information security articles Archives

Contraseñas vulnerables en la memoria del sistema

Según diversos reportes, incluyendo uno de PCMag, un investigador descubrió que las credenciales almacenadas en Edge se cargan sin cifrar, facilitando que sean interceptadas en situaciones de riesgo. Esta vulnerabilidad transforma las contraseñas en blancos potenciales, como señala Bank Info Security.

Microsoft Edge Bank Info Security

El impacto de este hallazgo es especialmente crítico en el ámbito corporativo. De acuerdo con Dark Reading, el hecho de que Edge guarde las claves en la memoria del proceso representa un riesgo significativo para las infraestructuras empresariales.

La respuesta de Microsoft: «Por diseño»

Ante los cuestionamientos sobre esta práctica de seguridad, la postura de la compañía ha generado debate. Como indica Forbes, Microsoft ha afirmado que esta vulnerabilidad es, en realidad, una característica «por diseño».

Esta justificación ha llevado a algunos analistas y medios, como Mashable, a analizar más a fondo qué ocurre con las credenciales en el navegador y si existen alternativas más seguras. Incluso se ha planteado la interrogante sobre si sería momento de migrar a otros navegadores, como Google Chrome, para mitigar estos riesgos de seguridad.

Como ver las Contraseñas guardadas en Microsoft Edge Chromium

Tim Galluzi, CIO, state of Nevada

The State of Nevada is accelerating its cybersecurity and digital modernization efforts after a major ransomware attack exposed the importance of resilience, workforce readiness and strong governance.

Tim Galluzi, CIO of the state of Nevada, said the incident reinforced how cybersecurity preparedness needs to be embedded into everyday operations – not treated as a one-time investment.

After the incident, the state secured unanimous legislative support and backing from the governor to invest in new cybersecurity tools and technology infrastructure designed to better protect resident data and critical systems. Galluzi said those investments are helping the state modernize its approach to security while strengthening collaboration across agencies.

«Resilience isn’t something you just write down on paper,» Galluzi said. «It’s something you have to practice.»

A key pillar of Nevada’s strategy is a shift toward zero trust architecture and identity modernization. Galluzi called identity and access management the «new firewall» in a post-perimeter environment in which employees, partners and residents increasingly access systems remotely. The state is also investing heavily in workforce training, positioning employees as a critical line of defense against phishing and other social engineering attacks. Artificial intelligence is another emerging priority, he said.

In this video interview with Information Security Media Group, Galluzi discussed:

How Nevada strengthened cybersecurity strategy after a statewide ransomware incident;
Why identity modernization and zero trust architecture are central to resilience;
How the state is responsibly exploring AI to improve digital services for residents.

Galluzi leads enterprise IT strategy, cybersecurity, digital services and modernization initiatives across Nevada state agencies. He focuses on strengthening resilience, enabling secure innovation and improving how Nevada residents access government services through modern digital platforms.

About the Author

Based in Brooklyn, New York City, Lawinski is a writer and editor with more than 20 years of experience in journalism. She has covered a wide range of topics including business, news, culture, science, technology and cybersecurity. Her work has appeared in publications including CNN, Fox News, CRN, CIO Insight, Food Dive, Dark Reading and ERP Today.

information security articles

Microsoft Edge expone contraseñas: ¿por qué almacena datos sensibles en texto plano?

Contraseñas vulnerables en la memoria del sistema

La respuesta de Microsoft: «Por diseño»

Inside Nevada’s Push for Secure Digital Government

About the Author

You might also be interested in …