Cybersecurity News - Noticias de Ciberseguridad

Co-op confirms data of 6.5 million members stolen in cyberattack

UK retailer Co-op has confirmed that personal data of 6.5 million members was stolen in the massive cyberattack in April that shut down systems and ca...

ISC2 Finds Orgs Are Increasingly Leaning on AI

While many organizations are eagerly integrating AI into their workflows and cybersecurity practices, some remain undecided and even concerned about p...

Ryuk ransomware operator extradited to US, faces five years in federal prison

Karen Vardanyan and his co-conspirators allegedly deployed ransomware on hundreds of machines in 2019 and 2020, extorting more than $15 million from v...

U.S. Army soldier pleads guilty to extorting 10 tech, telecom firms

A 21-year old former U.S. Army soldier pleaded guilty to charges of hacking and extorting at least ten telecommunications and technology companies in ...

House hearing will use Stuxnet to search for novel ways to confront OT cyberthreats

The House Homeland Committee will revisit the malware to use the knowledge from the spy effort to explore the domestic threats facing the U.S. in 2025...

Elite 'Matanbuchus 3.0' Loader Spruces Up Ransomware Infections

An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS...

Oracle Fixes Critical Bug in Cloud Code Editor

The bug allowed an attacker an easy way to compromise full suite of developer tools in Oracle Cloud Infrastructure.

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

International law enforcement operation disrupted the activities of the pro-Russia hacking group NoName057(16). European and U.S. authorities disrupte...

Louis Vuitton says regional data breaches tied to same cyberattack

Luxury fashion giant Louis Vuitton confirmed that breaches impacting customers in the UK, South Korea, and Turkey stem from the same security incident...

test draft

The post test draft appeared first on Security Boulevard.

Women Who 'Hacked the Status Quo' Aim to Inspire Cybersecurity Careers

A group of female cybersecurity pioneers will share what they've learned about navigating a field dominated by men, in order to help other women empow...

Red Teaming AI Systems: Why Traditional Security Testing Falls Short

What if your AI-powered application leaked sensitive data, generated harmful content, or revealed internal instructions – and none of your secur...

SonicWall customers hit by fresh, ongoing attacks targeting fully patched SMA 100 devices

Google Threat Intelligence Group said a financially motivated threat group is abusing the outdated remote access VPN devices, underscoring a continued...

Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms

Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its st...

Europol-Coordinated Global Operation Takes Down Pro-Russian Cybercrime Network

Codenamed Eastwood, the operation targeted the so-called NoName057(16) group, which was identified as being behind a series of DDoS attacks on municip...

Cognida.ai Launches Codien: An AI Agent to Modernize Legacy Test Automation and Fast-Track Test Creation

Bridging the Visibility Gap: 2025 Global Cybersecurity Maturity Report

Reuven “Rubi” Aronashvili, CEO of CYE, asks a blunt question: Why are breaches still rampant when security budgets have never been larger? Drawing on ...

1Password releases MCP Server for Trelica

Ever since Anthropic released the open standard Model Context Protocol (MCP) last November to standardize the way artificial intelligence systems conn...

Microsoft is named a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms

We are honored to be recognized once again as a Leader in the 2025 Gartner® Magic Quadrant™ for Endpoint Protection Platforms—our sixth consecutive ti...

SonicWall SMA devices persistently infected with stealthy OVERSTEP backdoor and rootkit

Unknown intruders are targeting fully patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances and deploying a novel, persistent...

Cloudflare says 1.1.1.1 outage not caused by attack or BGP hijack

To quash speculation of a cyberattack or BGP hijack incident causing the recent 1.1.1.1 Resolver service outage, Cloudflare explains in a post mortem ...

‘FRED’ Security FAIL — Ignored by US Rail for 20 YEARS

BCH vs. SDR, AAR vs. CISA: Railroad industry first warned about this nasty vulnerability in 2005. The post ‘FRED’ Security FAIL — Ignored by US Rail f...

Senate Democrats seek answers on Trump overhaul of immigrant database to find noncitizen voters

The lawmakers say the potential is high for such a system to return false positives, blocking citizens from voting. The post Senate Democrats seek ans...

