Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Telefónica Tech Cyber Security Weekly Briefing, 6 – 12 May Security updates vulnerabilities in Fortinet products Fortinet has announced a set of security updates that fix up to a total of 9 vulnerabilities, 2 of which are considered high severity...
ElevenPaths Cybersecurity Weekly Briefing July 25-31 BootHole: Vulnerability in GRUB2 Eclypsium researchers have discovered a buffer overflow vulnerability in the GRUB2 bootloader that could be used to execute arbitrary code during the boot process. It has...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport21H1: More than 246 million OT cyber security events detected in six months There are many reports on security trends and summaries, but at Telefónica Tech we want to make a difference. From the Innovation and Lab team, we have just launched...
David García Will Rust save the world? (II) We saw in the previous article the problems of manual memory management, but also the pitfalls of automatic memory management in languages like Java. But what if there was...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cyber Security Weekly Briefing 25 September – 1 October Let’s Encrypt root certificate expires (DST Root CA X3) A few days ago, Scott Helme, founder of Security Headers, highlighted the 30 September as the date when Let’s Encrypt’s root certificate, DST...
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Gonzalo Álvarez Marañón The Future of Digital Signatures to Protect Your Money Lies in Threshold Cryptography Imagine you were such a modern person, that all your money was in cryptocurrency instead of in a traditional bank. If you have ever handled cryptocurrencies, you will know that they are...
ElevenPaths Cybersecurity Weekly Briefing October 3-9 New botnet detected that deletes data from the infected device A group of researchers from the company Netlab 360 published yesterday their latest findings on a new botnet that specialises...
Carlos Ávila The Dark Side of WebAssembly Nowadays, the technologies for developing software for webs are multiplying rapidly, while introducing, in some cases, new ways of attack or unexpected advantages for attackers. Let’s see what WebAssembly...
Innovation and Laboratory Area in ElevenPaths New Version of Our SIEM Attack Framework, Now With 7 Manufacturers For some time now, the ElevenPaths Innovation and Laboratory team has been working on different projects and research related to the security aspects of SIEM (Security Information and Event...
ElevenPaths Security Innovation Days 2020: The New Era Cyber Security in the Digital Transformation Era There is no doubt about it, we are living times of constant changes at all possible levels. There are so many that we are talking about a change of...
ElevenPaths Curiosities About Windows XP Code Leak A few days ago, attention was focused on Reddit, within a community that is characterised by its conspiracy theories. According to the news it consisted of filtering 43 GBs...
ElevenPaths Introducing the New ElevenPaths Chief Security Envoys (CSEs) for 2020 For several years now, in ElevenPaths there is a CSAs (Chief Security Ambassadors) figure. These are experts in cybersecurity, ambassadors of our brand around the world whose mission is to promote the culture of security...
ElevenPaths Cybersecurity Weekly Briefing 26 September – 2 October The logistics giant CMA CGM affected by a cyber attack This week, the French logistics group CMA CGM, which operates in 160 different countries, reported via its website and social...
Innovation and Laboratory Area in ElevenPaths ChainLock, A Linux Tool for Locking Down Important Files Let’s say you have a valuable file on your computer, such as a bitcoin wallet file (“wallet.dat”), or some other file with sensitive information, and you decide put a...
Innovation and Laboratory Area in ElevenPaths DIARIO Already Detects “Stomped” Macros, But What Are They Exactly? Few weeks ago, we presented DIARIO, the malware detector that respects the privacy of users, and we continue to improve it so that it detects more and better. We...
ElevenPaths Mum, I want to be a hacker The hacker concept is most often associated with male ‘techies’ and ‘geeks’. But why is it so difficult to find female role models in the world of technology? We...
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick ElevenPaths Talks: The ISF Standard of Good Practice for Information Security REGISTER HERE! On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Heartbleed plugin for FOCA By now, everyone knows about Heartbleed. Just like we did for FaasT, we have created a plugin for FOCA (final version) one of our most downloaded tools. This plugin...
