hackers

NASA has had its ships exposed to hackers for three years. An AI discovered it in just four days

by

If there is a place where they should be open to any type of communication, it should be in a space agency. And it is no longer just a cinematic issue (although it has gone to great lengths to delve into that topic in the cinema), it is that communications are critical: from things as mundane as explaining that all processes are going well, to anomalies, to the specific future of a mission. Getting your hands on the communications of the National Aeronautics and Space Administration has to be a real treat and not only to boycott the American entity, but also to access confidential information or even to develop conspiracy theories that dismantle that man will reach the moon. Well, as incredible as it may seem, hacking NASA has been easier than you might think. Three years exposed and billions of dollars at stake And it hasn’t just been a little while: communications between Earth and NASA spacecraft have suffered a critical vulnerability for three years against possible computer attacks. Nor was it trivial: that breach in security could have allowed attackers to take over space missions like the agency’s rovers on Mars. The consequence would not have been cheap either: it poses a threat to billions of dollars in space infrastructure and the performance of these missions. Vulnerabilities are usually detected when it is too late or thanks to the action of researchers, although in this case it was the work of artificial intelligence, more specifically a cybersecurity algorithm integrated into AISLE security software, whose objective is to protect communications between spacecraft and terrestrial systems. This vulnerability had gone unnoticed by human eyes in multiple code reviews throughout that time. However, this autonomous AI-based analyzer detected it and helped correct it in four days, account the team of the Californian startup. As detailed, the fault was in the authentication system and to take advantage of it you only needed to have operator credentials. A little social engineering such as phishing or infecting computers to obtain usernames and passwords of NASA workers would be enough to make this possible. From here, something as common as authentication would become a weapon to, for example, inject commands that are executed with full privileges to access the system. The consequences could be fatal: from intercepting data to hijacking a ship. The only “good” thing about this vulnerability is that it was an essential requirement to execute it on the system locally, which obviously reduces the risk compared to remote. The integration of systems with AI in collaboration with humans is the order of the day and although in this case it has been the machine that has brought out the colors for the team of people, it is worth remembering that with the fall of half the internet because of Amazon servers, the responsibility fell on automation: It was the operators who had to intervene to fix it manually. In Xataka | NASA finds ‘space gum’ and glucose on Bennu: we now have the missing ingredient to explain the origin of life In Xataka | NASA invites you to send your name to the Moon for free. Behind it there is something more than a simple symbolic gesture Cover | Photo of NASA Hubble Space Telescope in Unsplash

There are people investigating whether AIs are better hackers than human hackers. And we don’t have very nice news

by

The technology companies do not stop talking about AGIalthough there are many doubts that it is so close how they want to sell us. General artificial intelligence is one that will be capable of surpassing humans in all facets of knowledge. We don’t know if it will be able to surpass us in everything, but there is already a niche in which it is overtaking us: hacking. The experiment. It was carried out by Stanford University researchers and we have known him through a Wall Street Journal report. What they did was develop a hacking bot called Artemis whose objective is to scan the network in search of possible bugs or vulnerabilities through which it can sneak in. They released Artemis into the university’s own engineering network and confronted her with ten pentestersprofessional hackers who are dedicated to simulating attacks to find bugs and then correct them. The bot had a ‘kill switch’ so it could be turned off at any time if things got complicated and the human hackers had instructions to force and test, but without actually penetrating the network. The results. To the surprise of its creators, Artemis achieved excellent results, outperforming nine of the ten human hackers. The bot managed to find bugs much faster than its competitors and, above all, at a much lower price. It is estimated that a pentester charges between $2,000 and $2,500 per day, while Artemis only “charges” $60 per hour. Another “look”. Artemis didn’t do everything right. At least 18% of his bug reports were false positives and he also ignored a very obvious bug on a website that human hackers saw the first time. Instead, he detected a bug that no human had detected. The reason is that the failure was on a website that did not work in Chrome or Firefox, the browsers used by hackers. Artemis is not a person and does not use browsers, but instead used a program and was able to read the website, finding the bug. AI and hacking. The Cybercriminals have been using AI for some time to make malware more effective. Recently Anthropic discovered that a Chinese hacking group was using Claude Code for a large-scale espionage campaign. What is striking is that Claude functioned as an agent who was in charge of the entire attack cycle, not just a part of the process. AI to do good. AI is lowering the barrier to entry for developing attacks, but it can also be used for protection. Research such as that from Stanford shows that AI can also be used to test insecure systems, find bugs and thus be able to patch them. The problem that arises is where the role of professionals such as pentesters will be if AI ends up doing its job for much less money. Image | Sora Shimazaki, Pexels In Xataka | Agents are the great promise of AI. They also aim to become the new favorite weapon of cybercriminals

