sky Plus Estonia published at the 'play' market has multiple vulnerabilities...

Cameras Estonia - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Cameras Estonia published at the 'play' market has multiple vulnerabilities...

Nasdaq to Use Bitcoin-style Blockchain to Record Shareholder Votes

The Nasdaq stock exchange and the Republic of Estonia have announced the use of Blockchain-based technology to allow shareholders of companies to e-vote in shareholder meetings even when they're abroad, according to Nasdaq's press release. Global stock market giant is developing an electronic...

estonia.delovoi.net XSS vulnerability

Vulnerable URL: http://estonia.delovoi.net/search.php?mode=search=1in=x" onmouseover=prompt/XSSPOSED/ " Details: Description| Value ---|--- Patched:| No Latest check for patch:| 25.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| Unknown / Not calculated Goog...

padaste.estonia.topdestination.de XSS vulnerability

Open Bug Bounty ID: OBB-56160 Description| Value ---|--- Affected Website:| padaste.estonia.topdestination.de Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...