Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths ElevenPaths Expands Its Cloud Security Solutions Portfolio With Prisma Cloud By Palo Alto Networks ElevenPaths has achieved the status of Premier Public Cloud MSSP Partner with Palo Alto Networks. ElevenPaths, Telefónica Tech’s Cybersecurity Company, has expanded its Cloud Managed Security Service (Cloud MSS) by...
ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a .NET...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Helene Aguirre Fake News and Cyberthreats in Times of Coronavirus Helene Aguirre tells you how cyberthreats never stop, even in the case of a global pandemic health alert.
ElevenPaths New tool: Masked Extension Control (MEC), don’t trust Windows extensions Windows relies too much on extensions to choose the program that must process a file. For instance, any .doc file will be opened by Word, regardless of its “magic...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Andrés Naranjo Homeworking and Pandemics: a Practical Analysis on BlueKeep Vulnerability in Spain and Latin America “It is not the strongest of the species that survives, not the most intelligent that survives. It is the one that is the most adaptable to change”.Charles Darwin One of...
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (II) Over the last entry we focused on analyzing the content of these files from a critical point of view, this is: on clarifying that when a massive leak freeing...
Sergio de los Santos Tell Me What Data You Request from Apple and I Will Tell You What Kind of Government You Are We recently found out that Spain sent 1,353 government requests for access to Facebook user data in the first half of 2020. Thanks to Facebook’s transparency report for the...
ElevenPaths Cybersecurity Weekly Briefing November 21-27 Qbot as a prelude to Egregor ransomware infections Researchers at Group-IB security company have issued a statement claiming to have found activity linking the Qbot banking trojan (also known as...
Diego Samuel Espitia Using Development Libraries to Deploy Malware Cybercriminals seek strategies to achieve their objectives: in some cases, it is users’ information; in others, connections; sometimes they generate networks of computers under their control (botnets), etc. Any...
Gonzalo Álvarez Marañón Nonces, Salts, Paddings and Other Random Herbs for Cryptographic Salad Dressing The chronicles of the kings of Norway has it that King Olaf Haraldsson the Saint disputed the possession of the Hísing island with his neighbour the King of Sweden....
Sergio de los Santos A Simple Explanation About SAD DNS and Why It Is a Disaster (or a Blessing) In 2008, Kaminsky shook the foundations of the Internet. A design flaw in the DNS made it possible to fake responses and send a victim wherever the attacker wanted....
ElevenPaths Cybersecurity Weekly Briefing November 14-20 Malware distribution campaign supplants the identity of Spanish ministries ESET researchers warn of a malware distribution campaign that is impersonating Spanish ministries to distribute a malicious Android application through links...
Andrés Naranjo The Challenge of Online Identity (I): Identity Is the New Perimeter We often find ourselves in situations where we are faced with a mission and, as the mission goes on, we realise that the first choices we made were not...
Gonzalo Álvarez Marañón Rock, Paper, Scissors and Other Ways to Commit Now and Reveal Later Have you ever played rock, paper, scissors? I bet you have. Well, let’s put the tin lid on it: how would you play through the phone? One thing is...
Sergio de los Santos How Traditional CA’s Are Losing Control of Certificates and Possible Reasons Why Chrome Will Have a New Root Store It’s all about trust. This phrase is valid in any field. Money, for example, is nothing more than a transfer of trust, because obviously we trust that for a...
ElevenPaths Cybersecurity Weekly Briefing November 7-13 Links between Vatet, PyXie and Defray777 Researchers from Palo Alto Networks have investigated the families of malware and operational methodologies used by a threat agent that has managed to go...
José Luis Núñez Díaz Towards a smarter supply chain One of the recurring use cases that is always mentioned when talking about Blockchain is its application in supply chains. In fact, back in 2018, at Telefónica we were...
Florence Broderick Jam Session with Greg Day Madrid 2017 Roundup Estrenamos el mes de febrero uniéndonos a nuestros colegas de Palo Alto para celebrar nuestra primera Jam Session del año en Madrid. Este año iniciamos nuestras sesiones de visión...
Florence Broderick New tool: PinPatrol for Chrome. Something more than a plugin, a forensics tool Back in July, we created a new tool for improving the experience using HSTS and HPKP in Firefox. Now it’s time for Chrome. It shows this information in a...
Florence Broderick New tool: Maltego transforms for Tacyt If you are a Maltego user, you already know how intuitive and useful it is for researching and analyzing information. You may know as well that Maltego allows to...
Florence Broderick Eleven Paths Talks: WordPress in Paranoid Mode ¡Regístrate aquí! El próximo Jueves 30 de Junio nuestro compañero Pablo González impartirá una charla en la que se verá una prueba de concepto realizada en Eleven Paths. Pablo está en...
