Categories
Noticias Seguridad

what it is and how it can affect us

Dark Web Monitoring

The hackers they are constantly looking for ways to steal personal data from users on the network. There are many strategies that can be followed. We speak, for example, of Phishing attacks, sneaking malware onto computers, exploiting vulnerabilities …

It is true that we can make use of multiple tools with which we can protect ourselves. This is very important to keep our equipment protected and that our personal information do not leak on the internet. Yet they are constantly looking for ways to bypass all these measures.

Something that cybercriminals usually take into account is what is known as dark web monitoring. It basically consists of constantly tracking this part of the network to detect possible leaks, personal data that they have stolen, etc. Hackers can get alerts whenever something new comes along that they can leverage to achieve their goals.

However, when we talk about active monitoring of the Dark Web, we are not only referring to the negative side. In other words, not only cybercriminals carry out this action. Keep in mind that there are also ethical hackers and even security tools that can crawl this hidden part of the Internet to detect potential problems and correct them as soon as possible. A way to alert users so they know that their passwords have been leaked or that there has been some data theft.

We already know that there are tools to know if our password has been leaked on the Internet or our personal data has been compromised. This is, in part, thanks to active monitoring of the Dark Web. There are also many ways to learn ethical hacking.

Tips to prevent data from ending up on the Dark Web

We have seen what active monitoring of the Dark web, something hackers and security researchers can do for our benefit. Now we are going to give a series of essential tips to avoid being victims and that our data and personal information ends here.

Something fundamental will always be protect equipment correctly. It is very important to have security programs that can prevent the entry of intruders, that allow blocking malicious software of all kinds. We have many alternatives in this regard, but something basic is to always have a good antivirus.

It will also be very important upgrade systems and whatever program we use. On many occasions, hackers take advantage of these flaws to steal personal data that ends up on the Dark Web. We must install all the patches and updates that may be.

But if there is something that can really help, it is not make mistakes. We must never show public information on the network, such as our email when writing a comment on a public article or making mistakes when registering on platforms and using passwords. This will be key to preventing data from ending up on the Dark Web.

Categories
Noticias Seguridad

How to see if the latest threats have stolen passwords

Check if passwords have been stolen in Windows

This time it is a leakage of personal data. A new threat has managed to steal browser cookies, millions of files, emails, and login credentials. These files also included personal passwords. There have even been techniques to take screenshots when the victim logs in.

Now, what happens to all that stolen data? Cybercriminals usually steal passwords to access social networks, streaming video platforms or email. This can end in the Dark web, available to anyone who wants to pay for it.

As we can see, it is one more way to profit. At the end of the day, our personal information has a great value in the network, but even more so the access codes. Hence, we must be prepared to maintain security and not make any mistakes.

Since NordLocker indicate that today anyone can access custom malware capable of attacking other users with the aim of stealing passwords. We are no longer talking only about a specific malware that affects Windows, but also Phishing attacks or any other tool capable of collecting personal information.

One thing we can do to find out if we are victims is to quickly check if passwords have been leaked. We have the possibility to use Have i been pwned, an online platform that allows us to know if our password or e-mail address have been compromised in a security breach.

It is very useful not only for this particular case, but for any other attack that may have occurred at some point. We will be able to know if our access codes have been leaked and thus take action as soon as possible.

Tips for protecting passwords

It is very important to always create keys that are strong and complex. We should not use any password that we can easily memorize or that we are even using elsewhere. It should contain letters (uppercase and lowercase), numbers, and any other special symbols that may offer good protection.

In addition, as an additional measure we can use the two-step authentication, something that is increasingly present. This adds an extra layer of security that is very useful to protect our accounts. Basically it is a second code that we must put when logging in.

Another issue to consider is to use password managers. They will help us to create strong keys, but also to remember them in a safe place. We have many options in this regard and without a doubt it is something that comes in handy. Of course, using key managers in the browser can be dangerous.

In short, it is as important to create strong passwords as it is to periodically check if they have been leaked. We have seen what to do to easily find out if we have been victims of any of the many threats that are present.

