Cybersecurity News - Noticias de Ciberseguridad

Latest News

Mobile Security: Verizon Says Attacks Soar, AI-Powered Threats Raise Alarm

Verizon’s 2025 Mobile Security Index shows that 85% of organizations believe mobile device attacks are on the rise. The post Mobile Security: Verizon ...

2025-10-23 - SecurityWeek

“Jingle Thief” Hackers Exploit Cloud Infrastructure to Steal Millions in Gift Cards

Cybersecurity researchers have shed light on a cybercriminal group called Jingle Thief that has been observed targeting cloud environments associated ...

2025-10-23 - The Hacker News

AuditBoard expands AI compliance with FairNow acquisition and Accelerate launch

AuditBoard has reached a definitive agreement to acquire FairNow. The addition of FairNow enhances AuditBoard’s capabilities with intelligent, automat...

2025-10-23 - Help Net Security

Cyberattack on Jaguar Land Rover inflicts $2.5B loss on UK economy

The attack on Jaguar Land Rover costs the UK economy $2.5B, marking its most damaging cyber incident, says CMC. In early September, Jaguar Land Rover ...

2025-10-23 - Security Affairs

The Human Cost of Defense: A CISO’s View From the War Room

Semperis’ Midnight in the War Room reveals the unseen struggles, burnout and heroism of CISOs and defenders who protect our digital world every day. T...

2025-10-23 - Security Boulevard

Why must CISOs slay a cyber dragon to earn business respect?

How CISOs respond to a major security incident can be a make-or-break moment for their career. Although one in four security leaders find themselve...

2025-10-23 - CSO Online

Manipulating the meeting notetaker: The rise of AI summarization optimization

These days, the most important meeting attendee isn’t a person: It’s the AI notetaker. This system assigns action items and determines the importan...

2025-10-23 - CSO Online

Cyberangriff auf Jaguar ist teuerster in britischer Geschichte

Der Hackerangriff auf den Autobauer Jaguar Land Rover hat die britische Regierung viel Geld gekostet.GAlexS – shutterstock.com Der Cyberangriff auf...

2025-10-23 - CSO Online

Faster LLM tool routing comes with new security considerations

Large language models depend on outside tools to perform real-world tasks, but connecting them to those tools often slows them down or causes failures...

2025-10-23 - Help Net Security

Mideast, African Hackers Target Gov'ts, Banks, Small Retailers

In the hotly political Middle East, you'd expect hacktivism and disruption of services. But retail attacks?

2025-10-23 - Dark Reading

Over 250 Magento Stores Hit Overnight as Hackers Exploit New Adobe Commerce Flaw

E-commerce security company Sansec has warned that threat actors have begun to exploit a recently disclosed security vulnerability in Adobe Commerce a...

2025-10-23 - The Hacker News

Critical Lanscope Endpoint Manager Bug Exploited in Ongoing Cyberattacks, CISA Confirms

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Wednesday added a critical security flaw impacting Motex Lanscope Endpoint Manager...

2025-10-23 - The Hacker News

Your wearable knows your heartbeat, but who else does?

Smartwatches, glucose sensors, and connected drug-monitoring devices are common in care programs. Remote monitoring helps detect changes early and sup...

2025-10-23 - Help Net Security

How Lazarus Group used fake job ads to spy on Europe’s drone and defense sector

ESET researchers have uncovered a fresh wave of Operation DreamJob, a long-running campaign linked to North Korea’s Lazarus Group. This latest activit...

2025-10-23 - Help Net Security

The next cyber crisis may start in someone else’s supply chain

Organizations are getting better at some aspects of risk management but remain underprepared for the threats reshaping the business landscape, accordi...

2025-10-23 - Help Net Security

Lazarus Group Hunts European Drone Manufacturing Data

The campaign is the latest effort by the North Korean threat actor to collect data of strategic interest to Pyongyang.

