{"id":6127,"date":"2022-09-02T16:17:59","date_gmt":"2022-09-02T21:17:59","guid":{"rendered":"https:\/\/etek.com\/es\/?p=6127"},"modified":"2022-09-02T16:17:59","modified_gmt":"2022-09-02T21:17:59","slug":"cisco-atacado-por-grupo-de-ransomware-yanluowang","status":"publish","type":"post","link":"https:\/\/etek.com\/es\/cisco-atacado-por-grupo-de-ransomware-yanluowang\/","title":{"rendered":"Cisco atacado por grupo de ransomware Yanluowang"},"content":{"rendered":"\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"6127\" class=\"elementor elementor-6127\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-51ab463c elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"51ab463c\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-64bb6201\" data-id=\"64bb6201\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-18fc942b elementor-widget elementor-widget-text-editor\" data-id=\"18fc942b\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 13-03-2024 *\/\n.elementor-widget-text-editor.elementor-drop-cap-view-stacked .elementor-drop-cap{background-color:#69727d;color:#fff}.elementor-widget-text-editor.elementor-drop-cap-view-framed .elementor-drop-cap{color:#69727d;border:3px solid;background-color:transparent}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap{margin-top:8px}.elementor-widget-text-editor:not(.elementor-drop-cap-view-default) .elementor-drop-cap-letter{width:1em;height:1em}.elementor-widget-text-editor .elementor-drop-cap{float:left;text-align:center;line-height:1;font-size:50px}.elementor-widget-text-editor .elementor-drop-cap-letter{display:inline-block}<\/style>\t\t\t\t<!-- wp:paragraph -->\n<p>Escrito por: Johan Cifuentes- Cyber Security Engineer<\/p>\n<!-- \/wp:paragraph -->\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b2d6886 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b2d6886\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-ad42ea7\" data-id=\"ad42ea7\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-b1bc39a elementor-widget elementor-widget-image\" data-id=\"b1bc39a\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<style>\/*! elementor - v3.20.0 - 13-03-2024 *\/\n.elementor-widget-image{text-align:center}.elementor-widget-image a{display:inline-block}.elementor-widget-image a img[src$=\".svg\"]{width:48px}.elementor-widget-image img{vertical-align:middle;display:inline-block}<\/style>\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/etek.com\/es\/wp-content\/uploads\/2022\/09\/cisco.jpg\" title=\"\" alt=\"\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-cf194ba\" data-id=\"cf194ba\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-c34adb7 elementor-widget elementor-widget-text-editor\" data-id=\"c34adb7\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Cisco inform\u00f3 que el grupo de ransomware denominado Yanluowang comprometi\u00f3 su red interna y amenaz\u00f3 con filtrar archivos robados el pasado mes de mayo.<\/p>\n<p>Los atacantes enga\u00f1aron a un empleado de la compa\u00f1\u00eda convenci\u00e9ndolo de aceptar notificaciones autom\u00e1ticas de autenticaci\u00f3n multifactor (MFA) haci\u00e9ndose pasar por organizaciones de soporte confiables; una vez lograron secuestrar la cuenta personal de Google en d\u00f3nde se almacenaban las credenciales VPN sincronizadas desde el navegador, obtuvieron acceso a la red de Cisco.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-c83d6a6 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"c83d6a6\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-20a5f78\" data-id=\"20a5f78\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-f4085c3 elementor-widget elementor-widget-text-editor\" data-id=\"f4085c3\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Cisco indic\u00f3 que si bien no se encontr\u00f3 prueba de la implementaci\u00f3n de un ransomware en el ataque; las t\u00e9cnicas, t\u00e1cticas y procedimientos utilizados fueron relacionados con actividad com\u00fanmente realizada antes de la implementaci\u00f3n de un ransomware.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-7a2bed5 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"7a2bed5\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-8e33480\" data-id=\"8e33480\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7cda222 elementor-widget elementor-widget-text-editor\" data-id=\"7cda222\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>Los atacantes afirman haber capturado 2,75 GB de datos asociados a archivos de volcados de datos, dibujos de ingenier\u00eda y acuerdos de confidencialidad. Sin embargo, cisco asegura que no se identific\u00f3 ning\u00fan impacto frente a los productos y servicios, datos confidenciales de clientes o empleados, operaciones de la cadena de suministro o propiedad intelectual.