Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Telefónica Tech Cyber Security Weekly Briefing, 6 – 12 May Security updates vulnerabilities in Fortinet products Fortinet has announced a set of security updates that fix up to a total of 9 vulnerabilities, 2 of which are considered high severity...
ElevenPaths Come to Create Technology at Telefónica’s Chief Data Office Unit Hi Hacker! Technology is in a constant evolution and so are we. Therefore, from Telefónica, throughout the Chief Data Office (CDO) led by Chema Alonso, which includes Aura -Cognitive Intelligence-, ElevenPaths -Cybersecurity-, LUCA -Big Data-...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths AuthCode: Our award-winning continuous-authentication system, jointly developed with the University of Murcia Continuous-authentication systems aim to identify users’ behavior through interactions with their device. The main advantage of this type of authentication is that it improves users’ experience when using services...
ElevenPaths #CyberSecurityPulse: The Boom of JavaScript Miners The most common question in recent months derived from the rebound in the value of numerous cryptocurrency is: Do I invest or not invest? However, as we know, there...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cybersecurity Weekly Briefing July 25-31 BootHole: Vulnerability in GRUB2 Eclypsium researchers have discovered a buffer overflow vulnerability in the GRUB2 bootloader that could be used to execute arbitrary code during the boot process. It has...
ElevenPaths How to Detect and Protect Yourself from Phishing Attacks in Times of Coronavirus The overinformation caused by the huge amount of news we receive about coronavirus makes it harder to distinguish true from fake emails. This poses a great risk to people’s security, since it...
Florence Broderick Heartbleed plugin, ready for FaasT There is a lot of good information about Hearbleed out there, there is little more to add. It is a extremely serious vulnerability, that has shaken the internet from...
Florence Broderick How to implement Oauth protocol in Powershell (an example with Latch) Latch already counts with lots of SDKs and plugins, so you can implement it with different languages or use it with your favorite CMS. There is an “unofficial” bash implementation,...
Florence Broderick Latch Event Monitor: New tool to integrate Latch with Windows Events Latch Event Monitor is a tool that monitors events in Windows and gives the user the possibility of tracking in a very granular way Windows logs, and react accordingly...
AI of Things Eleven Paths on "Digital Futures" video series Telefonica Digital produces a video series called Digital Futures, which are publicly available here http://youtube.com/telefonicadigital. On the latest episode, some relevant people from the world of security gives us...
Florence Broderick New tool: GmtCheck. Where does this Android App or applet come from? There are millions of malicious applets (JAR files) and Android apps (APK files) out there. Have you ever wondered where do they come from? Which country? At least, which...
Florence Broderick Detailed guides for Latch installation in WordPress, Joomla, Drupal, PrestaShop and RoundCube We are working hard in Eleven Paths for next Mobile Word Congress in Barcelona, in late February. We have updated our official apps for Android, iPhone and Windows Phone with new...
Florence Broderick Information leakages found in Google and Yahoo! (found with FaasT) A few weeks ago, Manuel Fernández, developer and security auditor in Eleven Paths, found some DS_Store files served by some Google URLs while testing FaasT. Google awarded the discovery...
Florence Broderick Eleven Paths with Latch, in Campus Party Brazil This year is the seventh edition of Campus Party Brasil, that will take place in Sao Pablo, Brazil. For Eleven Paths, it will be a very special week in the Campus:...
Florence Broderick Metashield videotutorials… now on YouTube Nowadays, most common information leaks occur through unseen channels such as metadata and unseen document information. Through these externally shared documents it is possible to obtain critical data from...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
