Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cyber Security Weekly Briefing May 29- June 4 Vulnerability in SonicWall Network Security Manager SonicWall has released security patches to fix a vulnerability affecting local versions of the Network Security Manager (NSM) multi-user firewall management solution. Classified as CVE-2021-20026 and...
ElevenPaths Cybersecurity Weekly Briefing October 24-30 Critical vulnerability in Hewlett Packard Enterprise SSMC Hewlett Packard Enterprise has fixed a critical authentication evasion vulnerability (CVE-2020-7197, CVSS 10) affecting its StoreServ Management Console (SSMC) storage management software. HPE...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths Cybersecurity Weekly Briefing 23-29 May Critical-Severity RCE Vulnerability in Cisco Unified CCX Cisco has fixed a critical remote code execution bug in the Java Remote Management Interface of Cisco Unified Contact Center Express (CCX). This...
ElevenPaths Cyber Security Weekly Briefing March 6-12 FluBot botnet behind messaging company impersonation campaign Last Friday, researchers at Threat Fabric named the threat behind the campaign to impersonate SMS messaging companies. Specifically, they talk about the Cabassous malware, a...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cyber Security Weekly Briefing January 23-29 Attack against SonicWall by exploiting a possible 0-day in its VPN appliances Firewall manufacturer SonicWall has issued a security alert warning that it has detected a sophisticated attack against...
David García What’s new in the OWASP 2021 ranking? OWASP, the foundation focused on web application security, has recently updated its ranking of the most prominent risks. Let’s take a look at the new reorganisation of the top,...
Estevenson Solano Metaverse (II): the challenge of building a virtual space that is secure, inclusive and beneficial to everyone As we learned in the previous article of this series, impact of the metaverse on disinformation, child security, its evolution and its potential to spread discrimination and inequalities will...
Aarón Jornet Evolution of Spear-Phishing Techniques of Notorious Threat Groups and malware used In recent years, different campaigns and threats have been metabolised and their entry vector has been the same, the e-mail. This initial access always seems to be the most...
Telefónica Tech Cyber Security Weekly Briefing, 8 – 14 April Apple fixes two new actively exploited 0-day vulnerabilities Apple has released new security advisories about two new actively exploited 0-day vulnerabilities affecting iPhones, Macs and iPads. First, there is the...
Estevenson Solano Metaverse (I): threats in an immersive, multi-sensory environment While the discussion and excitement around the metaverse is growing, there are also feelings of doubt, fear, concern and uncertainty about the potential risks in an environment where the...
María Riesgo Technology and the young: how to turn dangers into opportunities The technology world is moving extremely fast. If we look back, we would have never imagined the possibility of connecting to a computer without interrupting the landline phone at...
Telefónica Tech Cyber Security Weekly Briefing, 25 – 31 March GitHub exposes its RSA SSH host key by mistake GitHub announced last Friday that they had replaced their RSA SSH host key used to protect Git operations. According to the...
Roberto García Esteban Cloud terms you can’t miss It was George Favaloro and Sean O’Sullivan, managers of Compaq Computer, who first used the expression “Cloud Computing” in 1996, and since then, the term has become so popular...
Nacho Palou Cybercrime, a constant threat to all types of companies Cyber threats have existed since technology began to be used in companies and organizations. But the evolution of the technology world in the 21st century has changed the landscape:...
Telefónica Tech Cyber Security Weekly Briefing, 18 – 24 March HinataBot: new botnet dedicated to DDoS attacks Researchers at Akamai have published a report stating that they have identified a new botnet called HinataBot that has the capability to perform...
Nacho Palou 5G connectivity: Four real and practical use cases According to data from GSMA, collected by the publication Redes & Telecom, by the end of 2022, over one billion 5G connections had been surpassed worldwide; this figure will...
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
