RSS_Virtulization

Threat actors are using Telegram as command and control (C2) channel for a new Golang malware variant, according to a Netskope report. The malware, believed to be of Russian origin, acts like a backdoor once executed. Although it is still under development, it is completely functional. The researchers noted that the use of cloud apps as C2 channels represents a highly effective approach for attackers. Firstly, it is easy to set up because there’s no…

El retraso en la llegada de las Normas Técnicas de Regulación (RTS) no ayuda. “El legislador no ha completado el proceso reglamentario”, afirma Giancarlo Butti, auditor y experto en privacidad y seguridad. “Hasta la fecha, solo se han publicado oficialmente algunas de las normativas delegadas, por lo que las entidades financieras que, por ejemplo, están redefiniendo los contratos con los proveedores tendrán que añadir posteriormente —una vez que lleguen las demás normativas delegadas— la parte…

LaLiga busca transformar la industria deportiva mediante la aplicación de la inteligencia artificial (IA). Con una alianza estratégica de más de ocho años, la entidad continúa apoyándose en Microsoft para modernizar y optimizar diversos aspectos de la competición, beneficiando así a empleados, a los 42 clubes españoles que forman parte del campeonato nacional y a millones de aficionados globales. Así, en el marco de esta colaboración, LaLiga ha desplegado soluciones impulsadas por IA para mejorar la…

Two Estonian nationals are facing up to 20 years behind bars after pleading guilty to running a huge cryptocurrency fraud scheme that netted hundreds of millions of dollars. Sergei Potapenko and Ivan Turõgin, both 40, made $577m in sales from crypto mining venture HashFlare between 2015 and 2019. However, the company they founded simply was not capable of mining for crypto on the scale that the duo claimed to investors. Instead, they falsified mining data…

Jackson recounts the time he gave a talk on inclusivity, equality, belonging, parity, and justice at a manufacturer, where he sought to break down assumptions. “I said, ‘At the end of the day it doesn’t mean if you’re white, you’re wealthy, or if you’re Black, you’re a Democrat, or that if you have friends who are part of the LGBTQ community that you’re exploring. It’s just people are people,’” Jackson explains. He spoke to the…

Palo Alto Networks and SonicWall customers are being advised to patch their products, after it emerged that threat actors are actively exploiting vulnerabilities in both. SonicWall first detailed authentication bypass bug CVE-2024-53704 in a security update on January 7. It impacts the firm’s SonicOS, which powers various firewall devices. “An improper authentication vulnerability in the SSL VPN authentication mechanism allows a remote attacker to bypass authentication,” it warned of the CVSS 8.2-rated vulnerability. The vendor’s…

Ransomware has become more than a threat—it’s a calculated assault on industries, wielding AI-driven precision to bypass traditional defenses. Attackers adapt faster than ever, turning cybersecurity into a high-stakes race where falling behind isn’t an option. As we step into 2025, organizations face an urgent need to outthink and outmaneuver these evolving adversarial attacks. The best way to combat the threat is to dive into cutting-edge techniques for ransomware evasion and the strategies needed to…

Up Next from #TripwireBookClub is Black Hat Bash: Creative Scripting for Hackers and Pentesters by Dolev Farhi and Nick Aleks. This duo previously published Black Hat GraphQL, which we reviewed in March 2024. This book did not disappoint. I think that my favourite aspect of the book is the way that it uses stepping stones to get you through the book. Although I don’t teach anymore, I always think about the possibility of using a…

Hoja de ruta En la actualidad, IT y negocio trabajan muy estrechamente con una codirección de proyectos TIC; éstas han logrado perfilarse como parte esencial de la estrategia. “Así lo demuestra la altísima relevancia de las tecnologías de la información en el plan estratégico 2024 y el plan operativo bienal 2024-205”. En virtud de esto, el Tribunal de Cuentas se enfrenta a los nuevos entornos tecnológicos con el propósito de “planificar la estrategia tecnológica de…