Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Gonzalo Álvarez Marañón What Differential Privacy Is and Why Google and Apple Are Using It with Your Data Differential privacy allows you to know your users without compromising their privacy, but achieving it is a complex process. Here's why.
ElevenPaths #CyberSecurityPulse: Dude, Where Are My Bitcoins? Numerous types of attacks are affecting cryptocurrency users: families of malware that steal wallets, phishing attacks that try to forge platforms where users manage their bitcoins, applications that use...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths Dumpster diving in Bin Laden’s computers: malware, passwords, warez and metadata (II) What would you expect from a computer network that belongs to a terrorists group? Super-encrypted material? Special passwords? The Central Intelligence Agency (CIA) on 1 November 2017 released additional...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech Cyber Security Weekly Briefing 8–14 january Microsoft security bulletin Microsoft has published its January security bulletin in which it has fixed a total of 97 bugs, including six 0-day vulnerabilities and nine bugs classified as critical....
Gonzalo Álvarez Marañón Snitch Cryptography: How to Crack Tamper-Proof Devices Google’s Titan Security Key or YubiKey from Yubico are the ultimate trend in multi-factor authentication security. According to Google’s own website: «The keys have a hardware chip with firmware designed...
Telefónica Tech Cyber Security Weekly Briefing, 24 — 30 September Two 0-day vulnerabilities exploited in Microsoft Exchange The Vietnamese cybersecurity team GTSC reported two 0-day vulnerabilities in Microsoft Exchange three weeks ago through the Zero Day Initiative (ZDI) that are...
Marta Mallavibarrena Human factor key in cyber security Dozens of vulnerabilities are discovered every day in the current landscape (an average of 50 in 2021), and attackers are finding new and ingenious ways to exploit them. It...
ElevenPaths Cyber Security Weekly Briefing, 17 — 23 September Quantum and BlackCat ransomware use Emotet as entry vector Researchers at AdvIntel have published the results of an investigation reporting that ransomware operators Quantum and BlackCat have adopted the use...
Emilio Moreno Latency and Edge Computing: Why is it important? For many years we have been in a race to increase the speed of our connections. Ever since those modems that treated us to a symphony of beeps, the...
Telefónica Tech Cyber Security Weekly Briefing, 9 — 16 September Microsoft fixes two 0-day and 63 other vulnerabilities in Patch Tuesday Microsoft has fixed 63 vulnerabilities in its September Patch Tuesday, including two 0-days, one of them actively exploited, and...
Estevenson Solano How to become a cyber resilient organisation Fear, panic and uncertainty are some of the feelings constantly experienced in corporate leadership. In management committees, the big question is frequently asked: is our cyber security working? As...
Marta Mª Padilla Foubelo Name the malware you have, and I’ll tell you which botnet you belong to What is a botnet and how does it work? To begin with, let’s dissociate the word botnet. On the one hand, “bot” means robot and, on the other hand, “net”...
Roberto García Esteban Cloud market trends until 2025 All of us who work in Cloud services are aware that this market is still in a phase of accelerated growth and that more and more companies are taking...
Telefónica Tech Cyber Security Weekly Briefing, 3 — 9 September 0-day vulnerability in Google Chrome Google released on Friday an emergency patch for the Chrome browser on Windows, Mac and Linux, fixing a 0-day vulnerability, which is being actively exploited. The...
Roberto González Rojo Collaborative solutions to address the challenge of hybrid working Microsoft surveyed 30,000 people in 31 different countries in 2021 as part of its Work Trend Index report, asking participants for their opinion on the most appropriate way to...
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...