{"id":321,"date":"2023-12-04T20:40:18","date_gmt":"2023-12-04T20:40:18","guid":{"rendered":"https:\/\/vulneralert.com\/v1\/?p=321"},"modified":"2023-12-04T20:42:23","modified_gmt":"2023-12-04T20:42:23","slug":"hackers-rusos-aprovechan-el-error-de-outlook-para-secuestrar-cuentas-de-exchange","status":"publish","type":"post","link":"https:\/\/vulneralert.com\/v1\/hackers-rusos-aprovechan-el-error-de-outlook-para-secuestrar-cuentas-de-exchange\/","title":{"rendered":"Hackers rusos aprovechan el error de Outlook para secuestrar cuentas de Exchange"},"content":{"rendered":"<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full\"><img loading=\"lazy\" decoding=\"async\" width=\"602\" height=\"240\" src=\"https:\/\/vulneralert.com\/v1\/wp-content\/uploads\/2023\/12\/Microsoft-Exchange-Microsoft-365-Paraguay-ITDConsulting-1.webp\" alt=\"\" class=\"wp-image-322\" srcset=\"https:\/\/vulneralert.com\/v1\/wp-content\/uploads\/2023\/12\/Microsoft-Exchange-Microsoft-365-Paraguay-ITDConsulting-1.webp 602w, https:\/\/vulneralert.com\/v1\/wp-content\/uploads\/2023\/12\/Microsoft-Exchange-Microsoft-365-Paraguay-ITDConsulting-1-300x120.webp 300w\" sizes=\"auto, (max-width: 602px) 100vw, 602px\" \/><\/figure>\n<\/div>\n\n\n<p>La situaci\u00f3n de seguridad est\u00e1 relacionada con hackers rusos que est\u00e1n aprovechando una vulnerabilidad en <strong>Microsoft Outlook<\/strong> para obtener acceso no autorizado a cuentas de Exchange y robar informaci\u00f3n confidencial. Este problema espec\u00edfico se conoce como CVE-2023-23397. El equipo de Inteligencia de Amenazas ha identificado al actor respaldado por el estado ruso APT28, tambi\u00e9n conocido como Fancybear o Strontium, como el grupo responsable de explotar activamente esta vulnerabilidad. Al infiltrarse en Outlook, estos hackers pueden acceder a Exchange, utilizando com\u00fanmente la comunicaci\u00f3n por correo electr\u00f3nico para acceder y almacenar datos sensibles.<\/p>\n\n\n\n<p>Una vez que obtienen acceso, proceden a extraer informaci\u00f3n confidencial, correos electr\u00f3nicos, archivos adjuntos y otros datos sensibles. La advertencia emitida tiene como objetivo alertar a organizaciones y personas, inst\u00e1ndoles a tomar las precauciones necesarias para proteger sus datos. Es crucial que los usuarios actualicen su software a la \u00faltima versi\u00f3n y apliquen los parches disponibles proporcionados para mitigar esta vulnerabilidad. Este hecho subraya la amenaza continua que representan los grupos respaldados por estados y destaca la importancia de mantener medidas actualizadas para protegerse contra tales ataques.<\/p>\n\n\n\n<p><\/p>\n\n\n\n<p>Links relacionados<\/p>\n\n\n\n<p><a href=\"https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-23397\">https:\/\/msrc.microsoft.com\/update-guide\/vulnerability\/CVE-2023-23397<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2023-23397\">https:\/\/nvd.nist.gov\/vuln\/detail\/cve-2023-23397<\/a><\/p>\n\n\n\n<p><a href=\"https:\/\/vulneralert.com\/ampliar.alerta.php?url=fe9228cec7b6fe4f23a06c2af2c8e3b1c25323e3\">https:\/\/vulneralert.com\/ampliar.alerta.php?url=fe9228cec7b6fe4f23a06c2af2c8e3b1c25323e3<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>La situaci\u00f3n de seguridad est\u00e1 relacionada con hackers rusos que<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"_themeisle_gutenberg_block_has_review":false,"footnotes":""},"categories":[6,12],"tags":[],"class_list":["post-321","post","type-post","status-publish","format-standard","hentry","category-ciberseguridad","category-microsoft"],"featured_image_urls":{"full":"","thumbnail":"","medium":"","medium_large":"","large":"","master_addons_team_thumb":"","1536x1536":"","2048x2048":"","chromenews-featured":"","chromenews-large":"","chromenews-medium":""},"author_info":{"info":["vulneralert.com"]},"category_info":"<a href=\"https:\/\/vulneralert.com\/v1\/category\/ciberseguridad\/\" rel=\"category tag\">Ciberseguridad<\/a> <a href=\"https:\/\/vulneralert.com\/v1\/category\/microsoft\/\" rel=\"category tag\">Microsoft<\/a>","tag_info":"Microsoft","comment_count":"0","_links":{"self":[{"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/posts\/321","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/comments?post=321"}],"version-history":[{"count":1,"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/posts\/321\/revisions"}],"predecessor-version":[{"id":323,"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/posts\/321\/revisions\/323"}],"wp:attachment":[{"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/media?parent=321"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/categories?post=321"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/vulneralert.com\/v1\/wp-json\/wp\/v2\/tags?post=321"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}