With the recent news about price increases across most of Apple products due to the RAM and NAND chip shortages.
Coincidentally, Microsoft has silently updated the end date for Windows 10 Extended Security Updates (ESU) for consumers to October 12, 2027.
https://t.co/MZKylpXy3e
📰El Gobierno de Chile expresa su solidaridad al Gobierno y al pueblo de Venezuela, por el terremoto que afectó a ese país. Chile manifiesta la disposición de prestar ayuda humanitaria y de rescate.
https://t.co/C7oJkroctG
@NanospeedGamer un pequeño aporte al ecosistema PS4 en cuanto a tanto usuario reportando que se le rompe o deja de funcionar la aplicacion VUE https://t.co/Nt3iOeSOqc
@Barbara_Figue Al volver a gobernar, hay que remover al Tesorero General de la República y tirar un dictamen general que no priorice la cobraza del CAE sobre otras obligaciones estatales, ademas de nueva interpretación jurídica respecto del alcance de las obligaciones de Tesorería
Pinochet dejó a este país con 2,5 hijos por mujer y un crecimiento económico cercano a los dos dígitos. La tan celebrada democracia, en cambio, muestra números negativos en crecimiento y en natalidad condena al país a la extinción. Es un fracaso rotundo, inapelable.
🚨 PREVENTIVE CYBER INTELLIGENCE ALERT: ALLEGED EXPOSURE OF CUSTOMER DATA — BANCO FALABELLA CHILE 🇨🇱
⚠️THE ACTOR "THE BLACKH4T MD-GHOST" PUBLISHES AN ALLEGED DATA DUMP OF 20 MILLION RECORDS
[STATUS: ALLEGEDLY UNVERIFIED / PROBABLE COLLECTION OR REPOST (HISTORICAL) / UNDER INVESTIGATION]
Through proactive monitoring of clandestine data distribution channels on the Telegram platform, a post has been detected by the threat actor operating under the alias The BlackH4t MD-Ghost. The attacker is promoting the download of a compressed file titled BANK FALABELLA CHILE.rar, claiming it contains user information and banking data exceeding 20 million lines.
However, based on the actor's profile within the cybersecurity community and preliminary technical analysis, there are strong indications that this incident does not represent a new or direct intrusion into the entity, but rather a compilation of past breaches or a reposting of historical information.
🎯 Affected Entity (Alleged): Banco Falabella Chile (https://t.co/sFuxqbhJAn - Financial Sector, Chile 🇨🇱).
👤 Threat Actor: The BlackH4t MD-Ghost
📂 Claimed Volume: 20,000,000+ records (Packaged in a file of only 1.7 MB).
⚙️ Incident Type: Alleged Customer Data Exfiltration / Repost Distribution.
📊 TECHNICAL ANALYSIS AND INCONSISTENCIES OF THE THREAT
In developing our cybersecurity research, verifying the authenticity of data is crucial to avoid false alarms that overwhelm organizations' incident response operations. In this case, the following anomalies were identified:
📉 Critical Size Discrepancy (Data Compression):
The actor claims that the file contains more than 20 million lines of banking user data ("Lines: 20M+"). However, the indicated size for the .rar file is only 1.7 MB.
Even under extreme compression algorithms, a volume of 20 million structured banking records would weigh substantially more than 1.7 MB (where the estimated average size would exceed 200 MB for very basic plain text schemes). This is a clear indicator that the database could contain very limited information (such as a simple list of Chilean tax ID numbers or emails without credentials or financial statements) or be a completely fake file (Fake Leak).
🔄 Attacker Profile ("Reposter"):
The threat actor has a history of collecting previously exposed leaks (for example, from the massive hack of Chilean entities in previous years) on underground forums and renaming them to inflate their personal reputation and attract traffic to their Telegram channels or encrypted communication sessions.
🛡️ MITIGATION AND PREVENTIVE RECOMMENDATIONS
🛑 Brand Monitoring and Active Phishing (For Banco Falabella Chile): Despite the high probability that it is a repost, the bank's cybersecurity team should increase its monitoring of the creation of similar domains (Typosquatting) and phishing emails targeting its customer base in the coming days.
🔒 Forensic Analysis of the File (BANK FALABELLA CHILE.rar): It is recommended to download and analyze the file in a controlled environment (Sandbox) to verify the actual data schema and compare the samples with historical Chilean data breaches recorded in 2018, 2019, and 2023, in order to officially confirm the correlation of duplicates.
⚡ MONITORING AND EVALUATION
🌐 Intelligence System: https://t.co/wk9bZJ2Nli
🛡️ Quickly assess your website's security with: https://t.co/YnDw1QjN9c
#CyberSecurity #DataBreach #Chile #BankFalabella #MD_Ghost #FinancialFraud #Reposter #Unverified #ThreatIntelligence #CyberAlert #VECERT #Infosec
El ciclo del agua, los humedales, investigación académica y ahora un sandwich
Kast y su justificación para recortar la Junaeb: “Puede ser que algún niño lleve un sandwich y decide no almorzar” 😵💫
Mucha gente no lo sabe, pero los europeos tenemos el derecho de desistimiento:
Catorce días para cambiar de opinión y cancelar la compra o contratación de un bien o servicio. Sin dar explicaciones y sin penalización.
Ejemplos:
1️⃣ Compras una app y luego después ves que no te gusta o no la usas. Puedes ejercer tu derecho de desistimiento ante Apple o Google y te devuelven el importe de la compra.
2️⃣ Contratas un producto bancario. En la ventanilla te extienden un contrato de ocho metros de papel en Arial 3. Firmas sin leer, pero al llegar al casa sacas el microscopio y compruebas que lo firmado no coincide con lo explicado verbalmente. Vuelves y cancelas el contrato ejerciendo tu derecho de desistimiento.
Son dos casos que se me han dado a mí. Quizá otros no lo sepan y este pequeño tuit les sea útil, ¡ojalá! 😊