Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cybersecurity Weekly Briefing November 14-20 Malware distribution campaign supplants the identity of Spanish ministries ESET researchers warn of a malware distribution campaign that is impersonating Spanish ministries to distribute a malicious Android application through links...
ElevenPaths Do I Really Need an Antivirus? How can standard users protect themselves? In this article we explain what an antivirus is for and how you can be (more) protected.
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths Rock appround the clock, our research in DEFCON In the world of Threat Intelligence, determining the attacker’s geographical location of is one of the most valuable data for attribution techniques, even if not perceived like that, this...
ElevenPaths In search of improved cryptocurrency privacy with Dash, Zcash and Monero When we talk about cryptocurrencies we often find ourselves with the belief that their use is completely anonymous. However, those who have investigated a little about them (because it...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cyber Security Weekly Briefing May 8-14 Ransomware attack on a main US oil pipeline US energy company Colonial Pipeline was hit by a ransomware attack on Friday, causing the shutdown of around 8800km of pipelines supplying...
Telefónica Tech Cyber Security Weekly Briefing, 30 July – 5 August Possible link between Raspberry Robin malware and Evil Corp infections The Microsoft Threat Intelligence Center (MSTIC) team has published new information about the Raspberry Robin malware, first detected by the...
Miguel Ángel de Castro Vendetta Group and the COVID-19 Phishing Emails A new threat has entered the COVID-19 scene: the Vendetta Group. How are their phishing campaigns different from others?
ElevenPaths Cybersecurity Weekly Briefing 6-12 June Enel and Honda Compromised by Snake Ransomware Italian energy corporation Enel and Japanese automotive giant Honda were hit last weekend by ransomware attacks that would have impacted on their IT...
Cytomic Team, unit of Panda Security Interpretation and Evolution of MITRE ATT&CK: More “Horizontal” Coverage Doesn’t Mean Better Protection The Cytomic team, a unit of Panda Security, explains what the MITRE ATT&CK matrix is based on in order to standardise the behaviour of opponents.
Innovation and Laboratory Area in ElevenPaths AMSIext: Our Extension That Detects Malware in the Browser Memory Given the evolution in malware propagation techniques, we need mechanisms to detect threats as soon as possible such as AMSIext.
ElevenPaths Cybersecurity Weekly Briefing 30 May-5 June Security Breach in 8Belts vpnMentor researchers discovered in mid-April a data breach in the 8Belts language learning platform due to an improper configuration on an Amazon Web Services S3 bucket....
Innovation and Laboratory Area in ElevenPaths #CyberSecurityPulse: Non-Headlined Technical News with RSS and Website Find out all about #CyberSecurityPulse, our Telegram cybersecurity news channel.
Gonzalo Álvarez Marañón The Security behind Apple’s and Google’s API for Tracing COVID-19 Infections How does Apple's and Google's technology developed for tracing Covid-19 infections work?
Innovation and Laboratory Area in ElevenPaths Winner of the #EquinoxRoom111 Contest We already have a winner of TheTHE's plugin contest. Discover our collaborative tool for Threat Hunting teams.
Innovation and Laboratory Area in ElevenPaths Developing a Tool to Decrypt VCryptor Ransomware (Available on NoMoreRansom.org) Discover how VCryptor ransomware works and the tool we have developed as part of NoMoreRansom.org to decrypt it.
ElevenPaths Cybersecurity Weekly Briefing 23-29 May Critical-Severity RCE Vulnerability in Cisco Unified CCX Cisco has fixed a critical remote code execution bug in the Java Remote Management Interface of Cisco Unified Contact Center Express (CCX). This...
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
