Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them detected by antiviruses Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Nikolaos Tsouroulas Looking for a MDR partner? Beware, not all MDRs are the same Are you throwing more money than you can afford into your SOC but still failing to detect and respond quickly enough to incidents? Have you suffered the impact of...
ElevenPaths How the “antimalware” XProtect for MacOS works and why it detects poorly and badly Recently, MacOS included a signature in its integrated antivirus, intended to detect a binary for Windows; but, does this detection make sense? We could think it does, as a...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Pablo Alarcón Padellano ElevenPaths recognized by Check Point Software Technologies as a CloudGuard Specialized Partner After developping a wide portfolio of Cloud Security Services, ElevenPaths has been recognized by its Strategic Partner Check Point as a CloudGuard Specialized Partner.
Telefónica Tech Cyber Security Weekly Briefing, 5 – 11 November Robin Banks Phishing Platform Reactivated Researchers at IronNet have published the second part of their investigation into the Robin Banks phishing-as-a-service platform. The platform was discovered in June this year...
Florence Broderick So is it true that malware for Firefox OS has been found? The power of a good headline is hypnotic. The one taking a lot of security news during these days is the “Found first malware for Firefox OS”. The title is...
Florence Broderick How to use Metashield protector for Client and why using it Metashield is an Eleven Paths product that allows to clean up metadata from most of office documents. It tries to cover a gap where there seems not to exist any...
Florence Broderick How to take advantage of Chrome autofill feature to get sensitive information At the end of 2010, Google introduced autofill in Chrome, a comfortable feature, that may be a security problem for its users. Even after some other browsers suffered security...
ElevenPaths How to cause a DoS in Windows 8 explorer.exe We have discovered by accident how to cause a Denial of Service (DoS) in Windows 8. It’s a little bug that is present in the last version of the...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Showing certificate chain without validating with Windows "certificate store" (C#) Java has its own independent certificate store. If you wish to view natively in Windows a certificate extracted from an APK or JAR file Windows may not find the...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
Florence Broderick White Paper: Practical hacking in IPv6 networks with Evil FOCA We have released a white paper about practical hacking in IPv6 networks with Evil FOCA. This document describes IPv6 basic concepts, most common IPv6 current attacks and how to implement...
Florence Broderick Information leakage in Data Loss Prevention leader companies Gartner has released a study that classifies the most important companies that offer Data Loss Prevention (DLP) solutions depending on their position, strategy, effectiveness, and market leadership. We have made...
Florence Broderick Mobile banking and banking trojans During 2012 there was an increase around 28% in mobile banking or M-Banking operations. Users can access their bank accounts from their mobile devices, mainly making use of a specifically...
José Luis Núñez Díaz Towards a smarter supply chain One of the recurring use cases that is always mentioned when talking about Blockchain is its application in supply chains. In fact, back in 2018, at Telefónica we were...
ElevenPaths Mum, I want to be a hacker The hacker concept is most often associated with male ‘techies’ and ‘geeks’. But why is it so difficult to find female role models in the world of technology? We...
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick ElevenPaths Talks: The ISF Standard of Good Practice for Information Security REGISTER HERE! On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is...
Florence Broderick Introducing Mobile Connect – the new standard in digital authentication The Mobile Operators hold the future of digital authentication in our hands, and so do our customers. The consumers will no longer need to create and manage multiple user...