Protecting customers from Octo Tempest attacks across multiple industries

To help protect and inform customers, Microsoft highlights protection coverage across the Microsoft Defender security ecosystem to protect against thr...

Pro-Russian DDoS group NoName057(16) disrupted by international law enforcement operation

Over a dozen law enforcement agencies took action earlier this week, resulting in multiple arrests. The post Pro-Russian DDoS group NoName057(16) disr...

SquidLoader Malware Campaign Targets Hong Kong Financial Sector

A new malware campaign targeting Hong Kong finance has been identified, featuring SquidLoader to deploy Cobalt Strike Beacon

SonicWall SMA devices hacked with OVERSTEP rootkit tied to ransomware

A threat actor has been deploying a previously unseen malware called OVERSTEP that modifies the boot process of fully-patched but no longer supported ...

United Natural Foods Projects Up to $400M Sales Hit from June Cyberattack

Cyberattack disrupted UNFI’s operations in June; company estimates $50–$60 million net income hit but anticipates insurance will cover most losses. Th...

Pro-Russian Cybercrime Network Demolished in Operation Eastwood

A Europol coordinated operation has taken down key infrastructure used by pro-Russian hacktivist group NoName057(16), as well as a number of arrests

Over 5.4 Million Affected in Healthcare Data Breach at Episource

A data breach at Episource has exposed the personal information of 5.4 million individuals after attackers accessed systems for 10 days

Keeper Security Adds Support for MCP to Secrets Management Platform

Keeper Security is making its secrets management platform more accessible to artificial intelligence (AI) agents by adding support for the Model Conte...

Nvidia-GPUs anfällig für Rowhammer-Angriffe

srcset="https://b2b-contenthub.com/wp-content/uploads/2025/06/Nvidia_GPU.jpg?quality=50&strip=all 5124w, https://b2b-contenthub.com/wp-content/upl...

UNC6148 Backdoors Fully-Patched SonicWall SMA 100 Series Devices with OVERSTEP Rootkit

A threat activity cluster has been observed targeting fully-patched end-of-life SonicWall Secure Mobile Access (SMA) 100 series appliances as part of ...

SonicWall SMA Appliances Targeted With New ‘Overstep’ Malware

A threat actor that may be financially motivated is targeting SonicWall devices with a backdoor and user-mode rootkit. The post SonicWall SMA Applianc...

Dating app scammer cons former US army colonel into leaking national secrets

A former US army colonel faces up to ten years in prison after revealing national secrets on a foreign dating app.

Update Google Chrome to fix actively exploited zero-day (CVE-2025-6558)

For the fifth time this year, Google has patched a Chrome zero-day vulnerability (CVE-2025-6558) exploited by attackers in the wild. About CVE-2025-65...

Salt Typhoon breach: Chinese APT compromises U.S. Army National Guard network

China-linked APT Salt Typhoon breached a U.S. Army National Guard unit’s network, accessed configs, and intercepted communications with other units. A...

Virtual Event Today: Cloud & Data Security Summit – Tackling Exposed Attack Surfaces in the Cloud

Virtual event brings together leading experts, practitioners, and innovators for a full day of insightful discussions and tactical guidance on evolvin...

One click to compromise: Oracle Cloud Code Editor flaw exposed users to RCE

A now-patched vulnerability in Oracle Cloud Infrastructure’s (OCI) Code Editor exposed users to remote code execution (RCE) attacks with just a single...

Retail Ransomware Attacks Jump 58% Globally in Q2 2025

BlackFog found that publicly disclosed ransomware attacks on retail grew significantly in Q2 compared to Q1, with UK firms heavily targeted

Compumedics Ransomware Attack Led to Data Breach Impacting 318,000

Compumedics has been targeted by the VanHelsing ransomware group, which stole files from the company’s systems. The post Compumedics Ransomware Attack...

Immersive unveils role-specific cybersecurity capabilities

Immersive announced its Immersive One AI-powered Lab Builder feature to give customers and partners new ways to improve cyber skills across teams thro...

Global crackdown hits pro-Russian cybercrime, 100+ systems taken down worldwide

In a major blow to pro-Russian cybercrime, authorities across Europe and the United States launched a sweeping international crackdown on the hacking ...

