Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths ElevenPaths Announces Strategic Security Alliance with Devo Provides Telefónica Customers Advanced Cybersecurity Monitoring and Protection Services Through Devo Data Operations Platform. Madrid- Thursday 14th of June, 2018. ElevenPaths, the Telefónica Cybersecurity Unit, specialized in development of innovative...
ElevenPaths Cybersecurity Weekly Briefing August 22-28 Conti ransomware distributed after Trickbot Conti is a relatively new ransomware that appeared in isolated attacks in December 2019 but started to become a relevant threat in June 2020, when...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Sergio de los Santos A Simple Explanation About SAD DNS and Why It Is a Disaster (or a Blessing) In 2008, Kaminsky shook the foundations of the Internet. A design flaw in the DNS made it possible to fake responses and send a victim wherever the attacker wanted....
ElevenPaths ElevenPaths Approaches the Cyber Security Paradigm Shift and the New Era’ s Digital Transformation in the SID 2020 Telefónica Tech’s cyber security company is holding its 8th Security Innovation Days, this time in a virtual format and extending from one to three half-days, on October 20th, 21st...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech Cyber Security Weekly Briefing 18 – 24 December Log4Shell Vulnerability (update) Through the week new details and comments around the vulnerability known as Log4Shell have continued to appear. First, a new denial-of-service vulnerability affecting Log4j2 on versions from 2.0-alpha1...
Telefónica Tech Cyber Security Weekly Briefing 5-11 March Mozilla patches two 0-day vulnerabilities Mozilla has issued a security advisory patching two 0-day vulnerabilities that are reportedly being actively exploited and affect Firefox, Focus and Thunderbird. Both vulnerabilities were...
Florence Broderick (re) Introducing Evil Foca (DEFCON Edition) Evil Foca was introduced in early April, as a tool to make local networks pentesters and auditors life easier. In a simple way and with a very simple interface too, it allows...
Florence Broderick FaaS: Visión global de Pentesting by Design La idea que tenemos sobre seguridad es diferente sobre lo que históricamente las organizaciones han ido utilizando. ¿Realmente es lo que necesitaban? Pensamos que un sistema continuo de pentesting...
Florence Broderick Eleven Paths is growing Eleven Paths is growing. Apart from the people who joined from the beginning (just two months ago!), we’ve been hiring new employees that will have a key role in...
Florence Broderick Security should be transparent, but ready when needed Security should be totally transparent for users; this was one of the key messages we discussed last week during the press conference we did with several journalists when launching Eleven...
Florence Broderick The beginning It is widely known that writing the first post is always a difficult task, but it is a compelling one. It’s the start of a new path that you...
Florence Broderick ElevenPaths Talks: The ISF Standard of Good Practice for Information Security REGISTER HERE! On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
