Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cyber Security Weekly Briefing April 10-16 0-days in Chrome and Edge Security researcher Rajvardhan Agarwal has discovered a 0-day vulnerability in the current versions of Google Chrome and Microsoft Edge, which he has made public via his...
Telefónica Tech Cyber Security Weekly Briefing, 29 April – 5 May Critical vulnerability in Zyxel firewalls Network equipment manufacturer Zyxel has released security patches for a critical vulnerability affecting its firewalls. The vulnerability, which was discovered and reported by the TRAPA...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Sergio de los Santos Apple introduces up to 14 signatures in XProtect given the malware flood for Mac What is Apple doing about Shlayer malware? We analyze the main tools that MacOS is using to face this threat.
ElevenPaths CryptoClipWatcher, our new tool against crypto clipboard hijacking techniques Since 2017, this technique is becoming quite popular. Cryptocurrency in general is a new target for malware, and mining Bitcoins is not profitable anymore in regular computers (maybe Monero...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech Cyber Security Weekly Briefing, 15 – 21 April Google fixes two new actively exploited 0-day vulnerabilities Google has issued new security advisories on the identification of 0-day vulnerabilities affecting the Chrome browser that are being actively exploited. The...
ElevenPaths Cybersecurity Weekly Briefing October 10-16 Coalition of IT Companies Tries to Eliminate TrickBot Botnet A technology business conglomerate including Microsoft, FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, and Symantec, have participated in the removal of...
Florence Broderick SmartID and SealSign on Mobile World Congress 2015 In this increasingly digital world, where users’ identity and privacy are exposed to continuous threats, from Telefónica and ElevenPaths have created a secure digital ecosystem which allows users...
Florence Broderick JSDialers: apps calling premium rate numbers (with new techniques) in Google Play During last year, a lot of “made in Spain” malware was found in Google Play. It was basically malware that tried to silently subscribe the victim to premium SMS numbers. From a while...
Florence Broderick New Tool: JavaRuleSetter for creating Devployment Rule Sets in Java Oracle introduced the notion of whitelisting in Java 7 update 40. It was called Deployment Rule Set. In Java update 51, it introduced a new feature, that was close...
Florence Broderick Winners of the Latch Plugins Contest As you know, last 16th of October 2014, as part of our annual “Security Innovation Day” event, we announced the launch of the “Latch Plugins Contest“, the first Latch...
Florence Broderick Detected some "clickers" in Google Play simulating apps and games During the last days, some apps have appeared in Google Play that work like “clickers”, between them an app simulating Talking Tom (that was online for just a few...
Florence Broderick News: ownCloud Latch plugin We have uploaded to GitHub our latest plugin for ownCloud. It makes it easier to use Latch technology with this free software similar to widely used Dropbox. You can...
Florence Broderick 5.500 apps potentially vulnerable to Man in the Middle attacks in Google Play It has been discovered than AppsGeyser, an app creator “with just a few clicks”, deactivates the SSL certificate validation in its apps. An attacker on the same network as...
Florence Broderick Latch USB Monitor: New tool to monitor PNP devices with Latch Latch USB Monitor is a tool that monitors Plug ‘n Play device (PNP) changes in Windows and gives the user the possibility of tracking incoming devices, and react accordingly...
Florence Broderick PhpMyAdmin fixes a XSS detected by ElevenPaths (CVE-2014-9219) On November 28th, while our Faast team was developing an intrusion module for PhpMyAdmin MySQL manager, we detected a new cross site scripting vulnerability not known so far in this...
Florence Broderick Shuabang botnet: BlackHat App Store Optimization (BlackASO) in Google Play ElevenPaths has detected malicious apps in Google Play (already removed by Google), aimed at performing Shuabang techniques, or BlackASO (Black Hat App Store Optimization). These malicious apps link fake...
ElevenPaths Mum, I want to be a hacker The hacker concept is most often associated with male ‘techies’ and ‘geeks’. But why is it so difficult to find female role models in the world of technology? We...
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick Now you can use Latch with Dropbox, Facebook and others digital services Many of you have asked us which services you can use Latch with, regretting that so far it could not be used in the more common services, such as...
Florence Broderick Mobile Connect winner of the 'Connected Life Awards' Mobile Connect is a multi-operator solution driven by GSMA for universal secure access. The user only needs to link their information to their mobile device solution to have quick...
Florence Broderick Heartbleed plugin for FOCA By now, everyone knows about Heartbleed. Just like we did for FaasT, we have created a plugin for FOCA (final version) one of our most downloaded tools. This plugin...