Categories
Noticias Ofertas

Bargains on IP cameras to monitor the home on Amazon

One more day we show you some interesting network devices that we can find on offer at Amazon. A review of the best surveillance cameras for our home, as well as other equipment with which to improve wireless coverage, routers or network switches. As always, we organize them in different sections to facilitate reading. Keep in mind that many of them may have a reduced price for a certain time before returning to the original.

IP cameras on offer

First of all, we are going to show a series of surveillance cameras that can be very interesting for a private home, but also for an office or company. We are going to show the main specifications of each model and thus be able to choose better adapting to what we really want.

Dragon Touch OD10 IP Camera

  • HD 1080p recording
  • Compatible with Alexa and Google Home
  • Night vision
  • Two-way audio
  • Motion detection
  • Waterproof
  • Cloud storage
  • Sale price: 50.99 euros.

Reolink 410W IP Camera

Reolink 410W IP Camera

  • Dual band Wi-Fi camera
  • Night vision
  • Motion detection
  • HD 1440p
  • Waterproof
  • Sale price: 58.39 euros.

Topcony surveillance camera

Topcony IP Camera

  • Outdoor surveillance camera
  • 1920p recording
  • Night vision
  • Two-way audio
  • Motion detection
  • Sale price: 99.99 euros.

Imou IP Camera

Imou IP Camera

  • Indoor recording chamber
  • Records in HD 1080p
  • Privacy mode
  • Two-way audio
  • Motion detection
  • Sale price: 25.49 euros.

Yi Surveillance Camera

Yi Surveillance Camera

  • 1080p recording
  • Motion detection
  • Two-way audio
  • Night vision
  • Control via app
  • Cloud storage
  • Sale price: 21.24 euros.

Mibao Wi-Fi Camera

Mibao IP Camera

  • 1080p recording camera
  • HD night vision
  • Motion detection
  • Alert by application
  • Two-way audio
  • Sale price: 22.09 euros.

Repeaters, Wi-Fi Mesh and PLC systems on offer

It is always important to keep our network in good condition and offer wireless connectivity with good speed and quality. Now, sometimes we can have problems. We can avoid this by using certain devices that help boost the signal. Let’s see some options on offer. It is important to prevent Wi-Fi from disconnecting.

TP-Link RE330

TP-Link RE330

  • Dual band Wi-Fi repeater
  • Speed ​​up to 1200 Mbps
  • Supports up to 32 connected devices
  • Ethernet port
  • WPS button
  • Sale price: 24.99 euros.

Netgear EX6250

Netgear EX6250

  • Wi-Fi Mesh Amplifier
  • Dual band
  • Speed ​​up to 1750 Mbps
  • Universal compatibility
  • Gigabit Ethernet ports
  • Sale price: 49.99 euros.

D-Link COVR-1103

WiFi Mesh COVR-1103

  • Kit of three Wi-Fi Mesh devices
  • Speed ​​up to 1200 Mbps
  • WPA-3 encryption
  • Two Gigabit Ethernet ports each node
  • Compatible with Alexa and Google Home
  • MU-MIMO technology
  • Sale price: 84.19 euros.

Netgear Orbi RBK352

Netgear Orbi RBK352

  • Two device Wi-Fi Mesh system (router and satellite)
  • Speed ​​up to 1.8 Gbps
  • Covers an area of ​​more than 200 square meters
  • Supports more than 30 connected devices
  • Sale price: 199.99 euros.

Tenda PH6

Tenda PH6

  • Kit of two PLC devices
  • One Gigabit Ethernet port each
  • Integrated power connector
  • Plug and play
  • Energy save mode
  • Sale price: 44.99 euros.

AVM FRITZ! 1220E

AVM Frtiz!  1220E

  • Kit of two PLC devices
  • Gigabit Ethernet ports
  • Speed ​​up to 1200 Mbps
  • Integrated power connector
  • QoS traffic prioritization
  • Sale price: 90 euros.

Routers on offer

Without a doubt, a very important piece for our connections is the router. We must always have a good device capable of offering stability, quality and good speed. We are going to see some interesting offers on Amazon.