Critical Golden dMSA Attack in Windows Server 2025 Enables Cross-Domain Attacks and Persistent Access

Cybersecurity researchers have disclosed what they say is a "critical design flaw" in delegated Managed Service Accounts (dMSAs) introduced in Windows...

Salt Typhoon hacked the US National Guard for 9 months, and accessed networks in every state

Chinese-backed APT group Salt Typhoon extensively compromised a US state’s Army National Guard network for nine months, stealing sensitive military da...

Former US Army member confesses to Telecom hack and extortion conspiracy

A former US Army soldier pleaded guilty to hacking telecom databases, stealing data, and extorting companies by threatening to release the stolen info...

AI Agents Act Like Employees With Root Access—Here's How to Regain Control

The AI gold rush is on. But without identity-first security, every deployment becomes an open door. Most organizations secure native AI like a web app...

Amazon warns 200 million Prime customers that scammers are after their login info

Amazon has emailed 200 million customers to warn them about a rather convincing phishing campaign.

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025

Google released security patches to address multiple Chrome vulnerabilities, including one flaw that has been exploited in the wild. Google released f...

Cloudflare Blocks Record-Breaking 7.3 Tbps DDoS Attack

Cloudflare highlighted a huge rise in hyper-volumetric DDoS attacks in Q2 2025, with attackers seeking to overwhelm defenses

New Konfety Malware Variant Evades Detection by Manipulating APKs and Dynamic Code

Cybersecurity researchers have discovered a new, sophisticated variant of a known Android malware referred to as Konfety that leverages the evil twin ...

DDoS peaks hit new highs: Cloudflare mitigated massive 7.3 Tbps assault

Cloudflare blocked 7.3M DDoS attacks in Q2 2025, down from 20.5M in Q1, while hyper-volumetric attacks surged with 6,500+ blocked, averaging 71 daily....

7 obsolete security practices that should be terminated immediately

Breaking bad habits and building better ones is a journey that requires patience, self-awareness, and determination. This is true whether the habit is...

Product showcase: Enzoic for Active Directory

Enzoic for Active Directory is an easy-to-install plugin that integrates with Microsoft Active Directory (AD) to set, monitor, and remediate unsafe pa...

DOGE Denizen Marko Elez Leaked API Key for xAI

Marko Elez, a 25-year-old employee at Elon Musk's Department of Government Efficiency (DOGE), has been granted access to sensitive databases at the U....

Is AI “healthy” to use? (Lock and Code S06E14)

This week on the Lock and Code podcast, we speak with Anna Brading and Zach Hinkle about whether using AI is damaging for our health.

Improving IT efficiency with Microsoft Security Copilot in Microsoft Intune and Microsoft Entra

Announcing the general availability of Microsoft Security Copilot capabilities for IT with Microsoft Intune and Microsoft Entra, offering AI-powered e...

CNN, BBC, and CNBC websites impersonated to scam people

Cybercriminals are using sponsored ads and fake news websites to lure victims to investment scams.

A week in security (July 7 – July 13)

A list of topics we covered in the week of July 7 to July 13 of 2025

UK Arrests Four in ‘Scattered Spider’ Ransom Group

Authorities in the United Kingdom this week arrested four alleged members of "Scattered Spider," a prolific data theft and extortion group whose recen...

​​Forrester names Microsoft a Leader in the 2025 Zero Trust Platforms Wave™ report

Employing a Zero Trust strategy is an effective way to modernize security infrastructure to protect against ever evolving security challenges. The pos...

Microsoft expands Zero Trust workshop to cover network, SecOps, and more

The Microsoft Zero Trust workshop has been expanded to cover all six pillars of Zero Trust security, providing a comprehensive guide for organizations...

Microsoft Patch Tuesday, July 2025 Edition

Microsoft today released updates to fix at least 137 security vulnerabilities in its Windows operating systems and supported software. None of the wea...

Big Tech’s Mixed Response to U.S. Treasury Sanctions

In May 2025, the U.S. government sanctioned a Chinese national for operating a cloud provider linked to the majority of virtual currency investment sc...

Senator Chides FBI for Weak Advice on Mobile Security

Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a c...

