Security News

Orange Spain suffered an internet outage today after a hacker breached the company's RIPE account to misconfigure BGP routing and an RPKI configuration. "Resource Public Key Infrastructure is a cryptographic method of signing records that associate a BGP route announcement with the correct originating AS number," explains a Cloudflare article on RPKI. By enabling RPKI with a routing body such as ARIN or RIPE, a network can cryptographically certify that only routers under their control can advertise an AS number and their associated IP addresses.

The Spanish police have arrested one of the alleged leaders of the 'Kelvin Security' hacking group, which is believed to be responsible for 300 cyberattacks against organizations in 90 countries since 2020. News of the arrest of a leader of the financial component of the group was posted to the Spanish National Police's Telegram channel Sunday morning, stating that the threat actors are linked to attacks on government institutions across Spain, Germany, Italy, Argentina, Chile, Japan, and the United States.

Spanish law enforcement officials have announced the arrest of 34 members of a criminal group that carried out various online scams, netting the gang about €3 million ($3.2 million) in illegal...

The Spanish National Police have dismantled a cybercriminal organization that carried out a variety of computer scams to steal and monetize the data of over four million people. Law enforcement in the country conducted 16 targeted searches in Madrid, Malaga, Huelva, Alicante, and Murcia and arrested 34 members of the crime group.

The National Police of Spain is warning of an ongoing 'LockBit Locker' ransomware campaign targeting architecture companies in the country through phishing emails. BleepingComputer's analysis shows that the executed Python script will check if the user is an admin of the device, and if so, make modifications to the system for persistence and then executes the 'LockBit Locker' ransomware to encrypt files.

If you say THE Twitter hack, everyone knows you mean the one that happened in July 2020, when a small group of cybercriminals ended up in control of a small number of Twitter accounts and used them to talk up a cryptocoin fraud. SIM swaps are where a criminal sweet-talks, bribes or coerces a mobile phone provider into issuing them with a "Replacment" SIM card for someone else's number, typically under the guise of wanting to buy a new phone or urgently needing to replace a lost SIM. The victim's SIM card goes dead, and the crook starts receiving their calls and text messages, notably including any two-factor authentication codes needed for secure logins or password resets.

The police in Spain have arrested José Luis Huertas, a 19-year-old regarded as the most dangerous hackers in the country. A police investigation started in November 2022 eventually lead to the identification and arrest of the young hacker, who has been described as "a serious threat to national security."

Spain's National Police and the U.S. Secret Service have dismantled a Madrid-based international cybercrime ring comprised of nine members who stole over €5,000,000 from individuals and North American companies. The cybercrime gang specializes in online scams, employing social engineering, phishing, and smishing to collect sensitive victim details and then use that information to commit financial fraud.

In painstaking work backed by computers, Pierrot found "Distinct families" of about 120 symbols used by Charles V. "Whole words are encrypted with a single symbol" and the emperor replaced vowels coming after consonants with marks, she said, an inspiration probably coming from Arabic. In another obstacle, he used meaningless symbols to mislead any adversary trying to decipher the message.

The notorious 'Grandoreiro' banking trojan was spotted in recent attacks targeting employees of a chemicals manufacturer in Spain and workers of automotive and machinery makers in Mexico. It involves the deployment of a Grandoreiro malware variant featuring several new features to evade detection and anti-analysis, as well as a revamped C2 system.