2025-10-23 - Dark Reading

6 Risk-Assessment-Frameworks im Vergleich

Mit dem richtigen Framework lassen sich Risiken besser ergründen.FOTOGRIN – shutterstock.com Für viele Geschäftsprozesse ist Technologie inzwischen...

2025-10-23 - CSO Online

Serious vulnerability found in Rust library

Developers creating projects in the Rust programming language, as well as IT leaders with Rust-based applications in their environments, should pay at...

2025-10-22 - CSO Online

Securing Mobile API with Approov & Cloudflare: A Powerful Integration

Cloudflare is a leading platform for securing APIs, websites, and web apps from malicious traffic and abuse. But while Cloudflare's WAF, Bot Managemen...

2025-10-22 - Security Boulevard

Iranian hackers targeted over 100 govt orgs with Phoenix backdoor

State-sponsored Iranian hacker group MuddyWater has targeted more than 100 government entities in attacks that deployed version 4 of the Phoenix backd...

2025-10-22 - BleepingComputer

Choosing the Right Secrets Scanning Tools

Why Is Secrets Security Management Crucial for Non-Human Identities? Have you ever pondered how organizations safeguard their digital environments fro...

2025-10-22 - Security Boulevard

Satisfy Compliance with Improved IAM Policies

How Can Organizations Satisfy Compliance with Robust IAM Policies? The question of managing them effectively remains crucial. This is especially true ...

2025-10-22 - Security Boulevard

Optimizing Secrets Sprawl Management

How Can Organizations Achieve Efficient Security with Optimized Management of Non-Human Identities? Where cybersecurity threats are becoming increasin...

2025-10-22 - Security Boulevard

It Takes Only 250 Documents to Poison Any AI Model

Researchers find it takes far less to manipulate a large language model's (LLM) behavior than anyone previously assumed.

2025-10-22 - Dark Reading

Too Many Secrets: Attackers Pounce on Sensitive Data Sprawl

Hardcoded credentials, access tokens, and API keys are ending up in the darnedest places, prompting a call for organizations to stop over-privileging ...

2025-10-22 - Dark Reading

PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025

PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne r...

2025-10-22 - Security Affairs

Pwn2Own Day 2: Hackers exploit 56 zero-days for $790,000

Security researchers collected $792,750 in cash after exploiting 56 unique zero-day vulnerabilities during the second day of the Pwn2Own Irelan...

2025-10-22 - BleepingComputer

Hackers exploiting critical "SessionReaper" flaw in Adobe Magento

Hackers are actively exploiting the critical SessionReaper vulnerability (CVE-2025-54236) in Adobe Commerce (formerly Magento) platforms, with hundred...

2025-10-22 - BleepingComputer

TP-Link urges immediate updates for Omada Gateways after critical flaws discovery

TP-Link warns of critical flaws in Omada gateways across ER, G, and FR models. Users should update firmware immediately to stay secure. TP-Link is war...

2025-10-22 - Security Affairs

WhatsApp Secures Ban on NSO Group After 6-Year Legal Battle

NSO Group must pay $4 million in damages and is permanently prohibited from reverse-engineering WhatsApp or creating new accounts after targeting user...

2025-10-22 - Dark Reading

Canada Fines Cybercrime Friendly Cryptomus $176M

Financial regulators in Canada this week levied $176 million in fines against Cryptomus, a digital payments platform that supports dozens of Russian c...

2025-10-22 - Krebs on Security

TARmageddon flaw in abandoned Rust library enables RCE attacks

A high-severity vulnerability in the now-abandoned async-tar Rust library and its forks can be exploited to gain remote code execution on systems runn...

2025-10-22 - BleepingComputer

Iran-Linked MuddyWater Targets 100+ Organisations in Global Espionage Campaign

The Iranian nation-state group known as MuddyWater has been attributed to a new campaign that has leveraged a compromised email account to distribute ...

2025-10-22 - The Hacker News

Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files

Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated wit...