Goodbye to the official Windows 10 support is bad news for users. Hackers already rub their hands

by

On October 14, millions of computers worldwide will be helpless. That day The official Windows 10 support period endswhich means that users of equipment based on this operating system will not receive security updates. Problem. That raises a gigantic problem for end users, but especially for companies you can see their operation committed to future vulnerabilities that are discovered in said operating system. It is something that has happened in the past with ancient Microsoft operating systems, but the difference here is in the windows 10 dimension. Four out of ten pcs, with Windows 10. According to Statcounter Globalstats data, Windows 10 has currently a global fee of 40.84%. Four out of ten teams that use Windows, use Windows 10. That involves hundreds of millions of PCs, laptops and other devices – point of sale, interactive kiosks, industrial control systems – are exposed to new vulnerability that are discovered from that moment. In Spain, by the way, it is quota is even more worrying. Remembering what happened with Windows 8. In January 2016 Microsoft also marked the end of the Windows 8 support, but the market share of said operating system was much lower, which made the risk, even existing, it was much lower. The problem of the Windows 10 quota is now added that Ransomware and other malware threats They have multiplied. Party for cybercriminals. The “hackers” – or rather, the crackers, the cybercriminals – have before them a golden opportunity to discover and exploit new vulnerabilities that will not be corrected by Microsoft or whose updates will not apply in most cases. It is true that Microsoft has offered methods to extend updates in some cases, but as has happened in the past, many users will not take advantage of them and therefore will be vulnerable to those future cyber attacks. Update options. With the end of Windows 10, there are options for users. One of them is to update Windows 11 “Skipping” the technical requirements Taxes by Microsoft. The other, take advantage of the free extension of the update period, which they can receive for one more year With a simple process. There is also the most profitable option for Microsoft and manufacturers: update to a new PC that arrives with pre -installed Windows 11. And of course, we can opt for other operating systems: these equipment can remain useful (and insurance) installing some linux distribution. The condemnation of “Legacy” systems. Microsoft has always had the philosophy of maintaining compatibility back. That has advantages – can continue executing software for years even in modern hardware – but also that serious disadvantage of security commitment. Apple does not suffer so much. Apple, for example, has a much more drastic attitude in terms of updates and constant update is prioritized. And although it is possible to continue using old equipment with old versions, new functions that usually encourage users to update are excluded. Because it has it much easier. But of course, Apple has in its catalog a few tens of Mac and Macbook since they do not license their operating system, which makes it much easier have these updates under control. In the Windows world, with tens (hundreds?) Of manufacturers and millions of hardware and software combinations, conflicts may appear everywhere and control security is much more complex. In Xataka | The unexpected return of Windows 7: it reaches almost 10% of the market when Microsoft prepares to retire Windows 10

Some of the most advanced satellites in the world seemed untouchable. Two hackers showed that they could be kidnapped

