Security News

Friday Squid Blogging: Giant Squid Found on Spanish Beach
2024-10-25 21:01

A giant squid has washed up on a beach in Northern Spain. Blog moderation policy.

New Poco RAT Targets Spanish-Speaking Victims in Phishing Campaign
2024-07-11 10:12

Spanish language victims are the target of an email phishing campaign that delivers a new remote access trojan called Poco RAT since at least February 2024. Infection chains begin with phishing messages bearing finance-themed lures that trick recipients into clicking on an embedded URL pointing to a 7-Zip archive file hosted on Google Drive.

Lazarus impersonated Meta recruiter to breach Spanish aerospace firm
2023-10-02 08:40

Operators of the North Korea-linked Lazarus APT obtained initial access to the network of an aerospace company in Spain last year after a successful spearphishing campaign, by masquerading as a recruiter for Meta - the company behind Facebook, Instagram, and WhatsApp. The initial contact by the attacker impersonating a recruiter from Meta.

Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
2023-09-29 12:10

The North Korea-linked Lazarus Group has been linked to a cyber espionage attack targeting an unnamed aerospace company in Spain in which employees of the firm were approached by the threat actor...

Training in Spanish for cyber security pros
2023-06-21 13:25

Delegates attending between Monday 6 November and Saturday 11 November 2023 will be taught in Spanish by native Spanish speaking instructors. The event features practical cyber security training taught by real-world practitioners, augmented by hands-on practical sessions conducted in specially created safe virtual labs.

New Botnet Malware 'Horabot' Targets Spanish-Speaking Users in Latin America
2023-06-02 12:03

Spanish-speaking users in Latin America have been at the receiving end of a new botnet malware dubbed Horabot since at least November 2020. "Horabot enables the threat actor to control the victim's Outlook mailbox, exfiltrate contacts' email addresses, and send phishing emails with malicious HTML attachments to all addresses in the victim's mailbox," Cisco Talos researcher Chetan Raghuprasad said.

Spanish Police Takes Down Massive Cybercrime Ring, 40 Arrested
2023-05-11 14:00

The National Police of Spain said it arrested 40 individuals for their alleged involvement in an organized crime gang called Trinitarians. Among those apprehended include two hackers who carried out bank scams through phishing and smishing techniques and 15 other members of the crime syndicate, who have all been charged with a number of offenses such as bank fraud, forging documents, identity theft, and money laundering.

Spanish police dismantle phishing operation linked to crime ring
2023-05-09 21:29

The National Police of Spain have arrested two hackers, 15 members of a criminal organization, and another 23 people involved in illegal financial operations in Madrid and Seville for alleged bank scams. The cybercrime operation is an email and SMS-based phishing campaign that allegedly scammed over 300,000 people and resulted in confirmed losses of at least 700,000 euros.

Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-Days
2022-12-01 14:32

A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018. "Their Heliconia framework exploits n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender, and provides all the tools necessary to deploy a payload to a target device," Google Threat Analysis Group researchers Clement Lecigne and Benoit Sevens said in a write-up.

Google Accuses Spanish Spyware Vendor of Exploiting Chrome, Firefox, & Windows Zero-Days
2022-12-01 14:32

A Barcelona-based surveillanceware vendor named Variston IT is said to have surreptitiously planted spyware on targeted devices by exploiting several zero-day flaws in Google Chrome, Mozilla Firefox, and Windows, some of which date back to December 2018. "Their Heliconia framework exploits n-day vulnerabilities in Chrome, Firefox, and Microsoft Defender, and provides all the tools necessary to deploy a payload to a target device," Google Threat Analysis Group researchers Clement Lecigne and Benoit Sevens said in a write-up.