https://www.bleepingcomputer.com/news/security/jdownloader-site-hacked-to-replace-installers-with-python-rat-malware/

Ojo a esto, que se que bastante gente de por aquí usa JDownloader.

Web comprometida e instaladores con malware. Revisad que versión tenéis.

#Cyberseguridad #JDownloader #Malware

La Vanguardia: Un #ataque a una plataforma #educativa expone datos de #estudiantes y #profesores de la #UOC

#cyber #cyberseguridad

https://www.lavanguardia.com/vida/20260508/11533448/ataque-plataforma-educativa-expone-datos-estudiantes-profesores-uoc.html

Hackeos de criptomonedas: un problema grave. Según TRM Labs, grupos norte coreanos se han apoderado del 76% de todas las pérdidas relacionadas con hackeos, sumando $577 millones en pérdidas. ¿Qué está detrás de este aumento en la criminalidad digital? #Fintech #Cyberseguridad

https://www.crowdfundinsider.com/2026/05/276708-north-korean-hacking-groups-claimed-over-75-of-all-crypto-hack-value-in-past-year-report-reveals/

Hi folks. It's Andrew with another update on our battle over the "wrong to repair" bill that continues to move through the Colorado legislature, SB26-090.

I am asking anyone, but especially those with a background as a cybersecurity practitioner, to please consider submitting written or live/virtual testimony TODAY to the committee who will be hearing this bill, starting at 1:30pm mountain time.

This afternoon, in a little under four hours, a House committee will be hearing testimony on the bill. If you have been waiting for your moment, this might be the last chance you have this session to weigh in and express your support for this critical right we may lose in the next few days.

Opponents of Colorado's right to repair law, which only came into effect on January 1, include companies like IBM and Cisco Systems. They are making outrageous and counterfactual claims about the right to repair in order to pressure lawmakers into accepting this bill that would exclude any technology classified as "critical infrastructure" as exempt from the right to repair law.

One of the most egregiously wrong claims they have repeatedly made is that a "right to repair" items like a firewall somehow makes the products Cisco and IBM sell less safe from a cybersecurity perspective. After the committee hearing last month, I spoke in the hallway with the government affairs person from Cisco. I asked him to explain it to me, a cybersecurity professional, why being able to fix a broken firewall presents a cybersecurity risk.

He could not explain it, simply repeating that giving people access to internal schematics in order to let them repair parts in a network edge device somehow presents a risk that adversaries would then be able to more easily reverse-engineer the product.

The cybersecurity folks know where this is leading: They are claiming that the obscurity of their documentation about their products is the cybersecurity feature that protects them from attack.

Those of us who are practitioners in this space know that obscurity provides no security whatsoever in the long term, and that giving people the ability to replace broken parts, like power supplies, does not threaten the cybersecurity of a router or firewall any more than replacing a power cord.

After all, data centers have tight security about who is allowed in or out, and engage with cyber- and physical pentesters to routinely check the security of their facilities.

The reality is that the west's biggest adversary, China, already has every model of every firewall on earth in its possession, and has thrown brigades of bodies at them to perform the reverse engineering Cisco claims they want to prevent. That cat is out of the bag. This bill will not provide any cybersecurity protection to any Cisco firewall.

As I said to the Cisco lobbyist, if an adversary already has physical access to the device, it's game over. Adversaries don't swap out broken hard drives or power supplies.

Beyond that specious argument, there is a secondary problem with the bill: It never defines with any necessary level of detail what comprises "critical infrastructure" - which means that, if a regular, commercial TV set you can buy at Costco is being used as a monitor in a SOC, it's possible that those commercial products will end up lumped into the category of "critical infrastructure."

We all know that what makes electronic infrastructure critical is not what it is - phones, laptops, desktops, printers, scanners, even desk lamps - but how and where, and for what purpose it is used

What this bill appears to be about, and why Cisco and IBM are fighting to advance it so hard, is that it enables the rent-seeking behavior of companies who want to lock their customers in to expensive annual support contracts, and lock third-party support companies out of the equation. That's literally all this is, a way to defend an ongoing revenue stream. Any arguments other than that make no sense.

