Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths ElevenPaths is a Fortinet’s Alliance Technology Partner Solutions Integration with Vamps and Metashield Fortinet is a Strategic Partner of ElevenPaths, Telefónica Cyber Security unit, with more than 15 years working together, and on June 2016, we strengthened...
Carlos Ávila Your MacOS System Is Also A Target for Cybercrime – Protect It! According to statcounter, Apple’s operating system, macOS (formerly OSX) in particular, has a market share of around 17%, making it the second most widely used desktop operating system. This...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing 8–14 january Microsoft security bulletin Microsoft has published its January security bulletin in which it has fixed a total of 97 bugs, including six 0-day vulnerabilities and nine bugs classified as critical....
ElevenPaths New report: Malware attacks Chilean banks and bypasses SmartScreen, by exploiting DLL Hijacking within popular software ElevenPaths has spotted an enhanced and evolving Brazilian banking trojan (probably coming from KL Kit,) through using a new technique to bypass the SmartScreen reputation system and avoid detection...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (I) At this point in time and looking back on 2020, nobody would have imagined the advance in the digitalisation of organisations and companies due to the irruption of homeworking...
ElevenPaths APTualizator (II): Deconstructing Necurs Rootkit and Tools for Detecting and Removing It This report has been drafted by Roberto Santos and Javier Rascón from the CSIRT-SCC (Security Cyberoperations Center) Research Team, in collaboration with ElevenPaths. At the end of June 2019, a big Spanish company was attacked and thousands of their computers were impacted. Such was...
Innovation and Laboratory Area in ElevenPaths EasyDoH Update Hot off the Press: New Improvements and Functionalities Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
Innovation and Laboratory Area in ElevenPaths EasyDoH: our new extension for Firefox that makes DNS over HTTPS simpler A year ago, the IETF has raised to RFC the DNS over HTTPS proposal. This new is more important than it may seem. For two reasons: firstly, it’s a...
Sergio de los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
ElevenPaths New tool: Masked Extension Control (MEC), don’t trust Windows extensions Windows relies too much on extensions to choose the program that must process a file. For instance, any .doc file will be opened by Word, regardless of its “magic...
Innovation and Laboratory Area in ElevenPaths Five interesting own tools that you may have missed (and a surprise) This time we are going to rehash a blog entry by gathering some of the own tools that we have recently developed and we consider of interest. We summarize...
Innovation and Laboratory Area in ElevenPaths Uncovering APTualizator: the APT that patches Windows By the end of June 2019, we assisted to an incident were a high number of computers had started to reboot abnormally. In parallel, was detected a file called...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them detected by antiviruses Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
Sergio de los Santos A government is known by the Apple data it requests Sometimes, governments need to be underpinned by huge corporations to carry out their work. When a threat depends on knowing the identity or gaining access to a potential attacker...
Sergio de los Santos The attack against OpenPGP infrastructure: consequences of a SOB’s actions What is happening with the attack against OpenPGP infrastructure constitutes a disaster, according to the affected people who maintain the protocol. Robert J. Hansen, who communicated the incident, has...
José Luis Núñez Díaz Towards a smarter supply chain One of the recurring use cases that is always mentioned when talking about Blockchain is its application in supply chains. In fact, back in 2018, at Telefónica we were...
ElevenPaths Mum, I want to be a hacker The hacker concept is most often associated with male ‘techies’ and ‘geeks’. But why is it so difficult to find female role models in the world of technology? We...
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick ElevenPaths Talks: The ISF Standard of Good Practice for Information Security REGISTER HERE! On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is...
Florence Broderick Introducing Mobile Connect – the new standard in digital authentication The Mobile Operators hold the future of digital authentication in our hands, and so do our customers. The consumers will no longer need to create and manage multiple user...
