Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths ElevenPaths Expands Its Cloud Security Solutions Portfolio With Prisma Cloud By Palo Alto Networks ElevenPaths has achieved the status of Premier Public Cloud MSSP Partner with Palo Alto Networks. ElevenPaths, Telefónica Tech’s Cybersecurity Company, has expanded its Cloud Managed Security Service (Cloud MSS) by...
ElevenPaths #CyberSecurityPulse: Oops, I Went Running and I Published Information From Secret Locations The popular fitness tracking app Strava proudly published a 2017 heat map showing activities from its users around the world, but unfortunately, the map revealed locations of the United...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Javier Provecho CNCF’s Harbor (cloud native registry) fixes an information disclosure bug discovered by ElevenPaths (CVE-2020-29662) On December 2nd, ElevenPaths’ CTO SRE team discovered an unauthenticated API within Harbor, a cloud native registry part of the CNCF. It is commonly used as an agnostic Docker...
ElevenPaths New report: Malware attacks Chilean banks and bypasses SmartScreen, by exploiting DLL Hijacking within popular software ElevenPaths has spotted an enhanced and evolving Brazilian banking trojan (probably coming from KL Kit,) through using a new technique to bypass the SmartScreen reputation system and avoid detection...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cyber Security Weekly Briefing May 1-7 Apple fixes four 0-day vulnerabilities in WebKit Apple released yesterday a security update to fix four 0-day vulnerabilities that could be actively exploited, according to Apple itself. These four flaws...
ElevenPaths ElevenPaths Radio English #3 – Why is Cybersecurity So Necessary Today? In this episode, Gabriel Bergel, our CSA in Chile, explains that nowadays there is no excuse for not being interested in cybersecurity. At a personal level, the use of...
ElevenPaths Security Day 2017_ Cyber Security beats Sign up! The motto of the fourth edition of our Security Day is Cybersecurity Beats. A conference about security and technology where this year we will teach how our security...
ElevenPaths Mum, I want to be a hacker The hacker concept is most often associated with male ‘techies’ and ‘geeks’. But why is it so difficult to find female role models in the world of technology? We...
ElevenPaths ElevenPaths and the University of Piraeus in Greece work together using Tacyt as an educational and research unit ElevenPaths and the Department of Informatics of the University of Piraeus in Greece work together using Tacyt as an educational and research unit. ElevenPaths and the Department of Informatics of...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
ElevenPaths Latch and IoT, a perfect symbiosis The Internet of Things stopped being the future to become our present. It’s rare that on any given day we do not interact in one way or another with...
ElevenPaths Limiting the use scope of our secrets in Latch with “Limited Secrets” When creating a Latch app as a developer, Latch provides us with an application identifier (appId) and a secret. These two keys allow us to sign the requests sent...
Florence Broderick ElevenPaths is now a NoMoreRansom.org associated partner Ransomware has a severe impact for IT companies and users. The increasing popularity of this security threat along with the profitable business for criminals make ransomware one of the...
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick ElevenPaths and iLife Security signed an agreement for implementing services in support, IT management and security Aiming to help clients to adapt their systems in this new technological reality and its growing challenges in security matters, ElevenPaths and iLife Security, company specialized in Full Outsorcing...
Florence Broderick ElevenPaths and Opencloud Factory signed an agreement to provide a unique solution for access control in corporative networks ElevenPaths and Opencloud Factory signed a technological agreement, aiming to develop a unique solution for controlling the access in corporative networks. Thanks to this agreement, Mobile Connect...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick New Tool: MicEnum, Mandatory Integrity Control Enumerator In the context of the Microsoft Windows family of operating systems, Mandatory Integrity Control (MIC) is a core security feature introduced in Windows Vista and implemented in subsequent lines...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
