Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cybersecurity Weekly Briefing 26 September – 2 October The logistics giant CMA CGM affected by a cyber attack This week, the French logistics group CMA CGM, which operates in 160 different countries, reported via its website and social...
ElevenPaths #CyberSecurityPulse: Private enterprise’s sad contribution to sharing threat intelligence in the United States After just over two years of Congress passed a major bill that encouraged businesses to share with the government how and when threat actors were trying to get into...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 29 April – 5 May Critical vulnerability in Zyxel firewalls Network equipment manufacturer Zyxel has released security patches for a critical vulnerability affecting its firewalls. The vulnerability, which was discovered and reported by the TRAPA...
Martiniano Mallavibarrena Attention: Data leak! (In search of lost data) We have been hearing about “data leaks” on a regular basis for years, both in the media and in our professional or even personal environment. The concept actually covers...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cyber Security Weekly Briefing December 12-18 Supply Chain compromise: SolarWinds Orion FireEye researchers have unveiled a major global information theft and espionage operation that takes advantage of the supply chain to gain access to the systems...
Telefónica Tech Cyber Security Weekly Briefing, 13 – 17 June Hertzbleed. New side-channel attack on AMD and Intel processors Security researchers at several US universities have discovered a new side-channel attack affecting Intel and AMD processors, called Hertzbleed. What is remarkable...
Florence Broderick The deadline for our Latch and Sinfonier contests has been extended! Latch Plugins Contest 2015 Are you aware of the second edition of Latch Plugins Contest? Submit your Latch plugins before February 15h! As a developer or intelligence analysts, do what...
Florence Broderick Cybercrime is already a global scourge…Do you really think you are protected? Nowadays, the exponential development experienced within the ICT field has led to a new scenario where the organizations are capable of exchanging information more effectively, stablishing new business models,...
Florence Broderick Metashield for Exchange soon to be available. How does it work? Metashield for Exchange stacks up to our currently offered server-side metadata cleaning solutions and broadens the flexibility and customization options that we offer companies to get rid of sensitive...
Florence Broderick Plugin for EmetRules: Now, easier to use EmetRules is a simple tool we created two years ago. Not meant to change the world, it was a first incursion in certificate pinning universe, and intended to ease...
Florence Broderick IoT – The new security headache for the enterprise IT department? 2015 could prove to be the year that enterprise adoption of BYOD takes a step further, and evolves into BYOIoT. Several reports (i) have already predicted the rise, spurred...
Florence Broderick Inside Mobile Connect (I) This is the first of a series of technical articles about the Mobile Connect architecture and the different components that make it up. But, hold on a second… what...
Florence Broderick Mobile Connect makes headway with launch of cross-border pilot European trial makes Mobile Connect the first private-sector cross-border public service authentication solution compatible with European Union eIdentification and Trust Services (eIDAS) Regulation. Throughout the next few weeks, Mobile...
Florence Broderick ElevenPaths Black Friday The highly anticipated Black Friday starts at Eleven Paths with the very best desktop tools against metadata. Friday November 27th Metashield desktop suite of products for Client and for Outlook...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Research: On the overexposure of Amazon credentials in mobile apps The development of mobile applications that interact with common services in mobility environments such as Amazon Simple Storage Service (S3), Amazon Simple Notification Service (SNS), Amazon Simple Queue Service...
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Showing certificate chain without validating with Windows "certificate store" (C#) Java has its own independent certificate store. If you wish to view natively in Windows a certificate extracted from an APK or JAR file Windows may not find the...
