Informática Forense
33.2K views | +3 today
Follow
 
Scooped by Javier Pagès López
onto Informática Forense
Scoop.it!

menores.osi.es | Campaña de concienciación de seguridad entre los menores

menores.osi.es | Campaña de concienciación de seguridad entre los menores | Informática Forense | Scoop.it

Iniciativa puesta en marcha por la «Oficina de Seguridad del Internauta» con el firme objetivo de fomentar la cultura de la seguridad en Internet entre los más pequeños.


Participa con tu cole en nuestro nuevo concurso: "¡Cuéntame qué sabes sobre Seguridad en Internet!"
- Modalidad dibujo. Dirigido a alumnos de primero, segundo y tercero de primaria
- Modalidad relato. Dirigido a alumnos de cuarto, quinto y sexto de primaria

more...
No comment yet.
Informática Forense
Todo sobre las evidencias informáticas, lucha contra la ciberdelincuencia, seguridad informática, etc.
Your new post is loading...
Your new post is loading...
Scooped by Javier Pagès López
Scoop.it!

Seguridad informática para los Asociados de AEMME

Seguridad informática para los Asociados de AEMME | Informática Forense | Scoop.it
KIT BÁSICO DE CIBERSEGURIDAD PARA MICROEMPRESAS 
Los principales problemas de ciberseguridad a los que se enfrenta una Microempresa son:

 la pérdida de la confianza de sus clientes
el robo de su información confidencial, que además puede conllevar consecuencias legales.

Informática Forense® pone a su disposición un equipo humano con gran experiencia para ayudarle en la consecución de sus objetivos de crecimiento, tanto a nivel económico como de satisfacción, al reducir al mínimo los riesgos informáticos y mitigar los posibles daños asociados.

Para ello hemos creado un KIT Básico de Seguridad ajustado a las necesidades de las Microempresas, completo, sencillo y económico, que incluye:



* Auditoría de CiberSeguridad: Es un análisis de su situación actual respecto a ciberseguridad, que le permite mejorar su estado conforme a sus necesidades. Se entregará un informe de las vulnerabilidades y amenazas detectadas, indicando recomendaciones para mitigarlas.

* Revisión del estado de cumplimiento de normativas y obligaciones legales: En el caso de comercio electrónico se puede ampliar con revisión PCI.

* Formación y concienciación del personal: Evita malas prácticas, elimina riesgos por desconocimiento (ejemplo engaños por ingeniería social), incrementa la responsabilidad del empleado y mejora el buen uso de todos los recursos de la empresa.

* Servicios de vigilancia de ciberseguridad (SOC): Equivalente a una central de alarmas. Desde nuestro Centro de Operaciones de Seguridad (SOC) controlamos las incidencias de nuestros clientes gestionando los avisos y alertas de la manera más eficaz. Vigilamos su infraestructura informática sin que usted tenga que dedicar personal interno.

OFERTA: Desde 39€ mes por equipo
Ponte en contacto con nosotros para ampliar la información
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Student Hacker Faces 10 Years in Prison For Spyware That Hit 16,000 Computers

Student Hacker Faces 10 Years in Prison For Spyware That Hit 16,000 Computers | Informática Forense | Scoop.it
A 21-year-old from Virginia plead guilty to writing and selling a keylogger used to spy on more than 16,000 victims. Zachary Shames, from Great Falls, Virginia, wrote a keylogger, malware designed to record every keystroke on a computer, and sold it to more than 3,000 people who infected more than 16,000 victims with it, according to a press release from the U.S. Department of Justice.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

El «e-voto», el reto pendiente de la ciberseguridad

El «e-voto», el reto pendiente de la ciberseguridad | Informática Forense | Scoop.it

España fue pionera al ensayarlo en 2004 y hoy es la apuesta para el voto rogado. El "escándalo Trump" dispara las dudas


Tras el escándalo, Washington ha declarado esta semana los diversos sistemas de votación como «infraestructura crítica», lo que lleva implícito el reconocimiento de que hay por delante un verdadero reto de ciberseguridad nacional. El miedo puede cundir y revertir iniciativas de digitalización de comicios en todo el mundo. No sería la primera vez: Holanda volvió a las papeletas en 2008 tras haber detectado dos años atrás fallos en unas generales.

more...
No comment yet.
Rescooped by Javier Pagès López from SME Cyber Security
Scoop.it!

