Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
ElevenPaths #CyberSecurityReport19H2: Qihoo is the company that most collaborates in the reporting of vulnerabilities in Microsoft products Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just launched another release...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Gonzalo Álvarez Marañón Nobody on The Internet Knows You Are A Dog, Even If You Use TLS Certificates You may have noticed that most websites have a little padlock on them. If you click on it, a window will pop up stating that “the connection is secure”....
Innovation and Laboratory Area in ElevenPaths Do You Dare to Develop a TheTHE Plugin? #EquinoxRoom111 Contest Dare yourself to participate in our contest by creating your own plugin for TheTHE, our tool for Threat Hunting teams.
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech Attacking login credentials An access credential is basically a username and password associated with a person and the access permissions granted to that person for an application, service or system. An access...
Telefónica Tech Cyber Security Weekly Briefing 2-8 October Apache vulnerabilities actively exploited Earlier this week, Apache fixed a 0-day (CVE-2021-41773) affecting Apache HTTP servers which was actively being exploited. However, on Thursday we learned that the patch released...
ElevenPaths GSMA IoT Security Champion: Award to our IoT Security team We have a lot to be happy about! Our IoT Security team, dedicated to cybersecurity specialized in the increasingly relevant world of the Internet of Things, has received a...
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (II) Over the last entry we focused on analyzing the content of these files from a critical point of view, this is: on clarifying that when a massive leak freeing...
Gonzalo Álvarez Marañón Post-Quantum Future Is Around the Corner and We Are Still Not Prepared Every year we have more powerful computers with a higher calculation capacity, is that fact good or bad? Think twice before giving an answer. It depends. Because if global information...
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (I) Sometimes, someone frees by mistake (or not) an enormous set of text files with millions of passwords inside. An almost endless list of e-mail accounts with their passwords or...
ElevenPaths Detected an extension in Chrome Web Store, active from February, that steals credit cards We have detected an extension for Google Chrome, still active, that steals data from web site forms visited by the victims. This extension, which is still available on Chrome...
Gonzalo Álvarez Marañón 2019 Won’t Be the Year When Quantum Computers Replace the Cryptography That We All Use What would happen if a fully error corrected quantum computer of several thousands of logical qubits started working today? Public key infrastructures would fall down. The secrets of the...
ElevenPaths Open source maintainer burnout as an attack surface Introduction Software development has evolved greatly in the last decades. It is leaning towards an scenario based in third-party modules, components and libraries that help accelerate the development of our...
ElevenPaths New report: Twitter botnets detection in sports event We all know that a botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform DDoS attacks,...
ElevenPaths AuthCode: Our award-winning continuous-authentication system, jointly developed with the University of Murcia Continuous-authentication systems aim to identify users’ behavior through interactions with their device. The main advantage of this type of authentication is that it improves users’ experience when using services...
ElevenPaths The Confirmation Bias: we seek the information that confirms our decisions, refusing their opposed evidences Imagine yourself in a lab over an experiment. You’re asked to analyze the following number sequence: 2, 4, 6 This sequence follows a rule. What do you think the rule is?...
José Luis Núñez Díaz Towards a smarter supply chain One of the recurring use cases that is always mentioned when talking about Blockchain is its application in supply chains. In fact, back in 2018, at Telefónica we were...
ElevenPaths Mum, I want to be a hacker The hacker concept is most often associated with male ‘techies’ and ‘geeks’. But why is it so difficult to find female role models in the world of technology? We...
Florence Broderick Eleven Paths Talks: WordPress in Paranoid Mode ¡Regístrate aquí! El próximo Jueves 30 de Junio nuestro compañero Pablo González impartirá una charla en la que se verá una prueba de concepto realizada en Eleven Paths. Pablo está en...
Florence Broderick ElevenPaths Talks: The ISF Standard of Good Practice for Information Security REGISTER HERE! On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is...
Florence Broderick Mobile Connect winner of the 'Connected Life Awards' Mobile Connect is a multi-operator solution driven by GSMA for universal secure access. The user only needs to link their information to their mobile device solution to have quick...