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

(Otra) vulnerabilidad explotada activamente en Google Chrome

Google ha publicado una actualización de seguridad para Chrome que soluciona media docena de vulnerabilidades, una de las cuales es explotada ac...

Troyano de código abierto AsyncRAT provoca un aumento de variantes de malware

Investigadores de ciberseguridad han trazado la evolución de un troyano de acceso remoto ampliamente utilizado llamado AsyncRAT, publicado por p...

Vulnerabilidad crítica en eSIMs de Kigen pone en riesgo a miles de millones de dispositivos IoT.

Nueva vulnerabilidad descubierta en las tarjetas eUICC de Kigen pone en riesgo a miles de millones de dispositivos IoT que utilizan tecnología eSIM, p...

Google Gemini para Gmail: Cross-Domain Prompt Injection Attack (XPIA) para hacer Phishing

El equipo de seguridad de Google Gemini for Gmail (G-Suite) ha corregido un bug de Cross-Domain Prompt Injection Attack (XPIA) que permite a un atacan...

Vulnerabilidad de eSIM (de Kigen) expone dispositivos IoT a ataques maliciosos

Investigadores de ciberseguridad han descubierto una nueva técnica de hacking que explota las vulnerabilidades de la tecnología eSIM utilizada en lo...

Código abierto de AsyncRAT desata una peligrosa ola mundial de variantes sigilosas

Una nueva investigación de ESET advierte que la publicación en GitHub del código fuente de AsyncRAT —un troyano de acceso remoto (RAT) liberado en 201...

Gobierno y Salud, los sectores más golpeados por el cibercrimen durante el 2025 en Latinoamérica

Cerrado el primer semestre del año y a través de casos reales, analizamos cuáles fueron las industrias predilectas por los actores maliciosos y qué co...

Las fallas de PerfektBlue Bluetooth afectan a los autos Mercedes, Volkswagen y Skoda

Cuatro vulnerabilidades denominadas PerfektBlue, que afectan a la pila Bluetooth BlueSDK de OpenSynergy, pueden explotarse para lograr la ejecució...

Hasta mañana funciona el Código de Rebajas de Verano 2025 en 0xWord: Cupón VERANO2025

Hasta mañana está activo el Código de Rebajas de Verano: VERANO2025 en 0xWord. Funcionará  hasta las 23:59:59 del 16/07/...

UNE lanza en español el primer estándar global sobre gestión de la inteligencia artificial 

La Asociación Española de Normalización (UNE) ha publicado en español la primera norma internacional sobre sistemas de gestión de inteligencia artific...

Evento GRATIS: ∞ Hacking Day 2025 - Paraná - 8/8

∞ Hacking Day 2025 es una jornada intensiva sobre ciberseguridad, cultura hacker y tecnología organizada por el Laboratorio de Seguridad de la Inf...

La brecha olvidada: ¿Tu seguridad física está en riesgo?

Hoy en día, cuando se habla de seguridad empresarial, la conversación gira siempre en torno a lo mismo: firewalls, ciberataques, contraseñas seguras, ...

Entrevista a Manuel S. Lemos: Hacking & Seguridad IA & OWASP GenAI Security Project

El mundo de la Inteligencia Artificial, y en concreto de la GenAI, ha traído un cambio brutal en el mundo empresarial, social y tecnológico. En concre...

10.000 horas no son nada en una Inmersión Total

El músico Ed Sheeran, en muchas de sus intervenciones, defiende la teoría de las 10.000 horas. Son esas las horas aproximadas que se necesitan para do...

Hechizos de Repelencia para hacer Imágenes más creativas con inteligencia Artificial

Los Diffusion Models para la generación de imágenes, vídeos, e incluso música, han sido atacados muchas veces por la posibilidad de acabar creando imá...

Cuidado con mensajes falsos sobre problemas en la entrega de paquetes o envíos

Este tipo de engaño es cada vez más utilizado por el cibercrimen para robar datos personales, haciendo creer a la víctima que tiene un envío pendiente...

Falsificación de localización GPS en Android usando la Mock Location API

En el ámbito de la seguridad ofensiva y el hacking, la manipulación de la localización GPS es una técnica con múltiples aplicaciones: desde el pentest...