If you can, please consider testifying in person: The lobbyists have seemingly infinite time and access to these legislators, and have been steamrolling the entire process through, using ridiculous lies and arguments that make no sense to anyone with background as a practitioner.

we want to focus on three core messages:

If you can share your personal background and experience and speak to how limiting access to repair tools will not make products safer would be great. You don't need to be a Colorado resident, or even based in the US.

Here's how you do it:
sign up to testify here: https://sites.coleg.gov/public-testimony/sign-up-to-testify/step-1

• Search for SB26-090
• Select the bill when it pops up
• Fill in your details including whether you are testifying in-person or remotely. Please select "Oppose" for your position.
• Enter your information
• Show up and, when called, give your two (or three, depending on how many/few sign up) minutes of testimony, and be prepared to answer questions

The people pushing this bill are counting on the fact that this is happening in the middle of a workday, when we're all trying to wreck hackers. But this is a case where we, as a community, need to stand up for what's right. Not doing so will make all of our jobs harder in the future. I hope to see you there.

#COpolitics #RightToRepair #activism #hackers #cybersecurity #cybersicherheit #cyberseguridad

Un cyberteatro de $15 millones en Grinex, plataforma de intercambio de criptomonedas con vínculos a las redes financieras rusas. Un gran golpe que ha dejado a sus usuarios sin sus activos. ¿Qué medidas tomará la autoridad para proteger a las víctimas? #fintech #neobancos #cyberseguridad

https://www.crowdfundinsider.com/2026/04/273911-sanctioned-crypto-platform-grinex-hit-by-15-million-cyber-theft-with-ties-to-kyrgyz-exchange-tokenspot/

📣 Post importante, se agradece compartir.

Para mí final de la materia de Diseño Instruccional tenemos que hacer una planeación de un tema para un curso.Mi equipo decidió retomar lo ya investigado en un trabajo anterior sobre Seguridad informática a nivel usuario doméstico sin embargo la información que tenemos no es la suficiente para un curso y parte del trabajo require el involucramiento de expertos temáticos.

Por ello me gustaría una segunda opinión de parte de expertos en el tema para saber qué temas y conceptos son necesarios tocar.

Los tres temas que decidió el equipo fueron:

• Introducción a la seguirudad en línea
• Seguirudad en redes sociales
• Protección de datos en menores de edad

Me gustaría tener sus aportes para poder ir encaminando la investigación y ya nosotros hacer el guión instruccional con base en la info específica a buscar.

#askfedi #tecnologiaeducativa #cyberseguridad #educación

Acabo de terminar una presentación para mis empleadores que estoy orgulloso y todo :D

#Cyberseguridad #SiguenBuscandoProyectoPaMi #PeroNoSabenVenderme #AVerSiEstoMasElCVMasLaCartaDeRecomendacionEstelarDeMiAntiguoJefeAyudan

Antes de la Arquitectura del Caos, toca desinfectar. En el LAB 07 aplicamos el Protocolo Fantasma: cifrado GnuPG, tuneles SSH y borrado forense real. Si no sobreescribes el disco, tu rastro sigue vivo. Hoy limpiamos el nodo.

#cyberseguridad #privacidad #criptografia #hackingetico #seguridadigital

http://anonimageek.com/2026/03/25/lab-07-protocolo-fantasma-cifrado-desinfeccion-forense/

Los hackers ya usan IA para atacar empresas pequeñas a escala industrial. Mastercard y Cloudflare acaban de aliarse para cambiar eso: combinan inteligencia de amenazas con seguridad de aplicaciones en una sola herramienta. Detección, calificación y bloqueo automático. Sin excusas de presupuesto.

#cloudflare #mastercard #hackers #cyberseguridad