As in real life, a good part of cybercrimes end up being successful if the cybercriminals manage to gain the trust of their victim. What is known as social engineering, far from disappearing in the face of other more sophisticated forms of attack, continues to be one of the great tools hackers have to break into all kinds of systems, as has just been demonstrated in Brazil.
This is how we start a new edition of our MuySeguridad Recaps, in which we warn you that if you want to update your system to Windows 11, do not trust any image that is not official, since the “alternatives” could include some “surprise”. And it is precisely about surprises that the latest report prepared by the HP Wolf Security team tells us, assuring that the malware it hides in increasingly difficult places to detect. Let’s start!
Of the multiple techniques that exist in the cybersecurity ecosystem, social engineering has always seemed to me the most interesting, as well as, very probably, the most intelligent. Why? Because it is based on the paradigm that, on many occasions, the weakest link in the chain is the user. Just as I say that I find it interesting, I also clarify that I find it despicable, of course, but that does not detract from its interest.
Password theft is a very serious problem that Microsoft seems to have focused on for quite some time now. A key point for this is the implementation of accreditation systems in two or more steps, limiting the potential scope of a stolen or insecure password, of course, but also analyzing the means used by cybercriminals to get hold of them, to try to find a solution.
Taking advantage of the growing popularity of Windows 11 and the recently announced broad rollout phase announced by Microsoft, it seems that some users have started distributing fake Windows 11 update installers with RedLine malware hidden in them.
Fastly has just announced the release of the edge deployment option for the Fastly Next-Gen WAF (developed by Signal Sciences). This marks a critical milestone in the integration of Signal Sciences’ award-winning web application firewall (WAF) technology with Fastly’s edge cloud network.
Unified offering protects applications and APIs wherever they are, and can be deployed on the widest range of architectures: from containers, on-premises, to the cloud, and now at the edge , all from a single solution.
HP Wolf Security has published a most interesting report on security threats for the fourth quarter of 2021, a document that by showing us what has happened in recent months, brings us up to date on the threats we face today, helping us in this way to direct our countermeasures and defensive actions in general towards them.
And an interesting and worrying fact that we extract from this HP Wolf Security report is that during the last quarter of 2021, cybercriminals have focused on Excel, more specifically on .xll add-ins.
I ask you to take a moment to think about what you can do in 18 minutes. Take a breakfast? Drive from home to the hypermarket to do the shopping? Review the options to choose a new tie for a special day? It seems like a good time for a phone call or WhatsApp conversation or for a quick meal on a busy day. Simple actions, many of them almost mechanical. However, and although it seems very little to us, 18 minutes can also be tremendously decisive, for better or for worse.
Data breaches are one of the worst problems a business can face. First of all, because it assumes that your computer security has been compromised. But also, because of the reputational crisis that you may begin to experience with your clients.
And it is true that no company wants to be the victim of a cyberattack. However, if cybercriminals gain access to customer databases and steal personal and financial data, you need to be agile and make the right decisions. From ESET they have wanted to share with us five steps that we must implement if for whatever reason, we end up experiencing an incident of this type.
fbq('init', '331778667483608'); fbq('track', "PageView");