by

In satellites, each maneuver depends on software that is rarely subjected to public security evidence. Demonstrations in controlled environments have put vulnerabilities on the table that, under certain conditions, could allow the Remote Space Systems Control. It is not a timely failure or an isolated experiment: it is a sign that security should be reviewed with magnifying glass before it becomes news for wrong reasons. In August, during conferences Black Hat USA and Def with held in Las Vegas, researchers shared their findings, According to IEEE Spectrum. The work focused on two key pieces: the Core Flight System (CFS), used in NASA multiple missions, including the telescope James Webband Yamcs, a control system of the European company Space Applications Services. The failures, however, were identified and corrected before their dissemination. The finding reopening the debate on cybersecurity in space Behind the finding are Andrzej Olchawa and Milenko Starcik, experts from Visionspace with direct experience in space operations. They analyzed open source software with the mentality of an adversary, seeking reproducible vulnerabilities. They did not need months of analysis: in a few hours they managed to locate 37 failures that, in controlled scenarios, allowed to manipulate critical systems. They acted on their own environments and coordinated with developers to patch the software before disseminating their conclusions. The analysis of the Core Flight System (CFS) revealed that, although it is a key piece in NASA missions, its exploitation would not be simple. To compromise it would take toCceso Physical to a land station and operate at frequencies reserved for space communications. Even so, researchers warn that, in the hands of a state actor with sufficient resources and coverage, this scenario is plausible. In their demonstration they explained that, with that capacity, it would be possible to raise orders to the satellite and modify their behavior. Yamcs, unlike CFS, was more accessible to an attacker. The researchers showed that a campaign would suffice Phishing Successful to load a malicious configuration in the control center. With that entrance door they could issue arbitrary orders or alter files, all from any location with Internet connection. The exercise showed how this vector opens a much larger and less protected attack surface. In Black Hat USA 2025, Andrzej Olchawa deepened the reach of the tests and shared details on how vulnerabilities exploited. He stressed that All maneuvers were executed in simulated environments and that no real satellite was at risk. His explanation sought to give unlarmed technical context, showing precisely how far actors with sufficient knowledge and access to the right systems could reach. “In some cases, we were able to send arbitrary telecomandos to the ships through the mission control system. In others, we managed to take control of the entire control center and, in other cases, if you are able to send telecomands to the ship, you can get remote execution of code directly in it.” The threat panorama has changed: where there were private networks and local stations before, there are now remote control, cloud services and connections from home. This evolution multiplies the attack possibilities, according to researchers, and explains why theoretical vulnerabilities are now a reason for alert. An example is THE ATTACK AGAINST VIASAT IN 2022which affected thousands of users and coincided with the beginning of the war in Ukraine. The case suggests that space systems are not isolated from global conflicts. Corrections arrived on time for open projects, with updates that mitigated the techniques demonstrated in the laboratory. The pending challenge is in closed systemswhere the absence of access to the code limits the review by external experts. Images | Gontran Isnard | Xataka with Grok In Xataka | Perseverance has found what, according to NASA’s director, is “the clearest indication of life we ​​have seen on Mars”

Coinbase is going from being “Remote First” to harden teleworking. The reason: North Korean hackers

by

Coinbase, who was born as a digital native company and an defender of the work in a remote work, has reversed in the labor policy that he assumed mostly from the pandemic. Now require that all new employees travel to the United States for your face -to -face orientation. Those who access sensitive information must be American citizens and undergo fingerprints. Reason does not have so much to do with Teleworking setbacks that we have seen in other companies. It is rather a matter of survival: they have detected North Korean technological workers trying to systematically infiltrate the company To steal information and cryptocurrencies. The threat. The CEO, Brian Armstrong, explained that they have detected a constant flow of highly qualified North Korean candidates. “It’s as if 500 new each quarter graduated,” he said. And they are not simple amateur hackers: the FBI has confirmed that They operate with accomplices in US territory That they forward portable companies, attend virtual interviews posing as candidates and set up screen companies. It also occurs in Europe. For the Pyongyang regime, cryptocurrency theft is a more income source of financing whose income They also help the nuclear weapons program. Only this year they would have stolen $ 1.4 billion Exchange Bybit Between bambalins. Infiltrates are not the only problem. Coinbase has discovered bribes of hundreds of thousands of dollars to customer service workers to obtain account information. Some came to introduce mobiles in supposedly safe facilities to photograph screens with sensitive data. The company has responded with drastic measures: employees work in armored facilities with Chromebooks safe and limited access to information. “When we catch someone, we do not accompany him to the door; he goes to jail,” Armstrong said. Turning point. This security crisis marks a before and after in the debate on remote work. Coinbase has had to choose between what was its business culture and its survival. And he has done the second. In fact he has opened a new office in North Carolina to concentrate critical operations in US territory. The interviews now require keeping the camera on to verify that the candidate is the one who claims to be and is not being supplanted or directed. And now what. The Coinbase case can be just the tip of the iceberg. If a leading technology company with security as one of its pillars cannot keep remote work safe, what can others expect? Pandemia normalized teleworking, but security threats can reverse that trend. Especially in sensitive sectors such as finance, technology and defense. In Xataka | In 2011 a group of investors bought 80,000 bitcoins. They have been sold by 17,000,000% more expensive Outstanding image | Xataka

