Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Innovation and Laboratory Area in ElevenPaths 4th Anniversary of No More Ransom: ElevenPaths, Partner Entity with Two Tools Discover the tools we contribute to this important initiative launched by Europol to help ransomware victims.
ElevenPaths Cyber Security Weekly Briefing May 15-20 QNAP Security Advisory QNAP has issued two security advisories to alert its clients about: The detection of recent eCh0raix ransomware attacks targeting its Network Attached Storage (NAS) devices. The firm is urging...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing 17-23 July Global cyber-espionage investigation published A joint consortium of organizations and media outlets has published an investigation revealing the indiscriminate marketing and use of Pegasus spyware. According to the investigators, a...
Sergio de los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths You are less rational than you think when you take decisions under uncertain conditions I propose you the following game of luck: Option A: I give 1,000 € to you with a probability of 100%. Option B: Let’s leave it to heads or tails: if...
ElevenPaths Cybersecurity Trends Report for 2020 from ElevenPaths Discover the technologies and attacks that will most affect security in the coming months in this report.
ElevenPaths Cybersecurity Weekly Briefing September 12-18 PoC for Critical Vulnerability on Netlogon Secura researchers have published a tool to check whether a domain controller is vulnerable to the CVE-2020-1472 vulnerability on Netlogon. Last month, Microsoft patched...
Christian F. Espinosa Velarde FaceApp and Personal Data, Hadn´t We Talked About This Already? Hadn’t we already talked about this? The comeback of applications like FaceApp and the fuss caused by the photos generated, in which their users can appear as women being...
ElevenPaths ElevenPaths Radio English #3 – Why is Cybersecurity So Necessary Today? In this episode, Gabriel Bergel, our CSA in Chile, explains that nowadays there is no excuse for not being interested in cybersecurity. At a personal level, the use of...
Andrés Naranjo Analysis of APPs Related to COVID19 Using Tacyt (I) Taking advantage of all the attention this issue is attracting, the official app markets, Google Play and Apple Store, have been daily deluged with applications. Both platforms, especially Android,...
Sergio de los Santos What Do Criminals in the Ransomware Industry Recommend so that Ransomware Does Not Affect You? We all know the security recommendations offered by professionals on malware protection. Frequently: use common sense (personally, one of the least applicable and abstract pieces of advice that can...
ElevenPaths Cybersecurity Weekly Briefing September 5-11 Microsoft Patch Tuesday Microsoft published on Tuesday its newsletter with updates for the month of September. In this new bulletin a total of 129 vulnerabilities have been corrected in 15...
Gabriel Bergel Cybersecurity and Pandemic (II) We continue with the second part of this article in which we analyse the current situation in its three dimensions. Let’s remember that in the first part of the...
Cytomic Team, unit of Panda Security Indicators of Compromise, Key to Detecting and Solving Incidents in an Agile Way Quick and agile response to incidents is a basic aspect of a good cybersecurity strategy. Little by little, more and more companies are becoming aware of this, and this...
Carmen Dufur Our Story With Govertis Since José Mª Álvarez-Pallete announced the creation of Telefónica Tech last November, ElevenPaths has accelerated its pace to get the complicated yet exciting mission that was entrusted to us...
Gonzalo Álvarez Marañón How to Track COVID-19 Infections, Discover Contacts On WhatsApp or Share Your Genes While Keeping Your Privacy When you sign up for a new social network, such as WhatsApp, you are often asked if you want to find out who among your contacts is already part...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
