Olivia
Online
Gonzalo Cerecedo Chavez
@GonCC122
Product Owner, Sector Privado | Excelente compartiendo anécdotas | Soñador y soltero por si se lo preguntaban :v
Tecámac
Joined April 2018
258 Following
14 Followers
344 Posts
The US government, citing national security authorities, has issued an export control directive to suspend all access to Fable 5 and Mythos 5 by any foreign national, whether inside or outside the United States, including foreign national Anthropic employees.
The net effect of this order is that we must abruptly disable Fable 5 and Mythos 5 for all our customers to ensure compliance.
Access to all other Claude models is not affected.
We apologize for this disruption to our customers. We believe this is a misunderstanding and are working to restore access as soon as possible.
Read our full statement: https://t.co/bwn0sximKZ
Comparto mi skill de Claude para crear videos de YouTube automáticamente con:
✓ Guión auto (Claude)
✓ Voix off (ElevenLabs)
✓ Clips vidéo (Kling 3)
✓ Montage (ffmpeg)
Te doy la skill para copiar y pegar aquí 👇
@CFE_Contigo @CFEmx Llevamos ya 24 horas sin suministro eléctrico en Los Héroes Tecámac tras un supuesto mantenimiento. Van múltiples reportes y seguimos sin solución. Exigimos el restablecimiento inmediato.
Folio más reciente: L6043904023
#CFE #LosHeroesTecamac #Edomex #Urge
🚨 Atención #Chile
Detectamos una campaña de #phishing de una supuesta “Citación Judicial” para infectar sistemas Windows. 🇨🇱
El ataque utiliza un PDF "protegido" con contraseña . El documento induce a descargar un archivo ZIP, que posteriormente ejecuta un payload malicioso mediante mshta.exe.
Asunto del correo: Citación judicial pendiente - actuación obligatoria comparecencia el No. 20260311-101516
IOC detectados 🔍
Dominios
🔹 quar.snd[.]it[.]com
🔹 ett.ftecasva[.]pro
🔹 servidor.fullmotor[.]cl (infraestructura comprometida / abusada)
Hashes (SHA256)
🔹 PDF: 9eecd0053be6ee9ad2cac101007aced7b2d8973379a820c56fcb93e6e036f225
🔹 ZIP: 6a18582ed615f9288ef1a518994d9a894f286389b5012b355b3c48b080cf8194
🔹 HTA: 96709fb381a3507f77584e3ee0c8af5a2d0d50f73c57cfc54428c7f42a3f1246
🔹 EXE: f9fefa73c60a604ef013a6afcc8eb044c6483ef01e28c05d1db808f29abbcc78
🔹 Any-Run:
https://t.co/XplkcOgj92
#infosec #phishing #ciberseguridad #Malware #CyberSecurity #CSIRT #ThreatIntel
¿Acceso completo a la red, grabar audio en cualquier momento, usar hardware biométrico, acceder a ubicación en tiempo real?
Sí está muy intrusiva esa app.
Microsoft Defender researchers uncovered a campaign that lured users into running trojanized gaming utilities (Xeno.exe or RobloxPlayerBeta.exe) distributed through browsers and chat platforms, leading to the deployment of a remote access trojan (RAT).
A malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar. This downloader used PowerShell and living-off-the-land binaries (LOLBins) like cmstp.exe for stealthy execution. It evaded detection by deleting the initial downloader and by adding Microsoft Defender exclusions for the RAT components. It also added persistence using a scheduled task and startup script named world.vbs. Finally, it deployed the final payload, a multi-purpose malware that acted as loader, runner, downloader, and RAT.
The RAT connected to the IP address 79.110.49[.]15 for command and control (C2), enabling threat actors to perform various actions like data theft and additional payload deployment.
Microsoft Defender detects the malware and malicious behavior observed across the attack chain. To defend against this threat, follow these recommendations:
- Block/monitor outbound connections to listed domains/IP addresses and alerts on downloads of java[.]zip or jd-gui.jar from non-corporate sources.
- Hunt for the related processes and components.
- Audit Microsoft Defender exclusions and scheduled tasks for random names; remove malicious tasks and startup scripts.
- Isolate affected endpoints, collect endpoint detection and response (EDR) telemetry, and reset credentials for users active on compromised hosts.
