Organized Crime Pushes Cyber Defenses: Cybersecurity Week

Organized crime is exploiting cyber vulnerabilities, turning the country into a key target in Latin America. Parallel to this, the biometric Unique Population Registry Code (CURP) initiative adds urgency to implement robust safeguards as identity infrastructure digitalizes. Globally, Google’s exposure of vishing attacks on Salesforce reaffirms that even top enterprise platforms are vulnerable to social engineering. Meanwhile, PDFs remain the most abused file type in email attacks, and Tenable’s launch of AI Exposure addresses a growing concern: invisible risks in enterprise AI adoption.

Ready? This is your week in cybersecurity! 

Mexico

Advanced Organized Crime Exposes Critical Cyber-Gaps in Mexico

Mexico faces a growing and dangerous cybersecurity threat as sophisticated criminal groups adopt advanced technologies to diversify their illicit operations. The situation has positioned the country as a primary target for cyberattacks in Latin America, with a volume of incidents that reveals a concerning asymmetry between attacker capabilities and the defense strategies of the public and private sectors.

Cybersecurity Challenges Amid Biometric CURP Release

The creation of a CURP with biometric data represents a step toward the digitalization of citizen identity. This advancement, however, imposes significant technical and regulatory challenges to ensure the protection of the population's personal data.

International 

Google Uncovers Vishing Attacks Targeting Salesforce via Apps

The Google Threat Intelligence Group (GTIG) has identified a cyberattack campaign operated by the threat cluster UNC6040. This group uses voice phishing (vishing) tactics to compromise corporate Salesforce instances, facilitating large-scale data exfiltration and subsequent extortion by an associated group, tracked as UNC6240.

PDFs Emerge as Top Threat Vector in Email-Based Cyberattacks

Twenty two percent of malicious attachments distributed through email are PDF documents, reveals Check Point Research (CPR). This trend capitalizes on the widespread corporate adoption of PDFs, as 87% of organizations use them as a business communication standard, according to the company.

Tenable Unveils AI Exposure to Secure Corporate AI Use

Tenable is launching Tenable AI Exposure, a new capability integrated within its Tenable One platform that provides organizations with visibility and protection mechanisms over the corporate use of AI platforms. “As AI adoption accelerates, most security teams operate without adequate visibility into its actual use, creating an unmanaged and potentially vulnerable attack surface,” writes Tenable in a press release.