Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Telefónica Tech Cyber Security Weekly Briefing, 29 April – 5 May Critical vulnerability in Zyxel firewalls Network equipment manufacturer Zyxel has released security patches for a critical vulnerability affecting its firewalls. The vulnerability, which was discovered and reported by the TRAPA...
ElevenPaths #CyberSecurityPulse: Dude, Where Are My Bitcoins? Numerous types of attacks are affecting cryptocurrency users: families of malware that steal wallets, phishing attacks that try to forge platforms where users manage their bitcoins, applications that use...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths #CyberSecurityPulse: Army Launches Direct Commissioning Program for Civilian Cybersecurity Experts The Army has approved a program to recruit experienced cybersecurity experts directly into the service as cyber officers in an attempt to bolster a growing field that military leaders...
Telefónica Tech Cyber Security Weekly Briefing, 14 – 20 January Critical vulnerabilities in Netcomm and TP-Link routers Several vulnerabilities have been discovered in Netcomm and TP-Link routers. On the one hand, the flaws, identified asCVE-2022-4873 and CVE-2022-4874, are a case of buffer...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cybersecurity Weekly Briefing August 22-28 Conti ransomware distributed after Trickbot Conti is a relatively new ransomware that appeared in isolated attacks in December 2019 but started to become a relevant threat in June 2020, when...
Gonzalo Álvarez Marañón Challenges and Business Opportunities of Post Quantum Cryptography Sooner or later we'll have to make the leap to post-quantum cryptography. Discover this new system and prepare your organization for change.
Gonzalo Álvarez Marañón The Future of Digital Signatures to Protect Your Money Lies in Threshold Cryptography Imagine you were such a modern person, that all your money was in cryptocurrency instead of in a traditional bank. If you have ever handled cryptocurrencies, you will know that they are...
ElevenPaths Cybersecurity Weekly Briefing October 3-9 New botnet detected that deletes data from the infected device A group of researchers from the company Netlab 360 published yesterday their latest findings on a new botnet that specialises...
Carlos Ávila The Dark Side of WebAssembly Nowadays, the technologies for developing software for webs are multiplying rapidly, while introducing, in some cases, new ways of attack or unexpected advantages for attackers. Let’s see what WebAssembly...
Innovation and Laboratory Area in ElevenPaths New Version of Our SIEM Attack Framework, Now With 7 Manufacturers For some time now, the ElevenPaths Innovation and Laboratory team has been working on different projects and research related to the security aspects of SIEM (Security Information and Event...
ElevenPaths Security Innovation Days 2020: The New Era Cyber Security in the Digital Transformation Era There is no doubt about it, we are living times of constant changes at all possible levels. There are so many that we are talking about a change of...
ElevenPaths Curiosities About Windows XP Code Leak A few days ago, attention was focused on Reddit, within a community that is characterised by its conspiracy theories. According to the news it consisted of filtering 43 GBs...
ElevenPaths Introducing the New ElevenPaths Chief Security Envoys (CSEs) for 2020 For several years now, in ElevenPaths there is a CSAs (Chief Security Ambassadors) figure. These are experts in cybersecurity, ambassadors of our brand around the world whose mission is to promote the culture of security...
ElevenPaths Cybersecurity Weekly Briefing 26 September – 2 October The logistics giant CMA CGM affected by a cyber attack This week, the French logistics group CMA CGM, which operates in 160 different countries, reported via its website and social...
Innovation and Laboratory Area in ElevenPaths ChainLock, A Linux Tool for Locking Down Important Files Let’s say you have a valuable file on your computer, such as a bitcoin wallet file (“wallet.dat”), or some other file with sensitive information, and you decide put a...
Innovation and Laboratory Area in ElevenPaths DIARIO Already Detects “Stomped” Macros, But What Are They Exactly? Few weeks ago, we presented DIARIO, the malware detector that respects the privacy of users, and we continue to improve it so that it detects more and better. We...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick New Tool: MicEnum, Mandatory Integrity Control Enumerator In the context of the Microsoft Windows family of operating systems, Mandatory Integrity Control (MIC) is a core security feature introduced in Windows Vista and implemented in subsequent lines...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
