📰 Noticias de Ciberseguridad

Mantente informado sobre las últimas amenazas, vulnerabilidades, y avances en el mundo de la ciberseguridad. Análisis técnico con perspectiva ética.

🕒 Actualizado diariamente 🔍 Análisis técnico ⚖️ Perspectiva ética

📈 Todas las Noticias (12 artículos)

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that the attackers appear to control valid credentials rather than brute-forcing." A significant chunk of

vulnerabilidades #noticia#ciberseguridad

Hackers Turn Velociraptor DFIR Tool Into Weapon in LockBit Ransomware Attacks

Threat actors are abusing Velociraptor, an open-source digital forensics and incident response (DFIR) tool, in connection with ransomware attacks likely orchestrated by Storm-2603 (aka CL-CRI-1040 or Gold Salem), which is known for deploying the Warlock and LockBit ransomware. The threat actor's use of the security utility was documented by Sophos last month. It's assessed that the attackers

amenazas #noticia#ciberseguridad

Cisco, Fortinet, Palo Alto Networks Devices Targeted in Coordinated Campaign

GreyNoise has discovered that attacks exploiting Cisco, Fortinet, and Palo Alto Networks vulnerabilities are launched from the same infrastructure.

vulnerabilidades #vulnerabilidades#cisco +3

DDoS Botnet Aisuru Blankets US ISPs in Record DDoS

The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on U.S. Internet providers like AT&T, Comcast and Verizon, new evidence suggests. Experts say the heavy concentration of infected devices at U.S. providers is complicating efforts to limit collateral damage from the botnet's attacks, which shattered previous records this week with a brief traffic flood that clocked in at nearly 30 trillion bits of data per second.

amenazas #noticia#ciberseguridad

In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware

Other noteworthy stories that might have slipped under the radar: US universities targeted by payroll pirates, Zimbra vulnerability exploited, Mic-E-Mouse attack. The post In Other News: Gladinet Flaw Exploitation, Attacks on ICS Honeypot, ClayRat Spyware appeared first on SecurityWeek.

vulnerabilidades #noticia#ciberseguridad

RondoDox Botnet Takes ‘Exploit Shotgun’ Approach

The botnet packs over 50 exploits targeting unpatched routers, DVRs, NVRs, CCTV systems, servers, and other network devices. The post RondoDox Botnet Takes ‘Exploit Shotgun’ Approach appeared first on SecurityWeek.

vulnerabilidades #noticia#ciberseguridad

Stealit Malware Abuses Node.js Single Executable Feature via Game and VPN Installers

Cybersecurity researchers have disclosed details of an active malware campaign called Stealit that has leveraged Node.js' Single Executable Application (SEA) feature as a way to distribute its payloads. According to Fortinet FortiGuard Labs, select iterations have also employed the open-source Electron framework to deliver the malware. It's assessed that the malware is being propagated through

amenazas #noticia#ciberseguridad

ShinyHunters Wage Broad Corporate Extortion Spree

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched a website that threatens to publish data stolen from dozens of Fortune 500 firms if they refuse to pay a ransom. The group also claimed responsibility for a recent breach involving Discord user data, and for stealing terabytes of sensitive files from thousands of customers of the enterprise software maker Red Hat.

amenazas #noticia#ciberseguridad

Feds Tie ‘Scattered Spider’ Duo to $115M in Ransoms

U.S. prosecutors last week levied criminal hacking charges against 19-year-old U.K. national Thalha Jubair for allegedly being a core member of Scattered Spider, a prolific cybercrime group blamed for extorting at least $115 million in ransom payments from victims. The charges came as Jubair and an alleged co-conspirator appeared in a London court to face accusations of hacking into and extorting several large U.K. retailers, the London transit system, and healthcare providers in the United States.

investigacion #noticia#ciberseguridad

Descubren el primer caso de colaboración entre los grupos APT Gamaredon y Turla

El famoso grupo APT Turla colaboró con Gamaredon en una serie de ataques a objetivos de alto perfil en Ucrania. Ambos grupos están asociados al FSB (Servicio Federal de Seguridad) ruso.

amenazas #noticia#ciberseguridad +3

Qilin: el ransomware que ofrece asesoramiento legal a sus afiliados

El grupo Qilin, que funciona como ransomware as a service, llevó la profesionalización del cibercrimen a un nuevo nivel: ofrece asesoramiento legal a sus afiliados para reforzar la presión durante las negociaciones de rescate con sus víctimas.

amenazas #noticia#ciberseguridad

Ratty: un troyano que se propaga en Latinoamérica a través de PDFs maliciosos

Investigadores de ESET Latinoamérica han descubierto una campaña de phishing que distribuye Ratty, un troyano de acceso remoto (RAT). Los atacantes utilizan documentos PDF maliciosos y técnicas de ingeniería social dirigidas a usuarios de habla hispana en la región.

amenazas #noticia#ciberseguridad

📂 Categorías de Noticias

⚠️

Amenazas

Nuevos malware, ransomware, ataques APT y campañas de cibercrimen.

7 noticias

🛡️

Vulnerabilidades

CVEs, zero-days, parches de seguridad y análisis técnicos.

4 noticias

⚖️

Regulación

Nuevas leyes, normativas, multas y políticas de ciberseguridad.

0 noticias

🏢

Industria

Fusiones, adquisiciones, nuevas tecnologías y tendencias del mercado.

0 noticias

🔬

Investigación

Estudios académicos, papers técnicos y avances científicos.

1 noticias

🎤

Eventos

Conferencias, workshops, competencias y eventos de la comunidad.

0 noticias

📊 Nuestra Metodología

Agregamos y analizamos información de fuentes confiables para ofrecerte una perspectiva completa y ética del panorama de ciberseguridad.

🔍 Fuentes Confiables

• CVE Database y NVD (NIST)
• CERT/CC y equipos nacionales de respuesta
• Investigadores y empresas de seguridad reconocidas
• Organizaciones gubernamentales (INCIBE, ENISA)
• Conferencias técnicas y papers académicos

⚖️ Principios Editoriales

• Verificación cruzada de información
• Enfoque educativo y preventivo
• No publicar exploits funcionales
• Responsabilidad en divulgación de vulnerabilidades
• Contexto ético en cada artículo

¿Quieres estar siempre informado?

La ciberseguridad evoluciona constantemente. Mantente al día con las últimas amenazas y defensas para protegerte mejor.

Suscribirse por RSS Ver Guías de Protección