2025-10-22 - The Hacker News

Open letter calls for prohibition on superintelligent AI, highlighting growing mainstream concern

An open letter released Wednesday has called for a ban on the development of artificial intelligence systems considered to be “superintelligent” until...

2025-10-22 - CyberScoop

The CISO imperative: Building resilience in an era of accelerated cyberthreats

The latest Microsoft Digital Defense Report 2025 paints a vivid picture of a cyberthreat landscape in flux. The surge in financially motivated cyberat...

2025-10-22 - Microsoft Security Blog

Over 100 Chrome extensions break WhatsApp’s anti-spam rules

The add-ons abuse WhatsApp Web to blast bulk messages, sidestepping both Chrome’s extension policies and WhatsApp’s anti-spam rules.

2025-10-22 - Malwarebytes Labs

PhantomCaptcha Campaign Targets Ukraine Relief Organizations

SentinelLABS Researchers have uncovered a new phishing campaign, PhantomCaptcha, targeting aid organizations supporting Ukraine

2025-10-22 - Infosecurity Magazine

Meta launches new anti-scam tools for WhatsApp and Messenger

Meta has announced new tools to help WhatsApp and Messenger users protect themselves from potential scams and secure their accounts. [...]

2025-10-22 - BleepingComputer

TARmageddon Flaw in Popular Rust Library Leads to RCE

The vulnerability impacts multiple Rust tar parsers, allowing attackers to smuggle additional archive entries. The post TARmageddon Flaw in Popular Ru...

2025-10-22 - SecurityWeek

MuddyWater Uses Compromised Mailboxes in Global Phishing Campaign

Group-IB has uncovered a phishing campaign by Iran-linked MuddyWater, exploiting compromised emails for foreign intelligence

2025-10-22 - Infosecurity Magazine

Critical Vulnerabilities Patched in TP-Link’s Omada Gateways

One of the flaws can be exploited by remote unauthenticated attackers for arbitrary command execution. The post Critical Vulnerabilities Patched in TP...

2025-10-22 - SecurityWeek

TARmageddon flaw in Async-Tar Rust library allows to smuggle extra archives when the library is processing nested TAR files

CVE-2025-62518 TARmageddon flaw in Rust async-tar and forks like tokio-tar may allow remote code execution, says Edera. Edera team disclosed a vulnera...

2025-10-22 - Security Affairs

Keycard Emerges From Stealth Mode With $38 Million in Funding

The company’s IAM platform identifies AI agents, supports assigning permission to them, and tracks all activity. The post Keycard Emerges From Stealth...

2025-10-22 - SecurityWeek

Russian APT Switches to New Backdoor After Malware Exposed by Researchers

Star Blizzard started using the NoRobot (BaitSwitch) and MaybeRobot (SimpleFix) malware after public reporting on the LostKeys malware. The post Russi...

2025-10-22 - SecurityWeek

Home Depot Halloween phish gives users a fright, not a freebie

Boo! A Home Depot Halloween “giveaway” isn’t a treat—it’s a phishing trick. Fake links, tracking pixels, and compromised sites are the real prizes.

2025-10-22 - Malwarebytes Labs

Zero-click Dolby audio bug lets attackers run code on Android and Windows devices

The bug, tracked as CVE-2025-54957, could let attackers run code via audio files.

2025-10-22 - Malwarebytes Labs

JLR Hack UK's Costliest Ever, Hitting Economy with £1.9bn Loss

The Cyber Monitoring Centre has classified the cyber-attack against Jaguar Land Rover as a “systemic cyber event”

2025-10-22 - Infosecurity Magazine

US ‘slipping’ on cybersecurity, annual Cyberspace Solarium Commission report concludes

The annual implementation report recommends reversing Trump administration budget cuts, empowering the national cyber director and other steps. The po...

2025-10-22 - CyberScoop

Scattered Lapsus$ Hunters Signal Shift in Tactics

Scattered Lapsus$ Hunters may be preparing to launch an extortion-as-a-service model, according to Palo Alto Networks

2025-10-22 - Infosecurity Magazine

Russia-linked COLDRIVER speeds up malware evolution after LOSTKEYS exposure

Russia-linked COLDRIVER rapidly evolved its malware since May 2025, refining tools just days after releasing its LOSTKEYS variant, says Google. The Ru...