TP-Link Archer C6

  • Dual Band Wi-Fi Router
  • Speed ​​up to 1200 Mbps
  • Four external antennas
  • Four Gigabit Ethernet ports
  • MU-MIMO technology
  • Sale price: 35.99 euros.

Huawei AX3

Huawei AX3 Wi-Fi Router

  • Wi-Fi 6 router
  • Four external antennas
  • Gigabit Ethernet ports
  • Speed ​​up to 3000 Mbps
  • Supports up to 128 devices
  • Sale price: 49.90 euros.

Huawei E5576

Huawei E5576 Router

  • 4G Wi-Fi router
  • 150 Mbps download speed
  • 1,500 mAh battery with 6 hours of autonomy
  • No configuration required
  • Supports up to 16 connected devices
  • Sale price: 48 euros.

Network switches on offer

Finally, we also want to show some offers on network switches. A way to connect more equipment by cable and not run out of ports. Very useful devices for both private users as well as companies and organizations.

D-Link DGS-105

  • Network switch with five Gigabit Ethernet ports
  • Metal chassis without fan
  • QoS traffic prioritization
  • Plug and play
  • Easy installation
  • Sale price: 16.95 euros.

Netgear GS348T

Netgear GS348T

  • Network switch with 52 Gigabit Ethernet ports
  • Four SFP ports
  • Easy installation
  • Metal housing to avoid heat
  • Sale price: 247.49 euros.

From RedesZone we look for the best deals on network devices and we take a small commission in return. We do not have any agreements with brands.

Categories
Noticias Seguridad

TLS servers at risk from a new attack

ALPACA, a new attack against TLS servers

Man in the Middle or middle man attacks allow an attacker to interfere with a connection. It could read the information that is sent or received, strain data, or even modify it. For example, we can mention when a user connects to a public Wi-Fi network in a shopping center and sends information in plain text. There may be a hacker on that network collecting the data that is sent and received.

Now, there are different types of attacks. On this occasion, a group of German security researchers has discovered a new method called ALPACA. The objective is exploit TLS servers, which is the Internet standard in charge of ensuring communications between servers and clients.

What an attacker does using this method is redirect web traffic from one subdomain to another. This results in a valid TLS session, but redirects HTTPS requests from the browser.

The name ALPACA comes from Application Layer Protocol Confusion – Analyzing and mitigating Cracks in TLS Authentication. Researchers have shown that an attacker could redirect HTTPS requests from the victim’s web browser to SMTP, IMAP, POP3, and FTP servers. It could get to extract session cookies and private information, as can happen in attacks of this type. You could even arbitrarily execute JavaScript to bypass TLS and bypass web security.

Many web servers can be vulnerable

An important fact is that they found that 1.4 million web servers they could be vulnerable to these attacks between protocols. They could therefore carry out an ALPACA attack with the aim of confusing the data of the TLS application.

Although security researchers indicate that it is difficult to pinpoint exactly who could be vulnerable, they indicate that being a flaw that is within the TLS authentication of servers, anyone using this could be considerably vulnerable. However, they also ensure that for practical purposes this vulnerability can only be exploited in certain circumstances.

Something fundamental to carry out this threat is that they are going to need a Man in the Middle attacker who is active. It will be necessary to intercept and modify the data sent from the victim’s browser to the web server. This could especially happen on a local network.

To avoid this type of problem, as well as any other that may arise at any given time, it is essential that users have the latest versions of the browser and any program that connects to the network. Any vulnerability that may appear must always be corrected.

Categories
Noticias Redes

How to watch TV broadcasts and streaming without cuts or stops at home

Problems watching Internet TV or streaming video

When we have few computers connected to the home local network, watch Internet TV or stream video, as long as the TV is connected by cable, we know that everything will work correctly without any problem, however, problems come when we have dozens of connected devices consuming Internet bandwidth, because the router must handle all this traffic equally, therefore, the router will give the same priority to P2P downloads to squeeze the available bandwidth as to streaming video on TV, and this is a problem for users who are watching TV. While the downloads made do not matter if they take a few more minutes, it is critical that the bandwidth for broadcasting TV or streaming works as a priority over these downloads.