Indicators of compromise:
- decompiler.exe (SHA-256: 48cd5d1ef968bf024fc6a1a119083893b4191565dba59592c541eb77358a8cbb)
- jd-gui.jar (SHA-256: a33a96cbd92eef15116c0c1dcaa8feb6eee28a818046ac9576054183e920eeb5)
- worldview.db-wal/StandardName.exe (SHA-256: 4442ba4c60a6fc24a2b2dfd041a86f601e03b38deab0300a6116fea68042003f)
- world.vbs (SHA-256: 65f003998af7dd8103607c8e18ef418b131ba7d9962bd580759d90f4ac51da36)
- powercat[.]dog:443; remote IP 79.110.49[.]15
![MsftSecIntel's tweet photo. Microsoft Defender researchers uncovered a campaign that lured users into running trojanized gaming utilities (Xeno.exe or RobloxPlayerBeta.exe) distributed through browsers and chat platforms, leading to the deployment of a remote access trojan (RAT).
A malicious downloader staged a portable Java runtime and executed a malicious Java archive (JAR) file named jd-gui.jar. This downloader used PowerShell and living-off-the-land binaries (LOLBins) like cmstp.exe for stealthy execution. It evaded detection by deleting the initial downloader and by adding Microsoft Defender exclusions for the RAT components. It also added persistence using a scheduled task and startup script named world.vbs. Finally, it deployed the final payload, a multi-purpose malware that acted as loader, runner, downloader, and RAT.
The RAT connected to the IP address 79.110.49[.]15 for command and control (C2), enabling threat actors to perform various actions like data theft and additional payload deployment.
Microsoft Defender detects the malware and malicious behavior observed across the attack chain. To defend against this threat, follow these recommendations:
- Block/monitor outbound connections to listed domains/IP addresses and alerts on downloads of java[.]zip or jd-gui.jar from non-corporate sources.
- Hunt for the related processes and components.
- Audit Microsoft Defender exclusions and scheduled tasks for random names; remove malicious tasks and startup scripts.
- Isolate affected endpoints, collect endpoint detection and response (EDR) telemetry, and reset credentials for users active on compromised hosts.
Indicators of compromise:
- decompiler.exe (SHA-256: 48cd5d1ef968bf024fc6a1a119083893b4191565dba59592c541eb77358a8cbb)
- jd-gui.jar (SHA-256: a33a96cbd92eef15116c0c1dcaa8feb6eee28a818046ac9576054183e920eeb5)
- worldview.db-wal/StandardName.exe (SHA-256: 4442ba4c60a6fc24a2b2dfd041a86f601e03b38deab0300a6116fea68042003f)
- world.vbs (SHA-256: 65f003998af7dd8103607c8e18ef418b131ba7d9962bd580759d90f4ac51da36)
- powercat[.]dog:443; remote IP 79.110.49[.]15](https://pbs.twimg.com/media/HCGZvuvXcAAjBoI.png)
“.arpa Under Siege: Cybercriminals Weaponize DNS Infrastructure”
Threat actors are now exploiting the .arpa top-level domain—originally reserved for reverse DNS lookups and never meant to host content—to deliver phishing campaigns. As detailed in the Infoblox blog, attackers abuse IPv6 reverse DNS ranges to craft fake FQDNs under https://t.co/AuvYarKzkE, registering them with DNS providers that mistakenly allow A records. This loophole lets them host malicious content on infrastructure that appears inherently trustworthy and is rarely blocked.
Link: https://t.co/3VYBEFSG3Y
To support fellow defenders, I’ve crafted a KQL hunting query to detect MDE users accessing .arpa abuse hostnames. Sharing this to help defenders stay ahead of emerging threats.
KQL Code: https://t.co/ONn9bozhC9
#Cybersecurity #ARPAAbuse #DNSInfrastructure #DefenderXDR
🛡️ Falla grave en Fortinet permite entrar a firewalls sin contraseña
Fortinet confirmó la explotación activa de la vulnerabilidad CVE-2026-24858.
Afecta equipos como:
- FortiGate
- FortiManager
- FortiWeb
- FortiProxy
- FortiAnalyzer.
El problema ocurre cuando está habilitado SSO de FortiCloud.
SSO significa Single Sign-On.