2025-10-22 - Security Affairs

Robocalling task force bill advances in Senate

The Foreign Robocall Elimination Act would create a new task force and give policymakers granular insight into the notoriously complex telecommunicati...

2025-10-21 - CyberScoop

Researchers uncover remote code execution flaw in abandoned Rust code library

The high-severity defect affects a widely used — but largely hidden — archive tool that spans many forks. The post Researchers uncover remote code exe...

2025-10-21 - CyberScoop

The new Microsoft Security Store unites partners and innovation

The Microsoft Security Store is the gateway for customers to easily discover, buy, and deploy trusted security solutions and AI agents from leading pa...

2025-10-21 - Microsoft Security Blog

Singapore Officials Impersonated in Sophisticated Investment Scam

Group-IB has uncovered a scam operation impersonating Singapore officials using Google Ads and deepfakes

2025-10-21 - Infosecurity Magazine

Veeam acquires Securiti AI for $1.7 billion

Veeam announced Tuesday it agreed to acquire Securiti AI for $1.725 billion, marking the data protection company’s largest acquisition and its e...

2025-10-21 - CyberScoop

Windows update breaks USB support in recovery mode

Microsoft’s October update disabled USB keyboards and mice in Windows Recovery Mode, leaving unlucky users with two problems for the price of one.

2025-10-21 - Malwarebytes Labs

You can poison AI with just 250 dodgy documents

Anthropic’s new research shows how easy it could be to poison AI models—proof that even small manipulations can have big effects.

2025-10-21 - Malwarebytes Labs

Inside the attack chain: Threat activity targeting Azure Blob Storage

Azure Blob Storage is a high-value target for threat actors due to its critical role in storing and managing massive amounts of unstructured data at s...

2025-10-20 - Microsoft Security Blog

Email Bombs Exploit Lax Authentication in Zendesk

Cybercriminals are abusing a widespread lack of authentication in the customer service platform Zendesk to flood targeted email inboxes with menacing ...

2025-10-17 - Krebs on Security

Microsoft named a Leader in the 2025 Gartner® Magic Quadrant™ for SIEM

We’re honored to share that Microsoft has again been recognized as a Leader in the 2025 Gartner® Magic Quadrant™ for Security Information and Event Ma...

2025-10-16 - Microsoft Security Blog

Extortion and ransomware drive over half of cyberattacks

In 80% of the cyber incidents Microsoft’s security teams investigated last year, attackers sought to steal data—a trend driven more by financial gain ...

2025-10-16 - Microsoft Security Blog

Patch Tuesday, October 2025 ‘End of 10’ Edition

Microsoft today released software updates to plug a whopping 172 security holes in its Windows operating systems, including at least three vulnerabili...

2025-10-14 - Krebs on Security

DDoS Botnet Aisuru Blankets US ISPs in Record DDoS

The world's largest and most disruptive botnet is now drawing a majority of its firepower from compromised Internet-of-Things (IoT) devices hosted on ...

2025-10-10 - Krebs on Security

ShinyHunters Wage Broad Corporate Extortion Spree

A cybercriminal group that used voice phishing attacks to siphon more than a billion records from Salesforce customers earlier this year has launched ...

2025-10-07 - Krebs on Security

Student Loan Breach Exposes 2.5M Records

2.5 million people were affected, in a breach that could spell more trouble down the line.

2022-08-31 - Threatpost

Watering Hole Attacks Push ScanBox Keylogger

Researchers uncover a watering hole attack likely carried out by APT TA423, which attempts to plant the ScanBox JavaScript-based reconnaissance tool.

2022-08-30 - Threatpost

Tentacles of ‘0ktapus’ Threat Group Victimize 130 Firms

Over 130 companies tangled in sprawling phishing campaign that spoofed a multi-factor authentication system.

