EN / ES

Insights

Insights desde la primera línea de la ciberdefensa

Investigación, notas de ingeniería de detección y lecciones de respuesta a incidentes.

Habla con nuestros expertos

2 Dec 2025

Hidden Google Play Adware Drains Devices and Disrupts Millions of Users

A major Android adware operation, now known asGhostAd, has been uncovered after spreading quietly through Google Play and affecting millions of users across East and Southeast Asia. Although the apps involved appeared benign at first glance, they concealed aggressive advertising engines that ran continuously in the background, degrading device performance, draining batteries, and causing widespread frustration for victims. The scale of this campaign, combined with the sophistication of its persistence mechanisms, marks it as one of the more impactful adware incidents seen on the platform in recent years.

Read article

13 Oct 2025

Why OWASP Matters: The Cornerstone of Modern Web Application Security

In today’s digital landscape, web applications are the backbone of business operations, customer engagement, and data exchange. However, with this reliance comes increased risk. Cyber threats targeting web applications are more sophisticated and frequent than ever. From data breaches to ransomware attacks, organizations face mounting pressure to secure their digital assets.

Read article

3 Oct 2025

What is a VPN? A Beginner’s Guide to Online Privacy

In today’s digital world, online privacy and security have never been more important. Whether you’re browsing at home, working remotely, or connecting to free Wi-Fi at a café, your data can be exposed to hackers, advertisers, and even your internet service provider (ISP). This is where aVPN (Virtual Private Network)comes in.

Read article

24 Sep 2025

IRPs in Action: How Tabletop Exercises Prepare Your Team for Real Threats

AnIncident Response (IR) tabletop exerciseis a discussion-based simulation where team members walk through a hypothetical cybersecurity incident. Unlike full-scale drills, tabletop exercises do not require actual system disruption. Instead, they focus on evaluating how your team responds to scenarios such as data breaches, ransomware attacks, or insider threats.

Read article

8 Sep 2025

Shadow IT Risks

Shadow IT refers to the use of applications, devices, or services within an organization without approval from the IT department. Employees often download apps or sign up for cloud services on their own to get work done faster. While this may seem harmless, Shadow IT bypasses official security measures and can expose sensitive business data.

Read article

29 Aug 2025

Deepfakes as a Security Threat

Artificial intelligence has brought us incredible tools, from voice assistants to realistic image generators. But alongside the positive uses, one of the most concerning byproducts is the rise of deepfakes. What started as a novelty on the internet has quickly grown into a serious cybersecurity and societal threat.

Read article

18 Aug 2025

New MadeYouReset HTTP/2 Vulnerability

A critical vulnerability in the HTTP/2 protocol, known as MadeYouReset (CVE-2025-8671), has been discovered by researchers at Tel Aviv University. This flaw allows attackers to launch denial-of-service (DDoS) attacks without violating the protocol specifications. Although no live attacks exploiting this vulnerability have been observed, its potential to cause significant disruptions is concerning.

Read article

17 Aug 2025

Crypto24 Ransomware Group – EDR Bypass

Organizations across multiple sectors are grappling with attacks from theCrypto24 ransomware group, known for their sophisticated stealth techniques and EDR evasion. First observed in September 2024, Crypto24 has been leveraging legitimate Windows tools combined with custom malware to bypass security defenses and escalate privileges.Trend MicroandBleepingComputerconfirm that large-scale campaigns have already targeted financial, healthcare, and logistics networks.

Read article