Tarlogic

🚨 #BlueSpy is now available on our GitHub. This proof-of-concept allows you to listen in on conversations from Bluetooth headsets without your users' knowledge. We have already alerted manufacturers whose devices have some vulnerabilities. github.com/TarlogicSecuri…

📲 Perform threat analysis, use strong encryption, implement strict access control for mobile apps... These recommendations are key when developing mobile applications that meet the highest security standards. tarlogic.com/blog/mobile-ap…

📲 Encrypt sensitive data, implement authentication protocols, validate incoming data, obfuscate code... What best practices can be implemented in mobile app development to strengthen their security? 👇🏼 tarlogic.com/blog/best-prac…

🚨 Have you seen a trick on TikTok to get a free paid account for software by pasting commands into your computer? Don't do it, you'll infect it. That's #ClickFix, a malicious technique that's difficult to detect 👇🏼 tarlogic.com/blog/clickfix-…

🛡️ Train the Blue Team, 🌀 update your security strategy to deal with the latest techniques, ⚔️ optimize incident response... Discover the benefits for a company of undergoing a Red Team assessment 👇🏼 tarlogic.com/blog/what-is-r…

🔎 Locate vulnerabilities, 👉🏼 identify poor development practices, and 📃 document attack vectors. We review the objectives of mobile app security audits and explain how they are carried out 👇🏼 tarlogic.com/blog/security-…

🏆 A few days ago, @atarasco received the 2025 ISACA Madrid Award for Cybersecurity Entrepreneurship. An award for him and his brother Miguel, the founders of @Tarlogic, but above all, for everyone who is or has been part of the company at any point ❤️ tarlogic.com/news/andres-an…

What is the probability that a vulnerability has already been exploited? This is what the LEV indicator, designed by @NIST to help companies prioritize the mitigation of vulnerabilities affecting their assets, measures 👇🏼 tarlogic.com/blog/lev-nist/

👀 Threat detected? Slipper deployed. In cybersecurity, just like at mom’s house: If it moves funny, it gets neutralized before it hits the floor. 🩴💨 #ThreatHunting

🔐 Why is it critical to integrate security into web application development? ⚠️ What are the consequences of not doing so? 🧩 How can you implement a DevSecOps strategy? 👇🏼 tarlogic.com/blog/how-to-in…

🌍 @Tarlogic is at @money2020 Amsterdam today as an exhibitor! @JessicaCohenV and Alessandro Lepre are showcasing our commitment to a safer financial future to the key players of the #Fintech ecosystem, thanks to the support of @ICEX_ 💥🔐

💶 How can sophisticated and difficult-to-detect bank fraud be combated? Cyber intelligence experts play a crucial role in understanding criminals' TTPs and optimizing detection mechanisms. tarlogic.com/blog/cyber-int…

🚨 Windows Server 2025 is affected by a vulnerability that would allow attackers to escalate to domain administrator privileges. The S.T.A².R.S Team at @Tarlogic explains how #BadSuccessor is exploited and how to mitigate it. tarlogic.com/blog/badsucces…

💣 £300 million and almost three months to get back to normal. This week, the cost of the cyberattack suffered by M&S, a leading British retail company, has been revealed. How can retail companies prevent serious incidents? tarlogic.com/blog/cyberatta…

We at @Tarlogic have discovered, using our #BSAM guide, the high impact CVE-2024-58101, according to @MITREcorp, which allows the pairing of Samsung Galaxy Buds and Buds 2 devices without users' consent. tarlogic.com/blog/cve-2024-…

🤔 What are the differences between SAST, DAST, and SCA? Why is it important to combine all of them when detecting vulnerabilities in software? tarlogic.com/blog/sast-dast…

🚨 A critical and easily exploitable vulnerability allows remote code execution on the Erlang/OTP SSH server. The S.T.A².R.S Team at @Tarlogic explains how to detect and mitigate this vulnerability and the exploitation process. tarlogic.com/blog/cve-2025-…

🟥 Joint liability for infringements and even temporary suspension from their duties. This is what executives of companies that do not comply with the obligations of the future Cybersecurity Law are exposed to 👇🏼 tarlogic.com/blog/obligatio…

⛓️ Vulnerabilities in smart contracts, attacks on consensus mechanisms or the network, deficiencies in key management... Blockchain Pentesting services help companies face the threats to this technology. tarlogic.com/blog/blockchai…

💻 Preventing vulnerabilities in web code and ensuring that it is secure by design. These are two of the benefits of conducting a web source code audit. What are the others? 😉 tarlogic.com/blog/website-s…

First it was BleSpammer. Now it's VSC Enumerator. The @Tarlogic Innovation team has just released a new PoC that allows to discover hidden commands in Bluetooth adapters. In this GitHub link you have all the info 👇 github.com/TarlogicSecuri…