Episodios

  • May 23rd, 2025

    May 23rd, 2025
    May 23 2025
    These news excerpts focus on recent cybersecurity incidents and legal actions. One article details the FTC's order requiring GoDaddy to improve its security measures following multiple data breaches. Another reports on a system-wide outage at Kettering Health attributed to a likely ransomware attack, forcing canceled procedures. The third piece covers a college student pleading guilty to cyber extortion for stealing and threatening to leak student and teacher data from PowerSchool. Together, the articles highlight the ongoing threats of cyberattacks and the efforts by regulatory bodies and law enforcement to address security failures and criminal activity.
    Más Menos
    16 m
  • May 19th, 2025

    May 19th, 2025
    May 19 2025
    One source details a global cyberespionage campaign called 'RoundPress', attributed with medium confidence to the Russian state-sponsored hackers APT28. This campaign targeted government webmail servers in various countries by exploiting XSS vulnerabilities in products like Roundcube, Horde, MDaemon, and Zimbra to steal credentials and email content. Another source describes a new tool named 'Defendnot' that can disable Microsoft Defender on Windows devices. This tool functions by registering a fake antivirus product using an undocumented Windows Security Center API and injecting a DLL into a trusted system process to bypass security checks. A separate source reports on a data breach at Nova Scotia Power, a Canadian utility, where hackers stole sensitive customer data including personal information, account history, and in some cases, bank account and Social Insurance Numbers. The company discovered the unauthorized access and later confirmed the data theft, offering credit monitoring services to affected customers.
    Más Menos
    12 m
  • May 14th, 2025

    May 14th, 2025
    May 14 2025
    Android 16 is introducing expanded 'Advanced Protection' with device-level security, strengthening defenses against spyware and consolidating features like verified boot, strong sandboxing, and automatic reboots. The sources also detail a new "Branch Privilege Injection" flaw, tracked as CVE-2024-45332, in modern Intel CPUs that allows sensitive data leakage from privileged memory by exploiting a race condition in branch predictors. Finally, the material discusses the iClicker student engagement platform website being compromised in a "ClickFix" attack, where a fake CAPTCHA prompt tricked students and instructors into installing malware by pasting and executing a PowerShell script from their clipboard. These topics highlight recent developments in mobile security, hardware vulnerabilities, and social engineering techniques used in website compromises.
    Más Menos
    17 m
  • May 12th, 2025

    May 12th, 2025
    May 12 2025
    Based on the sources provided, the primary topics covered include a recent data breach affecting over 430,000 patients of the Ascension healthcare system, which was linked to a vulnerability in third-party software used by a former business partner. The sources also detail ongoing cyberattacks targeting SAP NetWeaver servers by Chinese hackers who are exploiting a maximum severity vulnerability that allows remote code execution. Additionally, the sources discuss a new feature being added to Microsoft Teams that will block screen capture during meetings to help protect sensitive information shared by users.
    Más Menos
    13 m
  • April 29th, 2025

    April 29th, 2025
    Apr 29 2025
    Based on the sources, the key topics focus on recent cybersecurity incidents. One significant event detailed is a ransomware attack against Hitachi Vantara, where the company took servers offline to contain the incident attributed to the Akira ransomware operation. Akira has impacted over 300 organizations and collected millions in ransom payments. The sources also describe a Chinese espionage campaign by a group called PurpleHaze, which attempted reconnaissance against cybersecurity company SentinelOne's infrastructure and customers. This group utilizes tools like ORB networks and backdoors such as GoReShell and ShadowPad. Furthermore, a data breach at VeriSource Services is reported, impacting four million people by exposing sensitive personal data including names, addresses, dates of birth, genders, and Social Security numbers. Although the incident occurred in February 2024, the full scope wasn't determined until April 2025, leading to delayed notifications.
    Más Menos
    20 m
  • April 28th, 2025

    April 28th, 2025
    Apr 28 2025
    One major topic is a technical issue at Coinbase where a logging error misidentified failed password attempts as "2FA failures," leading to user concerns about account compromise and potential misuse of these errors in social engineering attacks. Another significant topic is the evolution of the ransomware landscape, specifically the DragonForce group's introduction of a "ransomware cartel" model offering white-label branding and infrastructure to other ransomware operations. Finally, the sources also discuss Google's advancements in its Unified Security platform, including new features for threat detection, automation, and integration of Mandiant's threat intelligence, as well as key findings from Mandiant's 2025 M-Trends report on attack trends.
    Más Menos
    14 m
  • April 23rd, 2025

    April 23rd, 2025
    Apr 23 2025
    The sources discuss several recent cybersecurity incidents, including how hackers are exploiting Zoom's remote control feature to conduct crypto-theft attacks. This involves social engineering tactics where attackers impersonate legitimate entities to trick users into granting remote access, potentially leading to the theft of sensitive data and cryptocurrency. Additionally, Marks & Spencer confirmed they are dealing with a cyberattack that has impacted their operations, particularly the Click and Collect service. Furthermore, SK Telecom issued a warning about a malware attack that resulted in the exposure of customer USIM data. The sources also include tutorials on various computer security and maintenance tasks, such as accessing the dark web, using the Windows Registry Editor, removing malware, and showing hidden files.
    Más Menos
    10 m
  • April 21st, 2025

    April 21st, 2025
    Apr 21 2025
    The sources discuss several important cybersecurity topics, including vulnerability management with the active exploitation of a Microsoft NTLM vulnerability (CVE-2025-24054) that could lead to leaked credentials and system compromise. The exploitation requires minimal user interaction and is currently targeting specific organizations, emphasizing the need for immediate patching. Another critical issue highlighted is a maximum severity flaw (CVE-2025-32433) in Erlang/OTP SSH, which could allow attackers to execute arbitrary code without authentication, posing a significant risk to various systems, especially those in critical infrastructure. Lastly, the sources cover data security and government regulations with the HHS fining a Guam hospital for HIPAA violations following a ransomware attack, underscoring the importance of risk assessments and compliance in the healthcare sector.
    Más Menos
    12 m
adbl_web_global_use_to_activate_T1_webcro805_stickypopup