Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Innovation and Laboratory Area in ElevenPaths ChainLock, A Linux Tool for Locking Down Important Files Let’s say you have a valuable file on your computer, such as a bitcoin wallet file (“wallet.dat”), or some other file with sensitive information, and you decide put a...
ElevenPaths ElevenPaths participates in AMBER (“enhAnced Mobile BiomEtRics”) project ElevenPaths participates in the AMBER (“enhAnced Mobile BiomEtRics”) project since 1st January 2017 as an Industrial Partner. AMBER is a Marie Skłodowska-Curie Innovative Training Network under Grant Agreement No....
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (I) Sometimes, someone frees by mistake (or not) an enormous set of text files with millions of passwords inside. An almost endless list of e-mail accounts with their passwords or...
Innovation and Laboratory Area in ElevenPaths Uncovering APTualizator: the APT that patches Windows By the end of June 2019, we assisted to an incident were a high number of computers had started to reboot abnormally. In parallel, was detected a file called...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths The Framing Effect: you make your choices depending on how information is presented You have received an alert from cyber intelligence. A terrible and enormous cyberattack is approaching. You must ensure the protection of 600 positions within your organization. You don’t have...
Sergio de los Santos What Do Criminals in the Ransomware Industry Recommend so that Ransomware Does Not Affect You? We all know the security recommendations offered by professionals on malware protection. Frequently: use common sense (personally, one of the least applicable and abstract pieces of advice that can...
Innovation and Laboratory Area in ElevenPaths Cyber Security State: Top Threats, Risks and Vulnerabilities There are many reports on security trends and summaries, but at Telefónica Tech we want to make a difference. The Innovation and Lab team has just launched our own...
Telefónica Tech Cyber Security Weekly Briefing, 11 – 17 February Apple fixes actively exploited 0-day Apple has issued several security advisories to fix an actively exploited 0-day vulnerability. The security flaw, listed as CVE-2023-23529, is a type confusion in the browser’s...
Marta Mallavibarrena Artificial Intelligence, ChatGPT, and Cyber Security Artificial Intelligence (AI) has become a frequent topic on this blog. Almost all predictions of technological trends for the coming years include it as one of the key advances. In...
Nacho Palou We are now live! Discover the new Telefónica Tech website We have redesigned the Telefónica Tech website to represent who we are as a digital solutions integrator. We also want to share what we do, who is behind it...
Telefónica Tech Cyber Security Weekly Briefing, 4 – 10 February Critical vulnerability in Atlassian Jira Atlassian has issued a security advisory in which it releases fixes to resolve a critical vulnerability in Jira Service Management Server and Data Center. According to...
Telefónica Tech How I won a Capture the Flag competition by solving challenges using my mobile phone David Soto, winner of the challenge, collecting the prize together with Humbert Ruiz, from 42 Barcelona, Fundación Telefónica’s programming campus. We organised activities aimed at the technical audience in the...
Roberto García Esteban Metacloud: a cloud of clouds The digitalisation of society is rapidly advancing, mainly driven by the development of the internet and Cloud technology. Companies are rushing to adopt these new technologies in pursuit of...
Telefónica Tech Cyber Security Weekly Briefing, 21 January – 3 February LockBit Green: new LockBit variant Researchers at vx-underground have recently detected that a new ransomware variant, called LockBit Green, is being used by the LockBit ransomware handlers. This new variant...
Martiniano Mallavibarrena Cybersecurity in films: myth vs. reality with 10 examples The multiple aspects of cybersecurity (attacks, investigations, defence, disloyal employees, negligence, etc.) have been part of the plot of countless movies and TV series for years. In today’s society,...
Daniel Pous Montardit Resilience, key to Cloud-Native systems In the first post of the Cloud-Native series, What is a Cloud-Native Application?, or what it means that my software is Cloud Native, we presented resilience as one of...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