Permite iniciar sesión una sola vez para administrar varios dispositivos.
Aquí, ese mecanismo puede ser abusado.
Un atacante con una cuenta válida de FortiCloud y un dispositivo registrado puede acceder a equipos de otros clientes.
Sin contraseña adicional.
Ni autorización.
Fortinet observó cambios no autorizados.
Reglas de firewall modificadas.
VPNs creadas para dar acceso a cuentas nuevas.
El riesgo es:
- Control total del perímetro.
- Acceso a redes internas.
- Interrupción del negocio.
CISA ya incluyó esta falla en su lista de vulnerabilidades explotadas activamente.
💡 ¿Qué deben hacer?
Revisar si FortiCloud SSO está habilitado.
Aplicar parches y guías oficiales de Fortinet de inmediato.
Auditar configuraciones y accesos recientes en firewalls.
⚫️ | Funcionarios trabajan a ciegas y violando normativa
El ataque (kill switch) fue a las 6:20 h del 20 de enero. Desde entonces, el personal no puede usar sus equipos. Usan correos personales para operar.
«Estamos prácticamente detenidos. Sin información para trabajar día a día».
🚨 | Red "Zombi" de fraude de falso predial 'infecta' sitios de gobierno
Una red activa de estafa utiliza dominios gob[.]mx hackeados para cobrar un falso impuesto predial. Lleva MESES operando con persistencia en servidores oficiales; antes suplantando Repuve. Hilo. 👇
![ivillasenor's tweet photo. 🚨 | Red "Zombi" de fraude de falso predial 'infecta' sitios de gobierno
Una red activa de estafa utiliza dominios gob[.]mx hackeados para cobrar un falso impuesto predial. Lleva MESES operando con persistencia en servidores oficiales; antes suplantando Repuve. Hilo. 👇](https://pbs.twimg.com/media/G_IcYETW4AAfB4V.jpg)
Update aún no proporciona una solución, ni un folio de visita del técnico o algo @ayudaizzi @izzi_mx @izziprensa
Super buen servicio (sarcasmo) @izzi_mx @ayudaizzi @izzi_latam. Para cobrar si están buenos, hasta degradan la velocidad de internet cerca a las fechas de corte. Ahora como recupero el tiempo y dinero perdido por dejarme sin internet @Profeco @AtencionProfeco
No pues gracias por no responder, Cristina González de @ayudaizzi
#malservicio #profeco #izzi #totalplay #telmex #internet
@Suburbia_Mexico compramos dos chalecos por la página de internet de Suburbia y nos entregaron solo uno. El repartidor nos dijo que solo le dieron un paquete. No nos contestan en su número de atención a clientes!!! @Profeco
#estafa #suburbia #profeco
🔐 Las empresas que no invierten en ciberseguridad, invierten en riesgos.
https://t.co/AG9Sv1p14d
#Ciberseguridad #SOC #Bleuxpert
¿Tu PyME está protegida contra los ciberataques? 💻🔒
https://t.co/Kkd9CKHlnH
#ciberseguridad #pymes #Mexico #MexicoDespierta #empresa
https://t.co/ZOdXKQELQi
Horrible horrible servicio @izzi_mx, @ayudaiz
Un ciclo interminable de que va y viene el internet y su soporte técnico no resuelve!😡😡😡😡
Échenle la mano a izzi @TELMEXSoluciona
Last Seen Users on Sotwe
teman dekatmu
Seen from Indonesia
ชอบแม่หม้ายอวบๆ แอบดูน้าสาว
Seen from Thailand
กุญซี่ เบล'ล
Seen from Thailand
ihanet evli bekar ve dul bayanlar herşey gizli olm
Seen from Turkey
durtybuggeroz🇦🇺
Seen from France
pollito hot
Seen from Mexico
ពិសិដ្ឋ-Piseth🇰🇷🇺🇸 @TOPCAMBODIA999999999
Ricardo Tim Beta
Seen from United States
出海 結愛
Seen from Japan
🇿🇦 Hot Girls City 🇿🇦 
Seen from Indonesia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.3M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.7M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.4M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.7M followers
KATY PERRY
@katyperry
87.2M followers
Taylor Swift
@taylorswift13
81M followers
Lady Gaga
@ladygaga
72.6M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.1M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.6M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61.8M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.3M followers