Cybersecurity experts
π A few days ago, AndrΓ©s TarascΓ³ received the 2025 ISACA Madrid Award for Cybersecurity Entrepreneurship. An award for him and his brother Miguel, the founders of @Tarlogic, but above all, for everyone who is or has been part of the company at any point.
This award is yours. All of yours β€οΈ
https://www.tarlogic.com/news/andres-and-miguel-tarasco-receive-the-isaca-madrid-award/
What is the probability that a vulnerability has already been exploited? This is what the LEV indicator, designed by NIST to help companies prioritize the mitigation of vulnerabilities affecting their assets, measures ππΌ
https://www.tarlogic.com/blog/lev-nist/
π Threat detected? Slipper deployed.
In cybersecurity, just like at momβs house:
If it moves funny, it gets neutralized before it hits the floor. π©΄π¨
π Why is it critical to integrate security into web application development?
β οΈ What are the consequences of not doing so?
𧩠How can you implement a DevSecOps strategy? ππΌ
https://www.tarlogic.com/blog/how-to-integrate-security-web-application-development-cycle/
π @Tarlogic is at @money2020 Amsterdam today as an exhibitor!
Jessica Cohen and Alessandro Lepre are showcasing our commitment to a safer financial future to the key players of the #Fintech ecosystem, thanks to the support of ICEX π₯π
πΆ How can sophisticated and difficult-to-detect bank fraud be combated? Cyber intelligence experts play a crucial role in understanding criminals' TTPs and optimizing detection mechanisms.
https://www.tarlogic.com/blog/cyber-intelligence-bank-fraud/
π¨ Windows Server 2025 is affected by a vulnerability that would allow attackers to escalate to domain administrator privileges. The S.T.AΒ².R.S Team at @Tarlogic explains how #BadSuccessor is exploited and how to mitigate it.
https://www.tarlogic.com/blog/badsuccessor/
π£ Β£300 million and almost three months to get back to normal. This week, the cost of the cyberattack suffered by M&S, a leading British retail company, has been revealed. How can retail companies prevent serious incidents?
https://www.tarlogic.com/blog/cyberattacks-against-retail-sector/
We at @Tarlogic have discovered, using our #BSAM guide, the high impact CVE-2024-58101, according to MITRE, which allows the pairing of Samsung Galaxy Buds and Buds 2 devices without users' consent.
https://www.tarlogic.com/blog/cve-2024-58101/
π€ What are the differences between SAST, DAST, and SCA? Why is it important to combine all of them when detecting vulnerabilities in software?
https://www.tarlogic.com/blog/sast-dast-sca/
π¨ A critical and easily exploitable vulnerability allows remote code execution on the Erlang/OTP SSH server. The S.T.AΒ².R.S Unit at @Tarlogic explains how to detect and mitigate this vulnerability and the exploitation process.
https://www.tarlogic.com/blog/cve-2025-32433-erlang-otp-ssh-server/
π₯ Joint liability for infringements and even temporary suspension from their duties. This is what executives of companies that do not comply with the obligations of the future Cybersecurity Law are exposed to ππΌ
https://www.tarlogic.com/blog/obligations-cybersecurity-law-executives/
βοΈ Vulnerabilities in smart contracts, attacks on consensus mechanisms or the network, deficiencies in key management... Blockchain Pentesting services help companies face the threats to this technology.
https://www.tarlogic.com/blog/blockchain-pentesting-necessary/
π» Preventing vulnerabilities in web code and ensuring that it is secure by design. These are two of the benefits of conducting a web source code audit. What are the others? π
https://www.tarlogic.com/blog/website-source-code-audit-why-is-it-important/
First it was BleSpammer. Now it's VSC Enumerator. The @Tarlogic Innovation team has just released a new PoC that allows to discover hidden commands in Bluetooth adapters.
In this GitHub link you have all the info π
https://github.com/TarlogicSecurity/BluetoothExamplesAndDemos
A cyberattack can leave us without π₯ bread, π§ cheese or πΊ beer. A serious security incident can affect the business continuity of a food company. How can they be prevented, detected and resolved so that they do not cause substantial losses?
https://www.tarlogic.com/blog/cybersecurity-food-sector/
π¨ Five vulnerabilities affecting Kubernetes' Ingress NGINX Controller would allow remote attackers to execute commands without authenticating. The S.T.AΒ².R.S Team at @Tarlogic explains how to mitigate them to prevent exploitation.
https://www.tarlogic.com/blog/ingressnightmare-kubernetes-ingress-nginx-controller/
BleSpammer is the name of the new PoC that allows you to saturate the screens of mobile phones, tablets or computers by generating an infinite number of pop-ups like the ones that appear when you want to pair wireless headphones.
All the info on GitHubπ
https://github.com/TarlogicSecurity/BluetoothExamplesAndDemos
π Disconnection from the internet, paralysis of activity and substantial economic losses. Cyberattacks against routers in industries and companies can seriously affect companies. We review the main trends surrounding this threat ππΌ
https://www.tarlogic.com/blog/cyberattacks-against-routers-industries/
We continue to publish more technical information on the ESP32 HCI commands π
https://www.tarlogic.com/blog/esp32-hidden-hci-vendor-commands/