Regarding whether we connect the TV via WiFi, we must bear in mind that in WiFi wireless networks, the more computers we connect to the WiFi network simultaneously, the less bandwidth we have available for each of them due to the access protocol the shared medium CSMA / CA used in wireless networks. Although the latest standards have clearly improved this with the launch of MU-MIMO from WiFi 5, and with OFDMA from WiFi 6, today we continue to use WiFi routers with the WiFi 5 standard and even WiFi clients (TVs and other devices) do not have this technology, therefore, they will have to continue using OFDM. In addition, it is possible that we have a single router and we do not have a WiFi Mesh system in the home local network, therefore, it is possible that the TV does not achieve good coverage in the 5GHz band (where it is advisable to connect this type of device) and instead, you have to use the 2.4GHz band compulsorily.

Solutions to not have more problems

These problems that we usually find in domestic homes, we can solve them through different configurations in the router and the installation of additional equipment to improve the wireless signal. Next, we are going to make all the necessary recommendations so that the user experience when using streaming services is perfect.

Prioritize what matters on your home network

Many home routers that we buy from manufacturers such as AVM with their FRITZ! Box, ASUS, D-Link, NETGEAR and other manufacturers, have a system to prioritize the different devices on the local network over others, and we can even prioritize the content of the traffic generated by these devices. In the case of AVM, as of version 7.25 we can create a prioritization rule in the local network and in the wireless network, in this way, we can give the highest priority to our TV or device that we are using for video streaming .

Thanks to QoS (quality of service) We will be able to prioritize applications and devices, ensuring that the selected device receives the data packets first, and then the rest of the devices connected to the local network. This means that TV broadcasts, video streaming or video conferences will have the highest priority, even if we are downloading through P2P programs consuming a large Internet bandwidth.

As you can see, all manufacturers have very intuitive menus that allow us to easily prioritize the applications that we want.

If you use WiFi, 5GHz or use a WiFi Mesh

In order to achieve the best performance, it is highly recommended that you always connect video devices on the 5GHz band because they will have higher available bandwidth and less interference with neighboring networks. If you have only one router and coverage does not reach you, then our recommendation is to mount a WiFi Mesh system, or a router plus a repeater with Mesh functions, since you will not only improve the performance of the TV that performs the streaming, but also all the devices you connect to the wireless network.

Depending on the physical situation of the different devices, you can connect to one network (router) or another (WiFi repeater), to balance network traffic and not only “load” the main router with all wireless devices. In this case, manufacturers have launched specific WiFi Mesh solutions for 2, 3 and even more nodes to distribute throughout our home, manufacturers such as AVM have incorporated into their FRITZ! OS operating system the possibility of setting up a WiFi Mesh network easily. and fast using routers, WiFi repeaters and PLCs with WiFi, provided they have the latest firmware versions.

Other interesting uses of the router in terms of video

Many home routers incorporate the ability to connect a storage device via USB 3.0 Removable, the firmware of all routers incorporate a multimedia server, or also known as a DLNA server, which will allow us to play music and videos easily and quickly, in addition, we can see images, audio and video on TVs that support this standard which are all. In this way, if we have local multimedia content on the router, we will not consume Internet bandwidth.

Categories
Noticias Seguridad

how it could help our privacy

Reasons to spoof or hide the IP

Among all the options we have to improve the Privacy & Security When using devices connected to the network, one that we can highlight is to hide the IP address. By falsifying it, we can prevent our data from being leaked and made available for hackers to use it to achieve their objective.

We are going to show some main reasons why it can be interesting at any given time to spoof the IP. We have already seen previously how to hide the IP. There are very simple methods that can help us in our day to day.

Browse with greater privacy

One of the main reasons is improve privacy when browsing the Internet. Simply by visiting a web page we can show our IP, as well as information from our system. This could also end up in the wrong hands, since if we navigate through an unsafe site or one that has been attacked, they could take advantage of the situation.