Microsoft slates end to security bulletins in February - Digital Review

Microsoft slates end to security bulletins in February - Digital Review | Informática Forense | Scoop.it
Microsoft’s venerable “Security Bulletins” portal, which lists monthly software patch releases, will get replaced next month as Microsoft goes live with its new “Security Updates Guide” portal. Microsoft next month will stop issuing detailed security bulletins, which for nearly 20 years have provided individual users and IT professionals information about vulnerabilities and their patches. ONE …
Via Roger Smith
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

We Built a Fake Web Toaster, and It Was Hacked in an Hour

We built a fake web toaster, and it was compromised in an hour.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

What happens when a power plant comes under cyber attack?

What happens when a power plant comes under cyber attack? | Informática Forense | Scoop.it
On December 23rd 2015, Prykarpattyaoblenergo Power Plant in the Ukrainian town of Ivano-Frankivsk came under cyber attack that experts believe was wel
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Dos piratas informáticos espiaron a Renzi, Draghi y Monti

Dos piratas informáticos espiaron a Renzi, Draghi y Monti | Informática Forense | Scoop.it
Desmantelada en Italia una red que robó datos reservados con riesgo para la seguridad nacional. Los hermanos Giulio y Francesca Maria Occhionero han sido detenidos
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Alexa a Witness to Murder? Prosecutors Seek Amazon Echo Data

Alexa a Witness to Murder? Prosecutors Seek Amazon Echo Data | Informática Forense | Scoop.it
Little Rock, Ark. (AP) -- Authorities investigating the death of an Arkansas man whose body was found in a hot tub want to expand the probe to include a new kind of evidence: any comments overheard by the suspect's Amazon Echo smart speaker.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Kaspersky Lab encuentra una manera de desbloquear los archivos cifrados con el 'ransomware' CryptXXX

Kaspersky Lab encuentra una manera de desbloquear los archivos cifrados con el 'ransomware' CryptXXX | Informática Forense | Scoop.it
Después de lanzar herramientas de descifrado para dos variantes del ransomware CryptXXX en abril y mayo de 2016, Kaspersky Lab ha lanzado un nuev
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Ukraine investigates possible new cyber attack on energy grid - Archer Security Group

Ukraine investigates possible new cyber attack on energy grid - Archer Security Group | Informática Forense | Scoop.it

You could be affected even if hackers are not to blame for the blackout. 

It was just about midnight on December 17 in Kiev, Ukraine. Suddenly, the lights in an area to the north went out. 

“The city looked eerie and romantic at the same time,” wrote Yury Urbansky on Facebook.

Workers got the power back on, but a question hangs in the chill air. Could this be—once again—a cyber attack that shut down electricity to people in Ukraine, just like December of 2015?

It is too soon to tell, cybersecurity experts say. Many things can cause an outage. But they are watching.

“If the Ukrenergo transmission substation outage root cause is from a cyber attack, this would be very upsetting news,” tweeted Chris Sistrunk with cybersecurity firm Mandiant, a FireEye company.

“If true, this attack not only represents further ratcheting of escalation in a very troubled part of the world but may also represent a sign of things to come as adversaries pursue ever increasing means and willingness to cause damage using cyber means,” wrote Michael Assante of the SANS Institute in a post.


The cause of the blackout may be “external interference through data network,” the head of Ukraine’s state-run power company, Ukrenergo, said in a Facebook post. “We apologize to everyone who was left without electricity last night because of these events,” said Vsevolod Kovalchuk in the post about the issue at the ‘North’ substation in New Petrivtsi. 


 The outage equaled about 20% of Kiev’s nighttime energy consumption, Kovalchuk told Reuters.

more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

EEUU te pedirá tu Facebook y Twitter para entrar al país

EEUU te pedirá tu Facebook y Twitter para entrar al país | Informática Forense | Scoop.it
Estados Unidos refuerza su seguridad ante la amenaza terrorista pidiendo a los turistas que les faciliten sus redes sociales.
more...
No comment yet.
Rescooped by Javier Pagès López from Cybersafe
Scoop.it!

Hackers, los «cibersoldados» de una nueva Guerra Fría

Hackers, los «cibersoldados» de una nueva Guerra Fría | Informática Forense | Scoop.it
El FBI y la CIA señalan a The Dukes, un grupo que trabajaría para Rusia y que habría atacado en los últimos años a organismos de EE.UU., Ucrania, Reino Unido, Francia y la OTAN

Via Ángel G. de Ágreda
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

The Biggest Security Threats Coming in 2017

The Biggest Security Threats Coming in 2017 | Informática Forense | Scoop.it
This year was a busy one for security and hackers. We expect more of the same in 2017, with a few new twists.
more...
No comment yet.
Rescooped by Javier Pagès López from Informática "Made In Spain"
Scoop.it!

