Cybersecurity Highlights

This section registers the most relevant incidents or public events related to the cybersecurity and information and communication technologies (ICT), in a way that a chronological history of them is available, together with their main links, references and information sources.

Post related to: Microsoft

End of support for Windows 7 and 8.1

On 10 January 2023, security and technical support for Windows 7 Extended Security Update (ESU) and 8.1 came to an end. In both cases, support officially ended 3 years ago, but Microsoft decided to...

References:

support.microsoft.com

theverge.com

muycomputerpro.com

Tags:

Microsoft

Windows

Chilean government's CSIRT reports ransomware attack on SERNAC

The Chilean government's Computer Security Incident Response Team (CSIRT) reported in different announcements that the Chilean National Consumer Service (SERNAC) has been affected by a...

References:

csirt.gob.cl

welivesecurity.com

bleepingcomputer.com

therecord.media

eldiariosantiago.cl

Tags:

Public administration

Microsoft dismantles Russian Strontium cyberattacks against Ukraine

Microsoft has successfully dismantled, according to its blog, a series of cyber attacks targeting Ukrainian entities by Strontium, a group of cybercriminals who have been attributed with a direct...

References:

blogs.microsoft.com

genbeta.com

global.techradar.com

elespanol.com

iproup.com

cnnespanol.cnn.com

Tags:

Other critical infrastructures

Microsoft reports cybersecurity incident

Microsoft has published an official post in response to the news related to the alleged cyberattack perpetrated by the LAPSUS$ ransomware group, which would have resulted in the obtaining of the...

References:

microsoft.com

techmonitor.ai

hipertextual.com

es.gizmodo.com

cyberkendra.com

xataka.com

Tags:

Microsoft mitigates one of the largest DDoS attacks in history

The company reported an attack last November against a customer in Asia, reaching 3.47 terabits per second from 10,000 sources in 10 different countries around the world."We believe this is the...

References:

microsoft.com

bleepingcomputer.com

computerhoy.com

genbeta.com

Tags:

Microsoft Power Apps put the confidentiality of millions of data at risk

UpGuard researchers have reported a vulnerability that affects Microsoft Power Apps, related to a configuration flaw in ODdata API, which could have exposed online more than 38 million of sensitive...

References:

upguard.com

docs.microsoft.com

unaaldia.hispasec.com

zdnet.com

thehackernews.com

Tags:

Public administration

Vulnerability

Microsoft warns that government-backed cybercriminals gained access to email systems

The Microsoft Threat Intelligence Center (MSTIC) has reported multiple 0-day exploits used by a Chinese state-sponsored threat actor to attack local versions of Microsoft Exchange Server in a...

References:

blogs.microsoft.com

microsoft.com

bleepingcomputer.com

20minutos.es

Tags:

Other critical infrastructures

Vulnerability

Windows

Campaign targeting cybersecurity researchers detected

Google has identified an ongoing campaign targeting cybersecurity researchers working on study of vulnerabilities across multiple companies and organizations, suspected to be perpetrated by an...

References:

blog.google

bleepingcomputer.com

zdnet.com

unaaldia.hispasec.com

microsoft.com

blog.google

Tags:

Malwarebytes, another victim of SolarWinds security incident perpetrators

Malwarebytes, the popular cybersecurity services company, has confirmed that it has suffered a cyberattack by the same threat actors that caused the security incidents stemming from the SolarWinds...

References:

blog.malwarebytes.com

bleepingcomputer.com

infosecurity-magazine.com

unaaldia.hispasec.com

Tags:

A threat actor commits a Mimecast certificate

The email management software provider, Mimecast, has reported that one of its issued certificates, intended to authenticate its Mimecast Sync and Recover, Continuity Monitor and IEP (Internal...

References:

mimecast.com

sec.gov

bleepingcomputer.com

zdnet.com

threatpost.com

blogs.masterhacks.net

mimecast.com

Tags:

Corporate access

Cybersecurity Highlights

End of support for Windows 7 and 8.1

Chilean government's CSIRT reports ransomware attack on SERNAC

Microsoft dismantles Russian Strontium cyberattacks against Ukraine

Microsoft reports cybersecurity incident

Microsoft mitigates one of the largest DDoS attacks in history

Microsoft Power Apps put the confidentiality of millions of data at risk

Microsoft warns that government-backed cybercriminals gained access to email systems

Campaign targeting cybersecurity researchers detected

Malwarebytes, another victim of SolarWinds security incident perpetrators

A threat actor commits a Mimecast certificate

Pages