Ciberseguridad: El Factor Humano. Published on April 5, 2021 “No es el conocimiento, sino el acto de aprendizaje, y no la posesión, sino el acto de...
Author: admin
The Hacker News – YIKES! Hackers flood the web with 100,000 pages offering malicious PDFs
April 15, 2021Ravie Lakshmanan Cybercriminals are resorting to search engine poisoning techniques to lure business professionals into seemingly legitimate Google sites that install a Remote Access...
DARKReading – Microsoft Warns of Malware Delivery via Google URLs
A new campaign abuses legitimate website contact forms to send URLs that ultimately deliver the IcedID banking Trojan. Microsoft has warned organizations of a new attack...
threathpost – Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes
Author:Tom SpringApril 14, 2021 8:46 am3 minute read Write a comment Share this article: Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack....
threathpost – A Post-Data Privacy World and Data-Rights Management
InfoSec InsiderJoseph CarsonApril 14, 2021 1:21 pm2 minute read Write a comment Share this article: Joseph Carson, chief security scientist at Thycotic, discusses the death of data privacy and what...
DARKReading – CISA Urges Caution for Security Researchers Targeted in Attack Campaign
The agency urges researchers to take precautions amid an ongoing targeted threat campaign. The Cybersecurity and Infrastructure Security Agency (CISA) is cautioning cybersecurity researchers to keep...
threatpost – Security Bug Allows Attackers to Brick Kubernetes Clusters
Author:Tara SealsApril 14, 2021 4:56 pm3 minute read Write a comment The vulnerability is triggered when a cloud container pulls a malicious image from a registry. A vulnerability in...
The Hacker News – New WhatsApp Bugs Could’ve Let Attackers Hack Your Phone Remotely
April 14, 2021Ravie Lakshmanan Facebook-owned WhatsApp recently addressed two security vulnerabilities in its messaging app for Android that could have been exploited to execute malicious code...
threathpost – Microsoft Has Busy April Patch Tuesday with Zero-Days, Exchange Fixes
Author:Tom SpringApril 14, 2021 8:46 am3 minute read Write a comment Microsoft fixes 110 vulnerabilities, with 19 classified as critical and another flaw under active attack. Microsoft had its...
threathpost – 100,000 Google Sites Used to Install SolarMarket RAT
Author:Elizabeth MontalbanoApril 14, 2021 10:48 am2:30 minute read Write a comment Search-engine optimization (SEO) tactics direct users searching for common business forms such as invoices, receipts or other templates...
welivesecurity – Clubhouse in the spotlight after user records posted online
Reports of another trove of scraped user data add to the recent woes of popular social media platforms Amer Owaida12 Apr 2021 – 04:28PMShare It seems...
The Hacker News – New JavaScript Exploit Can Now Carry Out DDR4 Rowhammer Attacks
April 14, 2021Ravie Lakshmanan Academics from Vrije University in Amsterdam and ETH Zurich have published a new research paper describing yet another variation of the Rowhammer...
DARKReading – FBI Operation Remotely Removes Web Shells From Exchange Servers
A court order authorized the FBI to remove malicious Web shells from hundreds of vulnerable machines running on-premises Exchange Server. A court order has authorized an...
threadpost – FBI Clears ProxyLogon Web Shells from Hundreds of Orgs
Author:Tara SealsApril 14, 2021 1:31 pm3:30 minute read Write a comment In a veritable cyber-SWAT action, the Feds remotely removed the infections without warning businesses beforehand. The Feds have...
welivesecurity – WhatsApp flaw lets anyone lock you out of your account
An attacker can lock you out of the app using just your phone number and without requiring any action on your part Amer Owaida13 Apr 2021...
Dario Borges – Cyber Security Advisor – Ciberseguridad, ajedrez y esgrima; en todos ellos, gana quien comete el penúltimo error.
por Darío F. Borges. Minas, Lavalleja – Uruguay La situación sanitaria global y sus consecuencias han sido el catalizador de enormes cambios a nivel funcional y procedural...
Adrian Judzik – Cyber Advisor – Ciberseguridad: ¿Es el marketing el problema?
” El aumento del conocimiento depende por completo de la existencia del desacuerdo” Karl Popper Diariamente podemos leer noticias que alguna organismo o empresa ha sido vulnerada...
The Hacker News – Hackers Tampered With APKPure Store to Distribute Malware Apps
April 09, 2021Ravie Lakshmanan APKPure, one of the largest alternative app stores outside of the Google Play Store, was infected with malware this week, allowing threat...
The Hacker News – RCE Exploit Released for Unpatched Chrome, Opera, and Brave Browsers
April 12, 2021Ravie Lakshmanan An Indian security researcher has publicly published a proof-of-concept (PoC) exploit code for a newly discovered flaw impacting Google Chrome and other...
The Hacker News – BRATA Malware Poses as Android Security Scanners on Google Play Store
April 12, 2021Ravie Lakshmanan A new set of malicious Android apps have been caught posing as app security scanners on the official Play Store to distribute...
The Hacker News – Detecting the “Next” SolarWinds-Style Cyber Attack
April 13, 2021The Hacker News The SolarWinds attack, which succeeded by utilizing the sunburst malware, shocked the cyber-security industry. This attack achieved persistence and was able to evade...
The Hacker News – Hackers Using Website’s Contact Forms to Deliver IcedID Malware
April 13, 2021Ravie Lakshmanan Microsoft has warned organizations of a “unique” attack campaign that abuses contact forms published on websites to deliver malicious links to businesses...
threatpost – 1.3M Clubhouse Users’ Data Dumped in Hacker Forum for Free
Author:Becky BrackenApril 12, 2021 4:18 pm3:30 minute read Write a comment Clubhouse denies it was ‘breached’ and says the data is out there for anyone to grab. Clubhouse, the...
threadpost – Chrome Zero-Day Exploit Posted on Twitter
Author:Elizabeth MontalbanoApril 13, 2021 9:40 am2:30 minute read Write a comment An update to Google’s browser that fixes the flaw is expected to be released on Tuesday. A researcher...
Google Security Blog – Rust in the Android platform
April 6, 2021Posted by Jeff Vander Stoep and Stephen Hines, Android Team Correctness of code in the Android platform is a top priority for the security,...
CSO Online – The SolarWinds hack timeline: Who knew what, and when?
Impact, detection, response, and ongoing fallout from the attack on SolarWinds’ Orion remote IT management software. Details of the 2020 SolarWinds attack continue to unfold, and it may...
CSO Online – Top cybercrime gangs use targeted fake job offers to deploy stealthy backdoor
The Golden Chickens cybercriminal gang is believed to sell its more_eggs backdoor for spear phishing campaigns executed using information gleaned from victims’ LinkedIn profiles. By Lucian Constantin...
CSO Online – Coca-Cola trade secret theft underscores importance of insider threat early detection
A research engineer used basic exfiltration techniques to steal trade secrets from Coca-Cola, but wasn’t caught until she attempted to steal similar data from another company....
CSO Online – How data poisoning attacks corrupt machine learning models
Data poisoning can render machine learning models inaccurate, possibly resulting in poor decisions based on faulty outputs. With no easy fixes available, security pros must focus...
WeLive Security – FBI: Cybercrime losses topped US$4.2 billion in 2020
The Bureau received over 28,000 reports of COVID-19-themed scams last year Amer Owaida18 Mar 2021 – 05:23PMShare The United States’ Federal Bureau of Investigation (FBI) received...