{"id":11777,"date":"2021-08-31T10:00:24","date_gmt":"2021-08-31T15:00:24","guid":{"rendered":"https:\/\/backup.primeaction.com\/sp\/?p=11777"},"modified":"2021-08-23T16:59:24","modified_gmt":"2021-08-23T21:59:24","slug":"vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware","status":"publish","type":"post","link":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/","title":{"rendered":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware"},"content":{"rendered":"<p><img fetchpriority=\"high\" decoding=\"async\" src=\"data:image\/gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw==\" data-src=\"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg\" width=\"640\" height=\"360\" class=\"aligncenter size-medium lazyload\" \/><noscript><img fetchpriority=\"high\" decoding=\"async\" src=\"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg\" width=\"640\" height=\"360\" class=\"aligncenter size-medium\" \/><\/noscript><br \/>\nUn exmiembro del personal de seguridad de Microsoft advirti\u00f3 que los ciberdelincuentes est\u00e1n explotando las vulnerabilidades de los servidores de correo electr\u00f3nico de Microsoft Exchange porque las organizaciones no fueron advertidas adecuadamente sobre qu\u00e9 sistemas parchar.<\/p>\n<p>\u201cMuchas organizaciones parecen no haber reparado de esto, lo que ha llevado a una explotaci\u00f3n masiva de las vulnerabilidades\u201d, advirti\u00f3 Kevin Beaumont, quien public\u00f3 sobre estos problemas de seguridad a trav\u00e9s de su blog DoublePulsar, donde alerta que cientos de sistemas del gobierno estadounidense est\u00e1n expuestos.<\/p>\n<p>Ante esto, la Agencia de Seguridad Cibern\u00e9tica e Infraestructura de los Estados Unidos (CISA, por sus siglas en ingl\u00e9s) emiti\u00f3 una alerta el s\u00e1bado. \u201cSon vulnerabilidades de ejecuci\u00f3n de c\u00f3digo remoto autenticadas previamente (no se requiere contrase\u00f1a), lo cual es tan serio como parece\u201d, escribi\u00f3.<\/p>\n<p>\u201cMicrosoft sab\u00eda que esto explotar\u00eda en un incidente internacional para los clientes. Lo s\u00e9 porque trabaj\u00e9 all\u00ed y los alert\u00e9\u201d. Adem\u00e1s se\u00f1al\u00f3 que, si bien Microsoft emiti\u00f3 correcciones hace cinco meses, la compa\u00f1\u00eda no hab\u00eda proporcionado los n\u00fameros de identificaci\u00f3n est\u00e1ndar de las vulnerabilidades para facilitar a los usuarios la determinaci\u00f3n de qu\u00e9 parches necesitaban.<\/p>\n<p>\u201cCre\u00f3 una situaci\u00f3n en la que los clientes de Microsoft estaban mal informados sobre la gravedad de uno de los errores de seguridad empresarial m\u00e1s cr\u00edticos del a\u00f1o\u201c, agreg\u00f3 Beaumont. (En el momento de esta publicaci\u00f3n Microsoft no respondi\u00f3 a la solicitud de comentarios sobre las acusaciones de Beaumont).<\/p>\n<p>Entre los piratas inform\u00e1ticos que se aprovechan de eso se encuentra el grupo de ransomware conocido como LockFile, que ha aprovechado las fallas que Microsoft corrigi\u00f3 por primera vez en marzo.<\/p>\n<p>As\u00ed mismo LockFile se ha relacionado con ataques de ransomware a v\u00edctimas de diversas industrias (incluidas la fabricaci\u00f3n, los servicios financieros, la ingenier\u00eda y el turismo) en todo el mundo, principalmente en Estados Unidos y Asia, de acuerdo con la compa\u00f1\u00eda de seguridad Symantec. Esto se vio por primera vez el 20 de julio en la red de una organizaci\u00f3n financiera de EU, de acuerdo con un blog de la empresa.<\/p>\n<p>Los or\u00edgenes de los ataques se remontan a las debilidades descubiertas durante un hacking contest a principios de este a\u00f1o y detalladas en su totalidad la semana pasada por Orange Tsai.<\/p>\n<p>En este se encontraron tres debilidades en Microsoft Exchange (la versi\u00f3n local, no Office 365) que, cuando se combinan, podr\u00edan usarse para tomar el control de un servidor de correo electr\u00f3nico de forma remota.<\/p>\n<p>Beaumont ha lanzado ahora una herramienta para ayudar a identificar los sistemas sin parches. El equipo nacional de respuesta ante emergencias inform\u00e1ticas de Austria ya lo ha utilizado para buscar servidores vulnerables.<\/p>\n<p>Los gobiernos y organizaciones privadas de todo el mundo conf\u00edan en Microsoft Exchange para ejecutar su correo electr\u00f3nico diario, sin embargo, este a\u00f1o ha sido objeto de ataques repetidos con ataques devastadores a gran escala. Incluyeron ataques que la Administraci\u00f3n de Joe Biden atribuy\u00f3 a China, lo que el pa\u00eds neg\u00f3.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Un exmiembro de seguridad de Microsoft alert\u00f3 que los ciberdelincuentes est\u00e1n explotando las vulnerabilidades de los servidores de correo electr\u00f3nico de Microsoft Exchange.<\/p>\n","protected":false},"author":10,"featured_media":11779,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"single-post.php","format":"standard","meta":{"_eb_attr":"","site-sidebar-layout":"default","site-content-layout":"default","ast-site-content-layout":"default","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","ast-disable-related-posts":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"_mbp_gutenberg_autopost":false,"fifu_image_url":"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg","fifu_image_alt":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware","footnotes":""},"categories":[9],"tags":[],"class_list":["post-11777","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-post-servicios"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.4 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware &#183; Prime Action Consulting<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/\" \/>\n<meta property=\"og:locale\" content=\"es_ES\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware &#183; Prime Action Consulting\" \/>\n<meta property=\"og:description\" content=\"Un exmiembro de seguridad de Microsoft alert\u00f3 que los ciberdelincuentes est\u00e1n explotando las vulnerabilidades de los servidores de correo electr\u00f3nico de Microsoft Exchange.