2022-08-29 - Threatpost

Ransomware Attacks are on the Rise

Lockbit is by far this summer’s most prolific ransomware group, trailed by two offshoots of the Conti group.

2022-08-26 - Threatpost

Cybercriminals Are Selling Access to Chinese Surveillance Cameras

Tens of thousands of cameras have failed to patch a critical, 11-month-old CVE, leaving thousands of organizations exposed.

2022-08-25 - Threatpost

Noticias en Español

Indirect Prompt Injection en Perplexity Comet para atacar tu Stripe y el riesgo de los AI-First Web Browsers con ChatGPT Atlas

Antes de ayer salía el anuncio de ChatGPT Atlas, el nuevo AI-First Web Browser de OpenAI. Basado en Agentic AI actions, siguiendo la estela de Perplex...

2025-10-23 - El Lado del Mal

Prohíben a NSO atacar a usuarios de WhatsApp con el software espía Pegasus (sí, en serio 🤡)

NSO fue vetado permanentemente para atacar a usuarios de WhatsApp con el software espía Pegasus. El fallo coincide con que el fabricante de so...

2025-10-22 - Segu-Info

TARmageddon: Vulnerabilidad crítica en parsers Rust permite inyección de archivos y RCE

CVE-2025-62518 sacude la comunidad Rust: una vulnerabilidad en parsers TAR permite a los atacantes colarse archivos extra sin detectar, abriendo la pu...

2025-10-22 - Una al Día

TRON: Los juegos de TRON en el Siglo XX para que juegues online con las motos, los discos y los tanques. EOL.

El otro día os dejé la historia de TRON a través de películas, series, cómics y videojuegos, pero hay otra serie de videojuegos, con menos historia, y...

2025-10-22 - El Lado del Mal

Deepfakes, Google Ads y fraude: suplantan a altos cargos de Singapur en estafa de inversión

Expertos han descubierto una compleja estafa que emplea deepfakes y anuncios verificados de Google para suplantar autoridades de Singapur y atraer víc...

2025-10-21 - Una al Día

Vulnerabilidad de SMB en Windows explotada activamente (CVE-2025-33073 con PoC)

La Agencia de Seguridad de Infraestructura y Ciberseguridad (CISA) emitió una alerta urgente el 20 de octubre de 2025, destacando una vulnerabilid...

2025-10-21 - Segu-Info

WhatsApp Forensics: El time-line de los mensajes de "View Once "en WhatsApp Desktop (Incluso en los chats que desaparecen)

Hace ya tiempo que os hablé de cómo revisar los mensajes de seguridad de WhatsApp para poder extraer algo de información de personas y números de telé...

2025-10-21 - El Lado del Mal

AWS se cayó... sí, es lo poco que sabemos 🙃

Una interrupción de AWS ha paralizado millones de sitios web, incluyendo Amazon.com, Prime Video, Perplexity AI, Canva y más. La caída comenzó d...

2025-10-20 - Segu-Info

Vulnerabilidad en Microsoft IIS

Microsoft ha revelado una falla crítica de ejecución remota de código en Internet Information Server (IIS), lo que supone un riesgo para las organ...

2025-10-20 - Segu-Info

Adoptando DevSecOps: Seguridad integrada desde el código hasta la producción

Adoptando DevSecOps: Seguridad integrada desde el código hasta la producción Autor INCIBE (INCIBE) Lun, 20/10/2025 - ...

2025-10-20 - INCIBE-CERT

Fallo crítico en Dolby Decoder permite ataques zero-click en Android

Un fallo de alta gravedad en el Unified Decoder de Dolby afecta a dispositivos Android, posibilitando ataques remotos sin interacción del usuario. El ...

2025-10-20 - Una al Día

TRON: La historia a través de las películas, series, vídeo juegos y cómics

Con el anuncio de TRON Ares, se ha despertado en mí unas ganas de volver a revivir toda mi infancia viéndome todas las películas, la serie, leyendo de...

