Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Telefónica Tech Cyber Security Weekly Briefing, 15 – 19 May Vulnerabilities in cloud platforms Otorio’s team of researchers found 11 vulnerabilities affecting different cloud management platform providers. Sierra Wireless, Teltonika Networks and InHand Networks are the affected companies. The security flaws...
ElevenPaths Cybersecurity Weekly Briefing October 10-16 Coalition of IT Companies Tries to Eliminate TrickBot Botnet A technology business conglomerate including Microsoft, FS-ISAC, ESET, Lumen’s Black Lotus Labs, NTT, and Symantec, have participated in the removal of...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
David García Bestiary of a Poorly Managed Memory (II) Our expert David Garcia shows what happens when the same block of reserved memory is released twice, the so-called double free.
Andrés Naranjo Analysis of APPs Related to COVID19 Using Tacyt (II) We continue with the research started in the previous entry in which we analysed these type of applications with our Tacyt tool. Regarding the application analysed, we can see...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Nacho Palou How language puts business Cybersecurity at risk Cybersecurity is crucial for businesses and organizations of all sizes and sectors. Cyberattacks can have severe or even fatal consequences for businesses, such as data loss, operational disruptions, or...
Gonzalo Álvarez Marañón What Is Wrong with Quantum Cryptography That the World’s Largest Intelligence Agencies Discourage Its Use Quantum cryptography does not exist. What everyone understands when the term “quantum cryptography” is mentioned is actually the quantum key distribution (QKD). And this is precisely what I want...
Florence Broderick Mobile phone Surveillance: Who’s listening to your calls? In the current digital world, espionage is much more common than we think. Revelations from Edward Snowden that the NSA hacked SIMs to spy on mobile conversations prove that...
Florence Broderick Sinfonier Community and beyond! When we show Sinfonier and I mention its benefits, people always do the simple same question: So, we can do anything with it? The simple answer is yes, if...
Florence Broderick [New report] Demographic Analysis of Google Play Donwload the full report here Download the new report shows that Tacyt had dissected a total of 3,365,527 applications from the Google Play Store, of which only 2,438,864 remained...
Florence Broderick [New trend report] Cyberextortion, a growing industry Download now the full report Download the new report that discover there is an increasing tendency towards aggression in numerous cyber-attacks, notably those using some method of extortion in...
Florence Broderick Mobile Connect winner of the 'Connected Life Awards' Mobile Connect is a multi-operator solution driven by GSMA for universal secure access. The user only needs to link their information to their mobile device solution to have quick...
Florence Broderick GSMA’S Mobile Connect available to 2 billion consumers globally Mobile Connect Launched with 34 Operators in 21 Countries Around the World Barcelona: The GSMA today announced that the GSMA Mobile Connect mobile-based authentication solution is now available to 2...
Florence Broderick Telefónica and ElevenPaths extends its cybersecurity offering to the IoT environment Telefónica and ElevenPaths present at MWC the first technology for detecting and analysing threats Telefónica and ElevenPaths will present at Mobile World Congress, that begins on 22nd February in Barcelona ,...
Florence Broderick New vulnerabilitites Trend Report: “Companies keep making life easier to attackers” Download the full report here You can now download the “New 2014-2015 Vulnerability Trend Report” by ElevenPaths’ Analyst Team. This vulnerability trend report analyses the data of over 100...
Florence Broderick New Whitepaper "Scope, scale and risk like never before: Securing the Internet of Things" by Telefónica and ElevenPaths Analyst Team This week we are launching both in London and Madrid, in a round table with security analysts and journalists, our new Whitepaper “Scope, scale and risk like never before:...
Florence Broderick New report: Financial CyberThreats Q4 2015 You can now download the full report about Financial CyberThreats (Q4 2015) carried out by ElevenPaths’ Analyst Team. It`s available at ElevenPaths web. Phishing A group of 14 countries...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
