Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Franco Piergallini Guida How to Trick Apps That Use Deep Learning for Melanoma Detection One of the great achievements of deep learning is image classification using convolutional neural networks. In the article “The Internet of Health” we find a clear example where this...
ElevenPaths Cybersecurity Weekly Briefing October 24-30 Critical vulnerability in Hewlett Packard Enterprise SSMC Hewlett Packard Enterprise has fixed a critical authentication evasion vulnerability (CVE-2020-7197, CVSS 10) affecting its StoreServ Management Console (SSMC) storage management software. HPE...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 8 – 14 April Apple fixes two new actively exploited 0-day vulnerabilities Apple has released new security advisories about two new actively exploited 0-day vulnerabilities affecting iPhones, Macs and iPads. First, there is the...
ElevenPaths AuthCode: Our award-winning continuous-authentication system, jointly developed with the University of Murcia Continuous-authentication systems aim to identify users’ behavior through interactions with their device. The main advantage of this type of authentication is that it improves users’ experience when using services...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech Cyber Security Weekly Briefing, 11 – 17 March A new version of the Xenomorph banking trojan ThreatFabric researchers have detected a new variant of the Android banking trojan Xenomorph. This malware family was first detected in February 2022...
Telefónica Tech Cyber Security Weekly Briefing, 5 – 9 June Barracuda warns of immediate replacement of compromised ESG appliances Security firm Barracuda has issued a warning in which it is urging organisations affected by the 0-day vulnerability (CVE-2023-2868) in their...
Telefónica Tech Cyber Security Weekly Briefing, 24 – 30 December LastPass confirms theft of customer passwords LastPass has announced that its cloud storage system was breached using stolen passwords in an incident last August. The attackers gained access to the...
Nacho Palou Cybersecurity: 13 posts to stay informed and protected from cyberthreats With the digitization of companies and organizations and our increasing reliance on digital technologies, data and information protection must be prioritized. The adoption of cutting-edge digital technologies is not only...
Telefónica Tech Cyber Security Weekly Briefing, 17 – 23 December SentinelOne: malicious Python package in PyPI Researchers at ReversingLabs have published an investigation in which they report having identified a Python package in PyPI that masquerades as the legitimate SDK...
Diego Samuel Espitia Cybersecurity in OT: a need with differences Cyber incidents in industrial environments have been increasing significantly since 2010, but it is undoubtedly in the 2020s that these incidents have affected the general population or made the...
Telefónica Tech Cyber Security Weekly Briefing, 10 – 16 December Microsoft fixes in its December Patch Tuesday two 0-day vulnerabilities and 49 other bugs Among the fixed vulnerabilities, two of them are 0-day, one of them actively exploited and identified...
Roberto García Esteban Cloud Computing for a more sustainable future Governments and businesses around the world have been trying to reduce the environmental impact of their activities since the Paris Climate Summit in 2015 and the subsequent implementation of...
Félix Brezo Fernández XVI STIC Conference: 5 trends in Cyber Security highlighted by our analysts for 2023 The CCN-CERT STIC Conference has been a classic security event at the end of the year for more than a decade. Held between 29 November and 1 December 2022...
Telefónica Tech Cyber Security Weekly Briefing, 3 – 9 December Ninth Chrome 0-day of the year Google has released Chrome 108.0.5359.94 for Mac and Linux, and 108.0.5359.94/.95 for Windows, which fixes a 0-day vulnerability, the ninth detected in Chrome this...
Telefónica Tech VMware Explore ’22 leverages interoperability among multiple & Cross-Cloud environments Written by Matheus BottanPartner Development at Telefonica Tech Formerly dubbed VM World (brand that stamped the first editions since 2004) suffice it to say that VMware Explore is a giant pivot in...
Telefónica Tech Cyber Security Weekly Briefing, 26 November – 2 December Urgent update to Chrome to prevent the eighth 0-day of 2022 Google has released an urgent security update for Chrome to prevent exploitation of the eighth 2022 0-day in the...
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