2025-10-20 - El Lado del Mal

Operación SIMCARTEL: desmantelan plataforma utilizada para SMiShing

Europol anunció el viernes la desmantelación de una sofisticada plataforma de ciberdelincuencia como servicio (CaaS) que operaba una granja de tarje...

2025-10-19 - Segu-Info

Cisco libera parche tras explotarse una vulnerabilidad SNMP que permite instalar un rootkit en switches

Cisco ha publicado actualizaciones de seguridad tras confirmarse la explotación real de una vulnerabilidad en el subsistema SNMP de Cisco IOS / IOS XE...

2025-10-19 - Una al Día

Un Bot de Fake Brokers que suplanta la identidad de Perfiles Populares en Twitter/X y te estafa con criptos por Direct Messages

Esta semana, mientras yo estaba en Las Vegas, Eloy López Sánchez, nuestro compañero del Chat Público de El lado del Mal en MyPublicInbox, nos contaba ...

2025-10-19 - El Lado del Mal

Ataques de email bombing aprovechan la falta de autenticación en Zendesk

Una falla de configuración en Zendesk permite a atacantes enviar miles de correos desde multitud de empresas, generando campañas de saturación (email ...

2025-10-18 - Una al Día

ISO/IEC 42001: el sistema de gestión de IA que probablemente conectemos con nuestra 27001

ISO/IEC 42001 se concibe como el nuevo esqueleto operativo para transformar la inteligencia artificial en un sistema gestionado con disciplina. No es ...

2025-10-13 - Flu Project

PromptIntel: cazando prompts adversariales en la jungla de la IA

Sí, has leído bien: adversarial prompts. No exploits de kernel, no inyecciones SQL. Prompts. Esas cadenas de texto que alimentan modelos de lenguaje —...

2025-10-12 - Hackplayers

StopFix: una extensión de navegador para detectar ClickFix y similares

Sergio Galán aka NaxoneZ se ha currado StopFix, una extensión de navegador diseñada para detectar y reportar ataques basados en el portapapeles, com...

2025-10-09 - Hackplayers

CVE-2025-61882: Cadena pre-auth RCE en Oracle E-Business Suite

El 4 de octubre de 2025, Oracle publicó una alerta de seguridad para la vulnerabilidad CVE-2025-61882, que permite ejecución remota sin autenticación ...

2025-10-06 - Hackplayers

MITRE AADAPT: Anatomía ofensiva y defensa en el ecosistema de activos digitales

Cuando uno pasa demasiadas noches frente a un nodo de Ethereum observando tráfico, firmas, anomalías y patrones sospechosos, descubre que el ecosistem...

2025-10-06 - Flu Project

Snapshots en máquinas virtuales: ¿una herramienta útil o un riesgo oculto?

¿Piensas que una instantánea de una máquina virtual es lo mismo que un backup o una copia del disco? Entonces este post es para ti.Antes de nada, vamo...

2025-09-29 - Flu Project

FlareProx: proxy HTTP por Cloudflare para rotación de IPs

Imagina por un momento que necesitas que tus solicitudes HTTP salgan desde direcciones distintas sin depender de terceros proxies comerciales: quieres...

2025-09-28 - Hackplayers

De %TEMP% a SYSTEM: secuestro en caliente con SetupHijack

SetupHijack es una herramienta que automatiza la explotación de condiciones de carrera y la gestión insegura de ficheros en procesos de instalación y ...

2025-09-25 - Hackplayers

Descubren el primer caso de colaboración entre los grupos APT Gamaredon y Turla

El famoso grupo APT Turla colaboró con Gamaredon en una serie de ataques a objetivos de alto perfil en Ucrania. Ambos grupos están asociados al FSB (S...

2025-09-19 - WeLiveSecurity

Qilin: el ransomware que ofrece asesoramiento legal a sus afiliados

El grupo Qilin, que funciona como ransomware as a service, llevó la profesionalización del cibercrimen a un nuevo nivel: ofrece asesoramiento legal a ...

