28 matches found
A Bootiful Podcast: Java developer advocate Ana-Maria Mihalceanu
I had a wonderful chat with Java Developer Advocate Ana-Maria Mihalceanu about Java Flight Recorder, Project Babylon, Project Panama, and so many other exciting things in the Java ecosystem...
MAL-2025-33151 Malicious code in shopify_panama (npm)
The package shopifypanama was found to contain malicious code...
Our capabilities. A story about what we can achieve
Introduction Over the years we have been fortunate to have been called upon to help with some challenging investigations. iPhone prize scams, ransomware attacks that weren't, aiding the Steele Dossier case, and even a fraudulent €14 million transfer. Here we've picked out the most interesting one...
Hello, Java 22!
update I've since published a Spring Tips video on this very topic! If you'd prefer, you could watch that instead. Hi, Spring fans! Happy Java 22 release day, to those who celebrate! Did you get the bits already? Go, go, go! Java 22 is a significant improvement that I think is a worthy upgrade fo...
ShadowSyndicate: A New Cybercrime Group Linked to 7 Ransomware Families
Cybersecurity experts have shed light on a new cybercrime group known as ShadowSyndicate formerly Infra Storm that may have leveraged as many as seven different ransomware families over the past year. "ShadowSyndicate is a threat actor that works with various ransomware groups and affiliates of...
New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America
Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim's Outlook mailbox, exfiltrate contacts' email addresses, and send phishing emails with malicious HTML...
panamadivecenter.com Cross Site Scripting vulnerability OBB-3322596
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
This Week in Spring - March 7th, 2023
Hi, Spring fans! Welcome to another installment of This Week in Spring! It's an amazing week, and this week we've got a lot to look at. Let's dive right into it. Spring Cloud Function for Azure Function Spring Data 2022.0.3 and 2021.2.9 released Spring R2DBC for Reactive Relational Databases in...
panamaamerica.com.pa Cross Site Scripting vulnerability OBB-2833229
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Untangling KNOTWEED: European private-sector offensive actor using 0-day exploits
The Microsoft Threat Intelligence Center MSTIC and the Microsoft Security Response Center MSRC found a private-sector offensive actor PSOA using multiple Windows and Adobe 0-day exploits, including one for the recently patched CVE-2022-22047, in limited and targeted attacks against European and...
Conti Leaks: Examining the Panama Papers of Ransomware | Trellix
Conti Leaks: Examining the Panama Papers of Ransomware By John Fokker, Jambul Tologonov · March 31, 2022 Introduction It isn’t often the whole world gets an inside look of the business operations of a top tier cybercriminal group. Very early on in the Russian-Ukrainian Crisis the predominantly...
Conti Leaks: Examining the Panama Papers of Ransomware | Trellix
Conti Leaks: Examining the Panama Papers of Ransomware By John Fokker, Jambul Tologonov · March 31, 2022 Introduction It isn’t often the whole world gets an inside look of the business operations of a top tier cybercriminal group. Very early on in the Russian-Ukrainian Crisis the predominantly...
foodsafetypanama.com Cross Site Scripting vulnerability OBB-1473078
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
properties.naipanama.com Cross Site Scripting vulnerability OBB-1311017
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
panama-lottery.com Cross Site Scripting vulnerability OBB-1280414
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
panamaanuncios.com Cross Site Scripting vulnerability OBB-1234816
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
panama-offshore-services.com Improper Access Control vulnerability
Open Bug Bounty ID: OBB-1086448 Security Researcher DakkarKey Helped patch 407 vulnerabilities Received 6 Coordinated Disclosure badges Received 14 recommendations , a holder of 6 badges for responsible and coordinated disclosure, found a security vulnerability affecting...
NordVPN Breached
There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates. Those certificates might be issued for other servers in NordVPN's network or for a variety...
Ongoing Attack Stealing Credit Cards From Over A Hundred Shopping Sites
Researchers from Chinese cybersecurity firm Qihoo 360's NetLab have revealed details of an ongoing credit card hacking campaign that is currently stealing payment card information of customers visiting more than 105 e-commerce websites. While monitoring a malicious domain,...
panama.ny.schoolwebpages.com XSS vulnerability
Open Bug Bounty ID: OBB-323686 Description| Value ---|--- Affected Website:| panama.ny.schoolwebpages.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...