Therefore, we can falsify the IP to improve our privacy on the network. It is something that users value a lot and luckily we have a wide range of possibilities to achieve it in any type of device that we use.

Avoid geographic restrictions

Another very important question is that of avoid restrictions geographic. Let’s say that for example we want to enter an online service to watch a series or movie. That platform may not be available at our location, if for example we are traveling abroad. The best way to avoid this is by modifying the IP address.

It would also serve to avoid censorship that may exist in certain territories of the world. Sometimes it may be impossible to access certain social networks or messaging applications from certain countries. We can avoid it if we falsify the IP.

Avoid attacks

Of course we can also prevent cyber attacks. If our IP address is exposed on the network, it could be used by hackers to carry out multiple attacks. This would inevitably put our safety at risk.

Avoiding attacks on the network is very important and we can make use of multiple tools. One of the options we have is to hide the IP address. For this we can make use of VPN services or browse through a proxy.

Hide physical location

Through the IP address they could obtain a wide variety of information. One of the data would be to find out which is our actual physical location. At least roughly they could know exactly where we are, beyond knowing the country or region.

Therefore, by hiding the IP address we would also be protecting our physical location. It is another reason to spoof the IP. We can easily achieve this through different methods, as we have mentioned.

In short, spoofing or hiding the IP address can be interesting for many reasons. It is important to always maintain security and privacy when we surf the net and for this we can use different programs and methods.

Categories
Noticias Seguridad

How long can it take to use a stolen key on the Internet?

Hackers constantly test leaked keys

A group of security researchers from Agari have run a test to see how long it would take cybercriminals to test user passwords that have been leaked on the internet. They have used false passwords, which actually pretend to be original, to be real accounts.

To carry out the test strategically they exposed several thousands of passwords In the net. They pretended that they were real keys, accounts that they created for the occasion. This way they had enough to see what would happen.

They found that hackers act fast. They can quickly use a password that for some reason has leaked into the network and has been exposed to anyone. Specifically, according to the study carried out by Agari, they access on average within 12 hours of being filtered.

However, time can be much faster. In fact, they saw that they tried to access 20% of the keys that they leaked on the network in less than an hour and 40% in the first six hours. This undoubtedly shows how quickly cybercriminals scan the network for possible passwords that have been leaked, Phishing attacks or any security problem.

They tried to manually access almost all

Another result obtained by Agari’s security researchers is that intruders, in most cases at least, attempted to manually access the supposedly leaked accounts. They do this to check if the credentials really work and can be accessed.

Researchers indicate that it is a tedious process having to test the access codes manually, but in this way they also obtain benefit. This benefit basically consists of being able to analyze the account one by one and see what kind of information they can obtain and in what way they could exploit it economically.

Keep in mind that information has great value on the net. Not all accounts are going to work for hackers in the same way. A social network, where they could find the victim’s data, be able to contact third parties to send Phishing attacks on the victim’s name, is not the same as, for example, a bank account or a subscription on a payment platform.

Therefore, with this study, what security researchers have shown is that any leaked password on the network can quickly end up in the hands of cybercriminals. Hence the importance of always creating passwords that are strong, secure and changing them periodically. In addition, you have to be careful of certain aspects such as the risk of using key managers in the browser. Our advice is to properly protect any type of registry and, if we have that possibility, have two-step authentication to create an extra layer of security.

Categories
Noticias Seguridad

Two-step authentication might fail and not protect

Two-step authentication is not completely secure

We always say that it is essential to have a good key to protecting our equipment. We must use passwords that have different symbols, letters and numbers to create adequate protection. However, none of them is totally infallible, since there can always be a security breach, a leak or that they can find out through some type of malware.

That’s where two-factor authentication comes in. Basically we can say that it is an extra layer of security that can help protect our accounts. It is a second code that we receive and that complements the password. In this way, a possible intruder could not enter even knowing the password.

But of course, nothing is perfect. Two-Step Authentication, although highly recommended, is not foolproof and could have certain security issues. This means that we should take precautions and not think that our accounts are 100% protected.

