Bernardo Rodríguez

Comparto mi TFM, "La estabilidad en la región MENA horizonte temporal 2030": academia.edu/41743302/LA_ES… vía @academia

@_0b1d1 PDF

@_0b1d1 PDF

📘 Wireless Reconnaissance in Penetration Testing Understanding wireless exposure to strengthen defenses A concise guide on identifying and assessing wireless environments during authorized security testing, focused on risk awareness and defensive improvement. 💌 Comment PDF

@_0b1d1 PDF

Huntress researchers Anna Pham (@RussianPanda9xx) & Ben Folland detail a multi-stage malware execution chain, originating from a ClickFix lure, that leads to the delivery of infostealing malware, including LummaC2 & Rhadamanthys. huntress.com/blog/clickfix-…

Shai-Hulud 2.0: A new npm-focused campaign is significantly wider in scope than its previous iteration, affecting tens of thousands of GitHub repositories. Read our updated report: bit.ly/4pHJOng

#Desinformación Cómo detectar noticias falsas #FakeNews Vía ➡️@Europarl_ES

Caída mundial de Amazon Web Services: está provocando fallos en diferentes plataformas Servicios afectados: Amazon, Alexa, PrimeVideo, Perplexity, Canva, Duolingo. Además, de otras redes como Snapchat y videojuegos como Fortnite, Clash Royale o Roblox downdetector.es/problemas/aws-…

Someone said GLOBAL AWS OUTAGE? Because it seems like everything is down. Major AWS outage disrupts several services like Amazon, Alexa, Snapchat, Fortnite, Perplexity, Airtable, MyFitnessPal, Canva, and McDonald's app due to high error rates and latencies. AWS is investigating; no confirmed cause or resolution timeline. Video taken by @Pirat_Nation

We identified a malvertising campaign targeting users searching for legitimate software, leading to the download of a trojanized WinSCP installer that deployed Broomstick/OysterLoader. All files involved in the initial access phase were signed with valid certificates.

Regarding F5 network compromise (see my.f5.com/manage/s/artic…): We are sharing daily IP data on F5 exposures in our Device Identification report shadowserver.org/what-we-do/net… (device_vendor set to F5). ~269K IPs seen daily, nearly half in US. Geo breakdown: dashboard.shadowserver.org/statistics/iot…

🚨 A self-replicating worm known as Shai-Hulud has compromised over 500 packages in the world’s largest JavaScript registry npm—causing widespread supply chain issues. Review detection and remediation recommendations in our alert 👉 go.dhs.gov/iAY

Healthcare is a top five most targeted industry in M-Trends 2025. In our latest blog post, Mandiant Red Team shares key observations on how attackers exploit healthcare systems. Read more ➡️ goo.gle/46yHplQ

ByteCaster 🔥 – my new tool for payload encryption, obfuscation, and conversion to byte arrays. github.com/Print3M/ByteCa… - 14 output formats: C, Rust, C#, Nim, Go... - AES-256, RC4, XOR supported - IPv4Fuscation, MACFuscation, base64/32 #malware #redteam #security #infosec

We can exploit the #securityvulnerability of Windows Error Reporting to put EDRs and #antimalware into a coma-like state. By using the EDR-Freeze #redteam tool: Github: TwoSevenOneT/EDR-Freeze

"On the eleventh day, the threat actor began a ransomware deployment. This final stage included the preparatory steps to deploy across the network. The process started with the execution of a batch script named SETUP.bat, which created a staging file share..."

A cyberattack at a provider of check-in and boarding systems disrupted operations at several major European airports, including Berlin Airport. A European Commission spokesperson said the origin of the incident was still under investigation. dw.com/en/airports-ac…

NEW THREAT REPORT 🚨 We're tracking the spread of a new malware loader we have named “CountLoader,” that is strongly associated with Russian ransomware gangs. 🇷🇺 Read: hubs.ly/Q03JNJMJ0 #countloader #threat #russia #ukraine #cybersecurity #ransomware

🚨A casino suffered a cyberattack through a smart aquarium installed inside its facilities. bitlifemedia.com/2025/09/casino… Attackers exploited a vulnerability in the aquarium’s internet-connected thermostat, which was originally designed to regulate water temperature and salinity. From this entry point, they moved laterally into the casino’s internal network and exfiltrated around 10 GB of data, believed to include customer records. Citing @mikko's book: If it's smart, it's vulnerable.

Fileless attacks are the new norm. 👻 Traditional security misses them because there's no malware to detect. Our new blog explains how attackers abuse the Windows Service Control Manager & how Trellix NDR catches what others can't. bit.ly/3HQdQUN

Zscaler ThreatLabz has published a new technical analysis of the North Korean-aligned threat group APT37 and their evolving TTPs. The analysis covers the group’s latest tooling, including a new Rust-based backdoor we named Rustonotto, alongside Chinotto and FadeStealer. ThreatLabz also uncovered that all three tools are managed via a single command-and-control (C2) server. Read our technical analysis here: zscaler.com/blogs/security…