(1/3) - Situación actual del DDoS: evolución, tendencias, impacto y estrategias de respuesta

Esta es la primera de tres publicaciones en las que analizaremos cómo han evolucionado estas amenazas y cómo impactan en las estrategias modernas de c...

¡Otro agujero en Chrome! Google tapa su cuarto zero‑day crítico de 2025

Google ha publicado una actualización de emergencia para Chrome que corrige la vulnerabilidad CVE‑2025‑6554, la cuarta brecha zero‑day que los atacant...

Alerta: Más de 40 extensiones fraudulentas de Firefox vacían tus criptomonedas

Investigadores han destapado una campaña que ha colado decenas de extensiones maliciosas en la tienda oficial de Mozilla Firefox. Su único objetivo: r...

5 historias de hackeos y ataques a dispositivos IoT muy comunes en el hogar

Los dispositivos conectados a internet pueden ser vulnerados, eso es una realidad, y aquí repasaremos 5 casos resonantes en los que los dispositivos h...

Gamaredon en 2024: análisis de campañas de spearphishing contra Ucrania

ESET Research analiza el conjunto de herramientas actualizadas de ciberespionaje de Gamaredon, las nuevas técnicas centradas en el sigilo y las agresi...

Los infostealers más presentes en Latinoamérica en 2025

Un repaso por familias de infostealers más detectadas por ESET en Latinoamérica durante la primera mitad de 2025.

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

Normativas y estándares para el ámbito forense digital (III de III)

Hoy se dará finalización a esta cadena de artículos analizando las últimas normas UNE relacionadas y tratando las diferentes leyes de aplicación.https...

Motores de búsqueda que usan los hackers (y profesionales de la ciberseguridad)

Cuando pensamos en buscadores, solemos imaginar Google o Bing. Sin embargo, en el mundo del hacking ético y la ciberseguridad, existen motores especia...

CVE-2025-3699: la puerta trasera (no intencionada) en los HVAC de Mitsubishi Electric

Los sistemas de climatización suelen pasar desapercibidos en un pentest. No corren WordPress, no abren puertos raros, y en muchos casos ni siquiera re...

Normativas y estándares para el ámbito forense digital (II de III)

Hoy se dará continuidad a la cadena Normativas y estándares para el ámbito forense digital, que dio comienzo el pasado lunes con su primera edici...

Inyección NoSQL: Cómo una entrada maliciosa puede comprometer tu aplicación

Inyección NoSQL: Cómo una entrada maliciosa puede comprometer tu aplicación Autor INCIBE (INCIBE) Vie, 20/06/2025 - 1...

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

Normativas y estándares para el ámbito forense digital (I de III)

https://www.flu-project.com/2025/06/normativas-estandares-forense-1-de-3.htmlhttps://www.flu-project.com/2025/06/normativas-estandares-forense-2-de-3....

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

Hydroph0bia (CVE​-2025​-4275): otro golpe a Secure Boot

Y casi de la mano de CVE-2025-4275 cae otra vulnerabilidad que pone de nuevo patas arriba a Secure Boot. Le han bautizado como Hydroph0bia (sí, e...

Secure Boot firmado... pero vulnerable (CVE-2025-3052)

Hoy os traemos CVE-2025-3052, un bug UEFI tan elegante que consigue desactivar Secure Boot desde dentro, sin romper nada, sin errores, y con firm...

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

Acceso inicial no autorizado a equipos SCI - Parte 2

Acceso inicial no autorizado a equipos SCI - Parte 2 Autor INCIBE (INCIBE) Vie, 16/05/2025 - 10:45 ...

Acceso inicial no autorizado a equipos SCI - Parte 1

Acceso inicial no autorizado a equipos SCI - Parte 1 Autor INCIBE (INCIBE) Jue, 24/04/2025 - 10:54 ...

Claves forenses en Windows: artefactos esenciales para la investigación digital

Claves forenses en Windows: artefactos esenciales para la investigación digital Autor INCIBE (INCIBE) Jue, 20/03/2025...

Explorando el módulo de scripts de Nmap

Explorando el módulo de scripts de Nmap Autor INCIBE (INCIBE) Jue, 20/02/2025 - 10:27 ...