Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths New Capabilities for the Future of Cybersecurity: Security Innovation Days 2020 (Day 2) Second day of the Security Innovation Days 2020, focusing on the new capabilities we have acquired as a cybersecurity company from Telefónica Tech. A few weeks ago, we announced...
ElevenPaths #CyberSecurityReport19H2: Qihoo is the company that most collaborates in the reporting of vulnerabilities in Microsoft products Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just launched another release...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths #CyberSecurityPulse: Injection and XSS, the Most Critical Web Application Security Risks The Open Web Application Security Project (OWASP) has just updated the top ten list of web app vulnerabilities for the first time since 2013 but not much has actually...
Gonzalo Álvarez Marañón Hiding Keys Under the Mat: Governments Could Ensure Universal Insecurity The doorbell rang. “Who will be ringing now?” asked Brittney Mills, as she struggled to get off the couch. Her eight months of pregnancy were beginning to hinder her...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cyber Security Weekly Briefing December 5-11 Microsoft Security Newsletter On December 8, Microsoft published its monthly security update newsletter, which this time includes patches for 58 vulnerabilities and an advisory for various Microsoft products. Nine of...
Innovation and Laboratory Area in ElevenPaths ChainLock, A Linux Tool for Locking Down Important Files Let’s say you have a valuable file on your computer, such as a bitcoin wallet file (“wallet.dat”), or some other file with sensitive information, and you decide put a...
Telefónica Tech Cyber Security Weekly Briefing, 24 — 30 September Two 0-day vulnerabilities exploited in Microsoft Exchange The Vietnamese cybersecurity team GTSC reported two 0-day vulnerabilities in Microsoft Exchange three weeks ago through the Zero Day Initiative (ZDI) that are...
Marta Mallavibarrena Human factor key in cyber security Dozens of vulnerabilities are discovered every day in the current landscape (an average of 50 in 2021), and attackers are finding new and ingenious ways to exploit them. It...
ElevenPaths Cyber Security Weekly Briefing, 17 — 23 September Quantum and BlackCat ransomware use Emotet as entry vector Researchers at AdvIntel have published the results of an investigation reporting that ransomware operators Quantum and BlackCat have adopted the use...
Emilio Moreno Latency and Edge Computing: Why is it important? For many years we have been in a race to increase the speed of our connections. Ever since those modems that treated us to a symphony of beeps, the...
Telefónica Tech Cyber Security Weekly Briefing, 9 — 16 September Microsoft fixes two 0-day and 63 other vulnerabilities in Patch Tuesday Microsoft has fixed 63 vulnerabilities in its September Patch Tuesday, including two 0-days, one of them actively exploited, and...
Estevenson Solano How to become a cyber resilient organisation Fear, panic and uncertainty are some of the feelings constantly experienced in corporate leadership. In management committees, the big question is frequently asked: is our cyber security working? As...
Marta Mª Padilla Foubelo Name the malware you have, and I’ll tell you which botnet you belong to What is a botnet and how does it work? To begin with, let’s dissociate the word botnet. On the one hand, “bot” means robot and, on the other hand, “net”...
Roberto García Esteban Cloud market trends until 2025 All of us who work in Cloud services are aware that this market is still in a phase of accelerated growth and that more and more companies are taking...
Telefónica Tech Cyber Security Weekly Briefing, 3 — 9 September 0-day vulnerability in Google Chrome Google released on Friday an emergency patch for the Chrome browser on Windows, Mac and Linux, fixing a 0-day vulnerability, which is being actively exploited. The...
Roberto González Rojo Collaborative solutions to address the challenge of hybrid working Microsoft surveyed 30,000 people in 31 different countries in 2021 as part of its Work Trend Index report, asking participants for their opinion on the most appropriate way to...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Florence Broderick Latch, new ElevenPaths' service During the time we’ve been working in ElevenPaths we’ve faced many kind of events internally, buy one of the most exciting and awaited is the birth of Latch. It’s a technology of our...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