Vulnerabilities in the system

One of the most common problems where two-step authentication may not be 100% effective is the vulnerabilities what’s in the system. There may be security problems that are exploited and allow an intruder to access the codes that come to us by SMS, for example.

Many IT security experts say that, while it is better than nothing, enabling two-step authentication via SMS is not the best idea. An example is what we have mentioned, that a possible attacker had access to these messages due to some malware or system failure that they can use.

Social engineering attacks

The social engineering It basically consists of finding a way to trick the victim into doing something. A clear example is Phishing. They send a message or email prompting you to open a link or log in. But the techniques they use can be very diverse and even compromise two-step authentication.

Let’s say that an attacker has achieved our password to enter a social network or bank account. Will you need that second code, which could be a series of digits that we receive by SMS. If you do not have access to our phone, it would be difficult for you to enter.

This is where social engineering comes in. You could call the victim posing as a bank employee stating that there has been a problem and that they need to verify that we are the legitimate users, for example. They tell us that we are going to receive a code by SMS and that we tell them to verify our identity. Logically, that message will contain the multi-factor authentication code.

Therefore, we can say that two-step authentication is very interesting to improve security, but nothing is completely effective. It is essential to keep this in mind, as in the end it will be the combination of many methods and strategies that can protect our records on the web.

Categories
Noticias Ofertas

Bargains on devices to improve home Wi-Fi

A very important factor today when browsing the Internet is having a good wireless connection. We have more and more devices that are connected without the need to use wiring. This means that we must have a good network, which offers good speed, stability and quality. Luckily we can have certain devices, such as repeaters, Mesh or PLC systems. We are going to see some on sale on Amazon, as well as routers or network switches.

Offers on Amazon to improve Wi-Fi

Sometimes problems can arise to connect us without cable to Internet. We can be far from the router, for example, and that will always mean a loss of speed and stability. Also problems that make it necessary to acquire a new device that can help us.

Netgear EX3700

  • Dual band Wi-Fi repeater
  • Two external antennas
  • Fast Ethernet port
  • WPS button
  • Easy installation
  • Sale price: 29.99 euros.

TP-Link RE330

TP-Link RE330

  • Dual band Wi-Fi repeater
  • Speed ​​up to 1200 Mbps
  • Ethernet port
  • Supports up to 32 connected devices
  • Signal indicator
  • Easy setup
  • Sale price: 24.99 euros.

Netgear EX6250

Netgear EX6250

  • Wi-Fi Mesh repeater
  • Dual band
  • 1750 Mbps speed
  • Universal compatibility
  • Supports up to 20 devices
  • Sale price: 49.99 euros.

Netgear EX7700

  • Wi-Fi Mesh Amplifier
  • Dual band
  • Speed ​​up to 2200 Mbps
  • Universal compatibility
  • Two Gigabit Ethernet ports
  • Sale price: 89.99 euros.

D-Link COVR-1103

WiFi Mesh COVR-1103

  • Kit of three Wi-Fi Mesh devices
  • Speed ​​up to 1200 Mbps
  • WPA-3 encryption
  • Gigabit Ethernet ports (two on each device)
  • MU-MIMO technology
  • Sale price: 119.99 euros.

Tenda NOVA MW3

Nova MW3

  • Kit of three Wi-Fi Mesh devices
  • Dual band
  • Speed ​​up to 1200 Mbps
  • Fast Ethernet ports
  • MU-MIMO technology
  • Compatible with Alexa
  • Sale price: 74.99 euros.

Devolo Magic 1

Devolo magic

  • Kit of two PLC devices
  • Dual band
  • Speed ​​up to 1200 Mbps
  • Two Fast Ethernet ports on one device and one Gigabit port on another
  • Integrated power connector
  • Sale price: 120.35 euros.

Devolo dLAN 550

Devolo dLAN 550 three-device

  • Kit of three PLC devices
  • Easy installation
  • One of them has an integrated plug
  • Move WiFi technology
  • Sale price: 107.77 euros.

Routers on offer

Another type of equipment that is very important to have good connectivity, be it wireless or cable, is the router. We need to have good speed, quality and stability. Sometimes it is convenient to change the one offered by the operator and therefore we are going to show a series of interesting offers on Amazon.