Herramientas

Herramientas | Informática Forense | Scoop.it

Las redes sociales son una fuente de información imprescindible en procesos de investigación con distintos propósitos. Entre estas redes, Twitter destaca por la actividad de sus usuarios dada la facilidad de uso y su simplicidad. En muchas ocasiones, los usuarios no son conscientes de todos los datos que facilitamos (directa o indirectamente) y del uso que podría realizar un tercero de la información que publicamos.


Con idea de disponer de una herramienta OSINT (Open-Source INTelligence) que permita automatizar la extracción de información en Twitter y facilitar el análisis posterior para la generación de inteligencia, Vicente Aguilera Díaz ha desarrollado la herramienta Tinfoleak.

more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Hacker Steals 900 GB of Cellebrite Data

Hacker Steals 900 GB of Cellebrite Data | Informática Forense | Scoop.it
A hacker provided Motherboard with a large cache of customer information, databases, and more.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Peligro para clientes de bancos españoles por un ransomware en móviles Android. Noticias de Tecnología

Peligro para clientes de bancos españoles por un ransomware en móviles Android. Noticias de Tecnología | Informática Forense | Scoop.it
Era cuestión de tiempo y, lamentablemente, ya está aquí: el primer virus que cifra fotos, música y vídeos de nuestros teléfonos Android, para pedirnos un rescate. Es decir, 'ransomware' avanzado en el móvil. Desde Rusia llega escondido dentro de un veterano troyano bancario presente en medio mundo pero, de momento, no visto en España. Entre las decenas de miles de entidades bancarias que ataca, están el BBVA, Banco Santander, Sabadell o Ibercaja.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

New defense authorization bill prepares Marines for cyberwar

New defense authorization bill prepares Marines for cyberwar | Informática Forense | Scoop.it
The Senate passed the 2017 National Defense Authorization Act Thursday, and delivered it to President Barack Obama to sign. Marine Commandant Robert Neller said just prior to the vote that the bill, which strengthens front-end ground troop levels, would allow the Marines to devote more human resources to cyber, information operations, intelligence analysis, and electronic warfare capabilities.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

El gran fallo de Chrome por el que los «hackers» pueden acceder a tus tarjetas de crédito

El gran fallo de Chrome por el que los «hackers» pueden acceder a tus tarjetas de crédito | Informática Forense | Scoop.it
El navegador Safari de Apple y Opera tienen también este error de seguridad por culpa de la función de autocompletar
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Los dispositivos inteligentes que siguieron las órdenes de un presentador

Los dispositivos inteligentes que siguieron las órdenes de un presentador | Informática Forense | Scoop.it
Varios aparatos Echo de Amazon piden masivamente casas de muñecas al escuchar al locutor de un telediario
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

The FBI says the Democratic Party wouldn’t let agents see the hacked email servers

The FBI says the Democratic Party wouldn’t let agents see the hacked email servers | Informática Forense | Scoop.it

A confusing situation just got even more complicated.


In a statement to WIRED, a senior FBI law enforcement official wrote in an email Thursday that “The FBI repeatedly stressed to DNC officials the necessity of obtaining direct access to servers and data, only to be rebuffed until well after the initial compromise had been mitigated.” This contrasts with what DNC deputy communications director Eric Walker told Buzzfeed in an email: “The DNC had several meetings with representatives of the FBI’s Cyber Division and its Washington (DC) Field Office, the Department of Justice’s National Security Division, and U.S. Attorney’s Offices, and it responded to a variety of requests for cooperation, but the FBI never requested access to the DNC’s computer servers.”

more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Smart Water Meter Data Considered Evidence In Murder Case

Smart Water Meter Data Considered Evidence In Murder Case | Informática Forense | Scoop.it
Smart water meter data was used as evidence in a recent murder investigation in Arkansas, and the case has privacy advocates sounding alarm bells.
more...
No comment yet.
Rescooped by Javier Pagès López from Cybersafe
Scoop.it!

Así funciona la ciberdelincuencia, el negocio ilícito más lucrativo

Así funciona la ciberdelincuencia, el negocio ilícito más lucrativo | Informática Forense | Scoop.it
No por ser una amenaza silenciosa resulta menos dañina. Los hábitos de vida se trasladan al ciberespacio; es el paradigma de la transformación digital. Pero este cambio implica nue

Via Ángel G. de Ágreda
Javier Pagès López's insight:
El grueso de las imputaciones y detenciones de 2015 por cibercriminalidad en España recayó sobre ciudadanos españoles (el 86% de los 4.667 responsables). El 45% de los imputados (2.397) tiene una horquilla de edad de entre 26 y 40 años. Esto se debe a que resulta más fácil detener a ciudadanos españoles en casos de fraude que a bandas organizadas a nivel internacional que lanzan ataques desde paraísos informáticos.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Hackers could turn your smart meter into a bomb and blow your family to smithereens – new claim

Hackers could turn your smart meter into a bomb and blow your family to smithereens – new claim | Informática Forense | Scoop.it

Smart meters are "dangerously insecure," according to researcher Netanel Rubin – who claimed the gear uses weak encryption, relies on easily pwned protocols, and can be programmed to explode.