2025-09-18 - WeLiveSecurity

Supercomputación y computación cuántica en ciberseguridad

Supercomputación y computación cuántica en ciberseguridad Autor INCIBE (INCIBE) Jue, 18/09/2025 - 13:02 ...

2025-09-18 - INCIBE-CERT

Ratty: un troyano que se propaga en Latinoamérica a través de PDFs maliciosos

Investigadores de ESET Latinoamérica han descubierto una campaña de phishing que distribuye Ratty, un troyano de acceso remoto (RAT). Los atacantes ut...

2025-09-17 - WeLiveSecurity

Hábitos sobre la IA: el 80% la usa, pero más de la mitad no chequea la información obtenida

A través de una encuesta realizada a nivel regional, obtuvimos diversos patrones de uso de la Inteligencia Artificial. Conoce los principales resultad...

2025-09-16 - WeLiveSecurity

A qué riesgos puedes exponerte al buscar servicios de streaming gratuitos, análisis de MagisTV

La búsqueda de opciones de streaming gratuitas puede exponerte a malware, robo de datos y problemas legales. Analizamos MagisTV como uno de los ejempl...

2025-09-16 - WeLiveSecurity

La importancia del Disaster Recovery Plan (DRP)

A pesar de que los ciberataques, fallos de hardware y software, desastres naturales, o incluso errores humanos son cada vez más frecuentes, muchas emp...

2025-09-15 - Flu Project

URL Ofuscadas: El Arte de Ocultar Enlaces Maliciosos

IntroducciónEn el panorama actual de amenazas, las URLs ofuscadas son un recurso recurrente dentro de las campañas maliciosas. Los actores de amenaza ...

2025-09-08 - Flu Project

Entendiendo BACnet: presente y futuro del protocolo en entornos industriales

Entendiendo BACnet: presente y futuro del protocolo en entornos industriales Autor INCIBE (INCIBE) Jue, 14/08/2025 - ...

2025-08-14 - INCIBE-CERT

Ataques DDoS: técnicas y mitigación en infraestructuras empresariales

Ataques DDoS: técnicas y mitigación en infraestructuras empresariales Autor David Matilla Rebollo Mar, 15/07/2025 - 1...

2025-07-15 - INCIBE-CERT

Pensar como un atacante: por qué el Red Team es clave para la ciberseguridad moderna

En un entorno digital donde las amenazas evolucionan más rápido que las soluciones, protegerse ya no es suficiente. Hay que anticiparse. Y para eso, e...

2025-07-01 - BlogThinkBig

Inyección NoSQL: Cómo una entrada maliciosa puede comprometer tu aplicación

Inyección NoSQL: Cómo una entrada maliciosa puede comprometer tu aplicación Autor INCIBE (INCIBE) Vie, 20/06/2025 - 1...

2025-06-20 - INCIBE-CERT

Cómo saber si una app es falsa: ten siempre en cuenta estas claves

Vivimos constantemente con el móvil en la mano; es un dispositivo que usamos para casi todo. Hoy en día es útil tanto para cosas como pagar el café, c...

2025-06-17 - BlogThinkBig

Cómo proteger el ordenador sin ser un genio tech

Saber cómo proteger el ordenador nunca ha sido tan vital. Imagina perder tu equipo con Windows y no saber si tus datos personales están seguros. El pá...

2025-06-13 - BlogThinkBig

Privacidad en Internet: evita el rastreo y navega con seguridad

La privacidad en Internet se ha convertido en una preocupación constante. Es así como cada clic, búsqueda o interacción en línea puede dejar una huell...

2025-06-12 - BlogThinkBig

Álbum oculto: paso a paso para activarlo en tu teléfono Android

Las fotos y vídeos revelan un montón de información de tu vida personal. No siempre queremos que estén a la vista. Es por eso que en este artículo hab...

2025-06-06 - BlogThinkBig