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t<div class=\"elementor-column elementor-col-50 elementor-top-column elementor-element elementor-element-e04bb82\" data-id=\"e04bb82\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-fdc384c elementor-widget elementor-widget-image\" data-id=\"fdc384c\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/etek.com\/es\/wp-content\/uploads\/2022\/09\/Archivos-robados.jpg\" title=\"\" alt=\"\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-4164ce4 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"4164ce4\" data-element_type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-ee34575\" data-id=\"ee34575\" data-element_type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-cdd364c elementor-widget elementor-widget-text-editor\" data-id=\"cdd364c\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<h5>Recomendaciones<\/h5>\n<p>Agregar los diferentes indicadores de compromiso reportados en el siguiente enlace <a href=\"https:\/\/blog.talosintelligence.com\/2022\/08\/recent-cyber-attack.html\">https:\/\/blog.talosintelligence.com\/2022\/08\/recent-cyber-attack.html<\/a> en las herramientas y dispositivos de seguridad que lo permitan.<\/p>\n<p>Fomentar campa\u00f1as de sensibilizaci\u00f3n a los usuarios con el fin de prevenir ser v\u00edctimas de las distintas.<\/p>\n<p>t\u00e9cnicas de ingenier\u00eda social.<\/p>\n<h5>Fuentes<\/h5>\n<ul>\n<li><a href=\"https:\/\/blog.talosintelligence.com\/2022\/08\/recent-cyber-attack.html\">https:\/\/blog.talosintelligence.com\/2022\/08\/recent-cyber-attack.html<\/a><\/li>\n<li><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisco-hacked-by-yanluowang-ransomware-gang-28gb-allegedly-stolen\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/cisco-hacked-by-yanluowang-ransomware-gang-28gb-allegedly-stolen\/<\/a><\/li>\n<li><a href=\"https:\/\/blog.elhacker.net\/2022\/08\/cisco-informa-de-un-incidente-de-seguridad-grupo-ransomware-Yanluowang.html\">https:\/\/blog.elhacker.net\/2022\/08\/cisco-informa-de-un-incidente-de-seguridad-grupo-ransomware-Yanluowang.html<\/a><\/li>\n<li><a href=\"https:\/\/unaaldia.hispasec.com\/2022\/08\/cisco-afectada-por-ransomware-yanluowang.html\">https:\/\/unaaldia.hispasec.com\/2022\/08\/cisco-afectada-por-ransomware-yanluowang.html<\/a><\/li>\n<\/ul>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-5fa018f elementor-widget elementor-widget-image\" data-id=\"5fa018f\" data-element_type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" src=\"https:\/\/etek.com\/es\/wp-content\/uploads\/2022\/05\/Imagen2.png\" title=\"\" alt=\"\" loading=\"lazy\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-de9cc51 elementor-widget elementor-widget-text-editor\" data-id=\"de9cc51\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p><a href=\"mailto:Info@etek.com\">Info@etek.com<\/a><\/p>\n<p><strong>Colombia&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; Per\u00fa&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<\/strong><span style=\"font-weight: 600; letter-spacing: 0px;\">India<\/span><\/p>\n<p>+57 (1) 2571520&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; +51&nbsp;(1) 6124343&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;<span style=\"letter-spacing: 0px;\">+91-9873451221<\/span><\/p>\n<p><\/p>\n<p><br><\/p>\n<p><br><\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>Escrito por: Johan Cifuentes- Cyber Security Engineer Cisco inform\u00f3 que el grupo de ransomware denominado Yanluowang comprometi\u00f3 su red interna y amenaz\u00f3 con filtrar archivos robados el pasado mes de mayo. Los atacantes enga\u00f1aron a un empleado de la compa\u00f1\u00eda convenci\u00e9ndolo de aceptar notificaciones autom\u00e1ticas de autenticaci\u00f3n multifactor (MFA) haci\u00e9ndose pasar por organizaciones de soporte [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":6128,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts\/6127"}],"collection":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/comments?post=6127"}],"version-history":[{"count":0,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/posts\/6127\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/"}],"wp:attachment":[{"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/media?parent=6127"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/categories?post=6127"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/etek.com\/es\/wp-json\/wp\/v2\/tags?post=6127"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}