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/\" \/>\n<meta property=\"og:site_name\" content=\"Prime Action Consulting\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-31T15:00:24+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg\" \/>\n<meta name=\"author\" content=\"primeactionmx\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg\" \/>\n<meta name=\"twitter:label1\" content=\"Escrito por\" \/>\n\t<meta name=\"twitter:data1\" content=\"primeactionmx\" \/>\n\t<meta name=\"twitter:label2\" content=\"Tiempo de lectura\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutos\" \/>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware &#183; Prime Action Consulting","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/","og_locale":"es_ES","og_type":"article","og_title":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware &#183; Prime Action Consulting","og_description":"Un exmiembro de seguridad de Microsoft alert\u00f3 que los ciberdelincuentes est\u00e1n explotando las vulnerabilidades de los servidores de correo electr\u00f3nico de Microsoft Exchange.","og_url":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/","og_site_name":"Prime Action Consulting","article_published_time":"2021-08-31T15:00:24+00:00","og_image":[{"url":"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg","type":"","width":"","height":""}],"author":"primeactionmx","twitter_card":"summary_large_image","twitter_image":"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg","twitter_misc":{"Escrito por":"primeactionmx","Tiempo de lectura":"3 minutos"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/#article","isPartOf":{"@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/"},"author":{"name":"primeactionmx","@id":"https:\/\/backup.primeaction.com\/sp\/#\/schema\/person\/12b4e201995201db2de1bc5b99533471"},"headline":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware","datePublished":"2021-08-31T15:00:24+00:00","mainEntityOfPage":{"@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/"},"wordCount":531,"publisher":{"@id":"https:\/\/backup.primeaction.com\/sp\/#organization"},"image":{"@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg","articleSection":["Post Servicios"],"inLanguage":"es"},{"@type":"WebPage","@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/","url":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/","name":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware &#183; Prime Action Consulting","isPartOf":{"@id":"https:\/\/backup.primeaction.com\/sp\/#website"},"primaryImageOfPage":{"@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/#primaryimage"},"image":{"@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/#primaryimage"},"thumbnailUrl":"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg","datePublished":"2021-08-31T15:00:24+00:00","breadcrumb":{"@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/#breadcrumb"},"inLanguage":"es","potentialAction":[{"@type":"ReadAction","target":["https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/"]}]},{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/#primaryimage","url":"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg","contentUrl":"https:\/\/cdn.forbes.com.mx\/2019\/11\/Microsoft-Jap\u00f3n-640x360.jpg","caption":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware"},{"@type":"BreadcrumbList","@id":"https:\/\/backup.primeaction.com\/sp\/vulnerabilidades-de-microsoft-son-explotadas-por-ciberdelincuentes-de-ransomware\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"In\u00edcio","item":"https:\/\/backup.primeaction.com\/sp\/"},{"@type":"ListItem","position":2,"name":"Vulnerabilidades de Microsoft son explotadas por ciberdelincuentes de ransomware"}]},{"@type":"WebSite","@id":"https:\/\/backup.primeaction.com\/sp\/#website","url":"https:\/\/backup.primeaction.com\/sp\/","name":"Prime Action Consulting","description":"Consultoria Especializada em Canais","publisher":{"@id":"https:\/\/backup.primeaction.com\/sp\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/backup.primeaction.com\/sp\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"es"},{"@type":"Organization","@id":"https:\/\/backup.primeaction.com\/sp\/#organization","name":"Prime Action Consulting","url":"https:\/\/backup.primeaction.com\/sp\/","logo":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/backup.primeaction.com\/sp\/#\/schema\/logo\/image\/","url":"https:\/\/backup.primeaction.com\/sp\/wp-content\/uploads\/sites\/8\/2019\/11\/logo-horiz-01-transp-2.png","contentUrl":"https:\/\/backup.primeaction.com\/sp\/wp-content\/uploads\/sites\/8\/2019\/11\/logo-horiz-01-transp-2.png","width":400,"height":185,"caption":"Prime Action Consulting"},"image":{"@id":"https:\/\/backup.primeaction.com\/sp\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/backup.primeaction.com\/sp\/#\/schema\/person\/12b4e201995201db2de1bc5b99533471","name":"primeactionmx","image":{"@type":"ImageObject","inLanguage":"es","@id":"https:\/\/secure.gravatar.com\/avatar\/19d334fbde47ddf970c0d3392d592bcaec217ee5e078358913a249e212d2899f?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/19d334fbde47ddf970c0d3392d592bcaec217ee5e078358913a249e212d2899f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/19d334fbde47ddf970c0d3392d592bcaec217ee5e078358913a249e212d2899f?s=96&d=mm&r=g","caption":"primeactionmx"},"url":"https:\/\/backup.primeaction.com\/sp\/author\/primeactionmx\/"}]}},"_links":{"self":[{"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/posts\/11777","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/users\/10"}],"replies":[{"embeddable":true,"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/comments?post=11777"}],"version-history":[{"count":1,"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/posts\/11777\/revisions"}],"predecessor-version":[{"id":11778,"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/posts\/11777\/revisions\/11778"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/media\/11779"}],"wp:attachment":[{"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/media?parent=11777"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/categories?post=11777"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/backup.primeaction.com\/sp\/wp-json\/wp\/v2\/tags?post=11777"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}