Feed de Noticias de Ciberseguridad [06/01/2023]

Este reporte corresponde a una selección de las últimas noticias, alertas de seguridad, vulnerabilidades, ataques y casos de estudio observados durante las últimas horas. Esta información ha sido recopilada para entregar un panorama general de las amenazas más importantes del momento. El objetivo principal es dar visibilidad rápida sobre los cambios en la tendencia y la evolución del cibercrimen para generar conciencia y estrategias de protección en base a estos riesgos emergentes.

Noticias y Casos de Estudio

• Bluebottle Continues Bank Heist Assault With Signed Malware (darkreading.com)
• France announces Vincent Strubel as new top cybersecurity official – The Record from Recorded Future News
• France fines Apple for targeted App Store ads without consent (bleepingcomputer.com)
• Bitdefender releases free MegaCortex ransomware decryptor (bleepingcomputer.com)
• Check Point Research Reports a 38% Increase In 2022 Global Cyberattacks (darkreading.com)
• New Survey: 1 In 4 Schools Were Victims Of Cyber Attacks In the Last Year; Administrators To Increase Spending On Privacy and Security (darkreading.com)
• Fake Flipper Zero websites look to cause a big splash (malwarebytes.com)
• FBI warns of imposter ads in search results (malwarebytes.com)
• Twitter’s mushrooming data breach crisis could prove costly | CSO Online
• Cyberattacks against governments jumped 95% in last half of 2022, CloudSek says | CSO Online
• Irish privacy watchdog fines Meta $400 million amid disagreement among European authorities – The Record from Recorded Future News

Ciberataques e Incidentes

• Attackers create 130K fake accounts to abuse limited-time cloud computing resources | CSO Online
• 200M Twitter Profiles, With Email Addys, Dumped on Dark Web for Free (darkreading.com)
• Rackspace: Customer email data accessed in ransomware attack (bleepingcomputer.com)
• University of Miami Health breach notice (databreaches.net)
• Social Security numbers stolen in ransomware attack on maternal health org – The Record from Recorded Future News
• 14 UK schools suffer cyberattack, highly confidential documents leaked | CSO Online
• From Ferrari to Ford, Cybersecurity Bugs Plague Automotive Safety (darkreading.com)
• OPWNAI : Cybercriminals Starting to Use ChatGPT – Check Point Research
• NATO tests AI’s ability to protect critical infrastructure against cyberattacks | CSO Online
• Massachusetts school district, community college dealing with fallout from ransomware attacks – The Record from Recorded Future News
• Billion-dollar rail firm confirms data breach after suspected ransomware attack – The Record from Recorded Future News

Vulnerabilidades

• SQL Injection Vulnerability – CVE-2022-47523 – ManageEngine Access Manager Plus
• Slack security update | Slack
• Rackspace: Customer email data accessed in ransomware attack (bleepingcomputer.com)
• First Android update of 2023 patches 60 vulnerabilities (malwarebytes.com)

Malware

• SpyNote: Spyware with RAT capabilities targeting Financial Institutions — ThreatFabric
• Unraveling the techniques of Mac ransomware – Microsoft Security Blog

Ransomware (nuevas víctimas publicadas)

CronUp Ciberseguridad

Alerta Temprana de Riesgos Cibernéticos (ATRc®)
Attack Surface Management
Cyber Threat Intelligence