Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths ElevenPaths Presents DIARIO, the Malware Detector That Respects Users’ Privacy The tool statically scans and analyses documents without the need to identify the content of the files, thus respecting and guaranteeing their privacy.DIARIO is a new concept of malware...
ElevenPaths Come to Create Technology at Telefónica’s Chief Data Office Unit Hi Hacker! Technology is in a constant evolution and so are we. Therefore, from Telefónica, throughout the Chief Data Office (CDO) led by Chema Alonso, which includes Aura -Cognitive Intelligence-, ElevenPaths -Cybersecurity-, LUCA -Big Data-...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Juan Elosua Tomé Triki: Cookie Collection and Analysis Tool In July 2020, the Spanish Data Protection Agency, following the entry into force of the European General Data Protection Regulation and several consultations with the European Data Protection Committee...
ElevenPaths Cybersecurity Weekly Briefing July 4-10 RCE Vulnerability in F5’s BIG-IP (CVE-2020-5902) Last Wednesday a new critical Remote Code Execution vulnerability (CVE-2020-5902 CVSSv3 10) was published for F5’s Traffic Management User Interface (TMUI). This vulnerability allows...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Gonzalo Álvarez Marañón DataCOVID-19: Fighting the Coronavirus by Using the Approximate Location Data of Your Smartphone Find the answers to your questions about how the Spanish Government is using Big Data to improve research on the COVID-19 pandemic.
Diego Samuel Espitia A practical approach to integrating MITRE’s ATT&CK and D3FEND Businesses have become aware of the need to have mechanisms in place to ensure the protection of their information and how important it is to understand their weaknesses in...
Telefónica Tech Cyber Security Weekly Briefing, 9 — 15 July Rozena: backdoor distributed by exploiting Follina vulnerability Fortinet researchers have published an analysis of a malicious campaign in which they have detected the distribution of a new backdoor exploiting the...
Sergio de los Santos Hypocrisy doublespeak in ransomware gangs The hypocrisy, doublespeak and even, we assume, sarcasm that ransomware gangs display on their websites has no limits. As an anecdote, we are going to show some of the...
Cristina del Carmen Arroyo Siruela Understanding Digital Certificates For ordinary citizens, digital certificates are those electronic files or documents that allow them to carry out thousands of legal actions, administrative actions, and they can dispense with having...
Telefónica Tech Cyber Security Weekly Briefing, 1 — 8 July Raspberry Robin: worm detected in multiple Windows networks Microsoft has issued a private advisory to Microsoft Defender for Endpoint subscribers, informing about the detection of the Raspberry Robin malware in...
Alfonso Ibañez Edge Computing and Machine Learning, a strategic alliance By Alfonso Ibáñez and Aitor Landete Nowadays, it is not unusual to talk about terms such as Artificial Intelligence or Machine Learning. Society, companies and governments are increasingly aware of...
Telefónica Tech Time to start planting digital seeds for the future? Preparing business operations for the future of work is one of the defining problems of our time. Organisations the world over are now at the stage where their choice of...
Telefónica Tech Cyber Security Weekly Briefing, 25 June – 1 July Kaspersky investigates attacks on industrial control systems Kaspersky researchers have investigated an attack campaign targeting industrial control systems (ICS) of telcos and industrial companies in several countries on the Asian...
Aarón Jornet How Lokibot, the malware used by Machete to steal information and login credentials, works Machete is a group dedicated to information theft and espionage. It uses various tools, including LokiBot.
Telefónica Tech Cyber Security Weekly Briefing, 18 – 24 June Microsoft Office 365 and Cloudflare services went down worldwide Multiple web services were interrupted worldwide last Tuesday. The source of these incidents was Microsoft Office 365 on the one hand...
Cristina del Carmen Arroyo Siruela Women’s Engineering Day: Building New Paths The Women's Engineering Society (WES) launched the Women's Engineering Day initiative in the UK on June 23, 2014
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
