223 matches found
Mastermind Behind Twitter 2020 Hack Pleads Guilty and Faces up to 70 Years in Prison
A U.K. national has pleaded guilty in the U.S. in connection with the July 2020 Twitter attack affecting numerous high-profile accounts and defrauding other users of the platform. Joseph James O'Connor, who also went by the online alias PlugwalkJoe , admitted to "his role in cyberstalking and...
Blind Eagle Cyber Espionage Group Strikes Again: New Attack Chain Uncovered
The cyber espionage actor tracked as Blind Eagle has been linked to a new multi-stage attack chain that leads to the deployment of the NjRAT remote access trojan on compromised systems. "The group is known for using a variety of sophisticated attack techniques, including custom malware, social...
New QBot Banking Trojan Campaign Hijacks Business Emails to Spread Malware
A new QBot malware campaign is leveraging hijacked business correspondence to trick unsuspecting victims into installing the malware, new findings from Kaspersky reveal. The latest activity, which commenced on April 4, 2023, has primarily targeted users in Germany, Argentina, Italy, Algeria, Spai...
APT-C-36 Strikes Again: Blind Eagle Hackers Target Key Industries in Colombia
The threat actor known as Blind Eagle has been linked to a new campaign targeting various key industries in Colombia. The activity, which was detected by the BlackBerry Research and Intelligence Team on February 20, 2023, is also said to encompass Ecuador, Chile, and Spain, suggesting a slow...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at Mobile World Congress 2023 in Barcelona, Spain, on March 1, 2023 at 1:00 PM CET. I’m speaking on “How to Reclaim Power in the Digital World” at EPFL in Lausanne, Switzerland, on Thursday, March 16, 2023, at 5:30 PM...
OpenKM 跨站脚本漏洞
OpenKM is a document management system from OpenKM Spain. The system provides features such as version control, document history and file sharing. A security vulnerability exists in OpenKM. An attacker could exploit this vulnerability to perform cross-site scripting attacks...
Godfather Android banking malware is on the rise
Researchers at Cyble Research & Intelligence Labs CRIL have found a new version of the Android banking Trojan called Godfather. The new version of Godfather uses an icon and name similar to a legitimate application named MYT Music, which is hosted on the Google Play Store with over 10 million...
Update 18.18 for Microsoft Dynamics 365 Business Central 2021 Release Wave 1 (Application Build 18.18.49460, Platform Build 18.0.49352)
None None...
Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022
The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive. Other prominent industry verticals targeted include healthcare, governments,...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the 24th International Information Security Conference in Madrid, Spain, on November 17, 2022. The list is maintained on this page...
Cumulative Update 58 for Microsoft Dynamics NAV 2018 (Build 49345)
None None...
These Dropper Apps On Play Store Targeting Over 200 Banking and Cryptocurrency Wallets
Five malicious dropper Android apps with over 130,000 cumulative installations have been discovered on the Google Play Store distributing banking trojans like SharkBot and Vultur, which are capable of stealing financial data and performing on-device fraud. "These droppers continue the unstopping...
Upcoming Speaking Engagements
This is a current list of where and when I am scheduled to speak: I’m speaking at the World Ethical Data Forum, online, October 26-28, 2022. I’m speaking at the 24th International Information Security Conference in Madrid, Spain, on November 17, 2022. The list is maintained on this page...
studyinspain.info Cross Site Scripting vulnerability OBB-2928331
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Grandoreiro Banking Trojan Attacks Industries in Spanish-Speaking Countries
Threat Level Attack Report For a detailed advisory, download the pdf file here Summary Grandoreiro banking trojan is a campaign that has been active since at least 2016 and targets a variety of businesses in Mexico and Spain, including automotive, chemical production, and others. Threat actors...
New Grandoreiro Banking Malware Campaign Targeting Spanish Manufacturers
Organizations in the Spanish-speaking nations of Mexico and Spain are in the crosshairs of a new campaign designed to deliver the Grandoreiro banking trojan. "In this campaign, the threat actors impersonate government officials from the Attorney General's Office of Mexico City and from the Public...
SOVA Android Banking Trojan Returns With New Capabilities and Targets
The SOVA Android banking trojan is continuing to be actively developed with upgraded capabilities to target no less than 200 mobile applications, including banking apps and crypto exchanges and wallets, up from 90 apps when it started out. That's according to the latest findings from Italian...
Spain Nabs Two For Allegedly Hacking Radiation Alert System
By Deeba Ahmed Spanish police have confirmed arresting two nuclear power employees suspected of hacking Spain’s radioactivity alert network RAR operated by the… This is a post from HackRead.com Read the original post: Spain Nabs Two For Allegedly Hacking Radiation Alert System...
CVE-2022-31597
Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to...
CVE-2022-31597
Within SAP S/4HANA - versions S4CORE 101, 102, 103, 104, 105, 106, SAPSCORE 127, the application business partner extension for Spain/Slovakia does not perform necessary authorization checks for a low privileged authenticated user over the network, resulting in escalation of privileges leading to...