Huawei AX3

Huawei AX3 Wi-Fi Router

  • Dual Band Wi-Fi 6 Router
  • Speed ​​up to 3000 Mbps
  • Gigabit Ethernet ports
  • Four external antennas
  • Connects up to 128 devices
  • Sale price: 49.90 euros.

TP-Link Archer C50

Router TP-Link Archer C50

  • Dual Band Wi-Fi Router
  • Four external antennas
  • Fast Ethernet ports
  • Speed ​​up to 1200 Mbps
  • Sale price: 29.89 euros.

ASUS RT-AX92U

  • Tri-band Wi-Fi 6 router
  • Speed ​​up to 6100 Mbps
  • Four convertible external antennas
  • Four Gigabit Ethernet ports
  • Supports Ai Mesh
  • Ideal for playing online
  • Sale price: 197 euros.

Huawei E5576

Huawei E5576 Router

  • 4G Wi-Fi router
  • Speed ​​up to 150 Mbps
  • 1500 mAh battery with 6 hours of autonomy
  • Supports up to 16 devices
  • No configuration needed
  • Sale price: 48 euros.

Network switches on offer

Network switches are very interesting devices if we want to connect equipment by cable. A way to avoid access via Wi-Fi if we are in a dead zone, for example. We are going to see a series of interesting offers.

D-Link DGS-105

  • Network switch with five Gigabit Ethernet ports
  • QoS traffic prioritization
  • Metal casing
  • Plug and play
  • Sale price: 16.95 euros.

Netgear GS308

  • Network switch with eight Gigabit Ethernet ports
  • Metal housing without fan
  • Easy installation
  • Energy saving
  • Traffic prioritization
  • Sale price: 25.99 euros.

Netgear GS348T

Netgear GS348T

  • 52-port network switch
  • Four SFP ports
  • Ideal for companies
  • Metal chassis
  • Easy installation
  • Sale price: 247.49 euros.

In RedesZone we do not have any agreement with these brands. We look for the best deals on network devices and take a small commission in return.

Categories
Noticias Seguridad

Windows containers at risk from a threat

A new threat puts Windows containers at risk

This new malware stands out for being able to exploit Windows containers. You can compromise clusters of Kubernetes, with the mission of allowing the entry of hackers and being able to carry out their cyber attacks.

Keep in mind that Kubernetes was initially developed by Google. It is an open source system that allows you to automate different tasks and control containerized applications. Lets you organize those containers into pods, nodes, or clusters.

These attacks deploy a malware known as Siloscape. It is known for being the first to target Windows containers and exploit different known vulnerabilities that may exist and that affect web servers or databases.

The main objective is to open a back door

We can say that its main objective is to open a back door in Kubernetes clusters that are badly configured and thus exploit them maliciously. When you compromise the servers you are able to execute malicious code on the Kubernetes nodes.

This way you can achieve the credentials for spread malware to other different nodes. Subsequently, the Siloscape malware establishes contact with the command and control server via the anonymous TOR network.

However, security researchers have indicated that this malware it is just a small part of a much larger network that has been attacking for over a year.

All of this can expose victims to a wide variety of attacks, such as the ransomware. Many of these attacks focus on secretly mining cryptocurrencies or launching DDoS attacks, but in the case of Siloscape it is different.

The main objective, as we have indicated, is to create a back door in the Kubernetes clusters. In this way, it gives the attackers free rein.

The advice from security researchers is for users to make sure they have clusters correctly configured and updated to avoid problems of this kind. They also offer the alternative of using other options, such as Hyper-V containers.

As we always say, it is very important to have the correctly updated equipment. There are many possibilities that exist of security problems, vulnerabilities and failures that can be exploited by third parties. Hence, we must always keep the devices with the latest versions and not make any kind of mistake. This is something that we must apply regardless of the operating system we are using, as well as the type of program.

In short, they have detected a new malware capable of exploiting Windows containers. Security researchers have recommended carrying out a series of acts as we have indicated to avoid being victims of this problem.