The software vulnerability hunter derided global efforts to roll out the meters as reckless, saying the "dangerous" devices are a risk to all connected smart home devices.


Smart meters can communicate with networked devices inside homes, such as air conditioners, fridges, and the like. A hacker who could infiltrate the internet-connected meters could control those gadgets and appliances and potentially unlock doors.


While the physical security of the meter is typically strong, hackers still have plenty of wireless vectors to attack and exploit to compromise the equipment, he argued.


Rubin listed smart meters' use of Zigbee and GSM protocols, often left insecure and unencrypted, or at best secured with a GPRS A5 algorithm that is known to be broken for more than five years. Attackers can also wirelessly force all units in an area to connect to malicious base stations using their hardcoded login credentials. This access grants miscreants direct access to the smart meter firmware for deep exploitation.


"All meters of the same utility use the same APN credentials," Rubin told the applauding audience. "One key to rule them all."


Worse, Rubin found smart meters that hand over critical network keys when communicating with home devices without checking if the gadgets should be trusted. This opens an avenue for criminals to set up equipment that masquerades as home devices, steals the keys, and impersonates meters.


"You can communicate with and control any device in the house from way across the street, open up locks, cause a short in the electricity system, whatever we want to do. A simple segmentation fault is enough to crash the meter, causing a blackout at the premises," Rubin said.


"The entirety of the electricity grid, your home, your city, and everything in between will be in control of your energy utility, and that's a bit scary," he said.


The European Union wants to replace more than 70 percent of electricity meters with smart versions at a cost of €45 billion. There are already some 100 million meters installed globally.


Rubin expects a sharp increase in hacking attempts, and called on utility companies to "step up." He said he will release an open-source fuzzing tool to help security researchers test their own meters. "Reclaim your home, before someone else does," he said.

more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

La estafa de la moneda virtual española alcanza a 78 países

La estafa de la moneda virtual española alcanza a 78 países | Informática Forense | Scoop.it

La divisa inventada por el valenciano Ramírez Marco atrapó a inversores de Azerbaiyán, Burkina Faso y Japón


La trama del unete estalló en junio de 2015 después de que un antiguo trabajador de Ramírez, el informático boliviano Javier Adrián Trigo Caña, -hoy testigo- decidiera colaborar con los investigadores españoles y entregara documentación de los servidores de la compañía. Su iniciativa dinamitó una presunta red internacional pilotada por un hombre que fabulaba entre sus allegados con crear un banco y una ciudad, Unetecity.

more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

How to remove ransomware from your LG Smart TV

How to remove ransomware from your LG Smart TV | Informática Forense | Scoop.it
A software engineer has freed a smart TV of a ransomware infection by using closely guarded factory reset instructions.
more...
No comment yet.
Scooped by Javier Pagès López
Scoop.it!

Security Think Tank: Cyber security must be recognised as a fundamental component of business

Security Think Tank: Cyber security must be recognised as a fundamental component of business | Informática Forense | Scoop.it

How can information security professionals help organisations to understand the cyber risks across increasingly digital businesses?


This means communicating information risk as a business risk, and information security professionals can help in these ways:


1. Information security professionals need to look at information risk as more than a technical issue. It must be assessed within its implications for customer service, PR and business reputation. These risks must be communicated in a way that clearly explains the potential harm to the business should a malicious or accidental incident occur. The risk treatments that can be put in place given the resources – and the residual risk to the business – must be clearly stated and updated as the business changes.


2. There needs to be a dialogue between business leaders, IT and information security around information risk. Business leaders should regularly and actively challenge IT and information security leaders on information risk and its business impacts, and not just accept that technology can solve the problem. This is a two-way street. As much as information security leaders can push this dialogue, business leaders must provide the time to listen, comprehend and discuss.


3. Information security professionals need to help business leaders deepen their understanding of information risk, and where new vulnerabilities arise as organisations change the way they operate and become more technology-dependent. Information risk must be thought of in the same bracket as governance.


4. Organisations should examine how to include information security requirements from idea through to design, development, engineering, testing and production of any product or service that is built, produced or bought by the business. This “security by design” approach is cheaper and more effective than adding security as an afterthought once the product is on the market and problems arise.

more...
No comment yet.