Spain is the favorite caramel of hackers

by

Spain already has the third most attacked domain in the world, the .es. It only has a .com and .ru, a fact accompanied by reports that suggest that cybersecurity incidents 64% have increased in the country Regarding the previous year. A situation that It does not improve despite the response of Europe And that raises an immediate question: what does Spain have to be so sweet? And one more. Cofensecompany specialized in defense against phishing, has detected a increase of up to 19 times more attacks on domains. in the period between the last quarter of 2024 and the first of 2025. 99% of these attacks focused on phishing. The other 1% went to distribute different remote access Trojans. The method. The growing attacks on addresses. They use one of the simplest methods to infect a computer: email. Simulating Microsoft addresses. From these C2 servers (Command & Control) the attackers can send personalized commands to the computer. In other words: Capture the screen Register what you write Activate or deactivate the camera and microphone of the PC Access PC files Why Spain. Spain is one of the whites more attractive in the world for cybercriminals. Experts like Francisco Valencia, director of Hackrisk.io, points to several reasons for this to happen. Strong international presence of Spanish companies. Geographic position as a bridge between Europe and America (submarine cables such as Marea, Grace Hopper) Changes in the global context after Brexit and deviation of attention to countries such as the United Kingdom. They are not the only suspects. The rapid digitalization of companies after the arrival of European funds The attack radius increasedweaknesses in small and medium enterprises, and a public administration exposed to vulnerabilitiesand geopolitical interest in the country make Spain The second objective with more cyber thrames detected globally. The impact. Some of the cyber attacks received in recent weeks are making the Spanish administration itself, preventing access to the systems of some municipalities in the country, and having affected authorities such as CNMCeither national companies like Repsol and Telefónica. Recent cases. While I write these lines, Spain is mired in two cyber attacks that have left KO the systems of two municipalities. The first is that of Melillawhich adds two weeks under an attack whose authorship a Russian group has been awarded, and the second one that of a small Alicante municipality that has suffered the same fate: Villajoyosa. The answer. In May 2025, the Council of Ministers approved a package of 1,157 million euros To reinforce national cybersecurity, a budget distributed between defense, digital transformation and public function, interior and the Department of National Security. The focus is being put also in processing the transposition of the NIS2 directives and the EU Regulation Dora. In other words, force the critical sectors of the country (energy, telecommunications, health, finance …) to notify cybersecurity incidents and implement more robust risk management systems. At the moment, none of the efforts seems to be materializing in real improvements. In Xataka | How to change all our passwords according to three cybersecurity experts

They are a caramel for hackers

by

Use headphones With cable as a retransmission antenna. Sounds crazy, but it’s the New practice whereby the attackers can listen at a distance everything you are saying. Periscope is the new espionage system by electromagnetic radiation developed in the laboratory, in order to prove that the devices that are connected to this type of headset are vulnerable. New research has deepened this method by which the sound can be intercepted that is being broadcast through laptops and mobile computers (both Android and iPhone). The authors discovered that both phones and computers generate electromagnetic radiation When they process the sound signals. The funny thing is that, intercepting this signal, the original sound can be recovered. Cable headphones They act as antennas, so they amplify this signalinterceptable up to 15 meters. These signals are imperfect, but can be cleaned with noise and distortion by computer. A complete reconstruction of the audio was achieved with 7.44% error, making audio intelligible both by humans and artificial intelligence. What scenarios can this vulnerability be exploited? In anyone in which your device is broadcasting audio. For example, if you were in a meeting and say any confidential data, a laptop located in a range of 15 meters could intercept the signal and rebuild it later. The researchers reported the problem to Apple, Lenovo, Huawei, Vivo, Oppo and Dell, ensuring that Huawei has been one of the first to get to work to develop a solution. This vulnerability has been discovered in the laboratory, so, for the moment, it does not seem to have been tested in real scenarios at the hands of hackers. Image | Xataka mobile In Xataka | I have wireless headphones of all types. None works as well as cable

Log In

Forgot password?

Forgot password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Log in

Privacy Policy

Add to Collection

No Collections

Here you'll find all collections you've created before.