Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cyber Security Weekly Briefing April 24-30 BadAlloc – Critical Vulnerabilities in Industrial IoT and OT Devices Microsoft security researchers have discovered 25 critical remote code execution (RCE) vulnerabilities, collectively referred to as BadAlloc, affecting a wide...
ElevenPaths Telefónica, Gradiant and Incibe Improve Companies’ Cyber Security The agreement boosts knowledge transfer to the private sectorTEGRA continues on the path to consolidate Galicia’s position as a major player in the European field of cyber security Telefónica, Gradiant...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing 1–7 january Mail delivery failure on Microsoft Exchange on-premises servers 2 January, Microsoft released a workaround to fix a bug that interrupted email delivery on Microsoft Exchange on-premises servers. The bug is a “year...
ElevenPaths Cybersecurity Weekly Briefing July 25-31 BootHole: Vulnerability in GRUB2 Eclypsium researchers have discovered a buffer overflow vulnerability in the GRUB2 bootloader that could be used to execute arbitrary code during the boot process. It has...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cybersecurity Weekly Briefing August 8-14 Hackers attempt to exploit critical vulnerability in F5 BIG-IP ADC The FBI has issued a Private Industry Notification warning that a group of Iranian hackers have been trying to exploit...
Alberto Cuesta Partida We Acquire iHackLabs to Boost the Training of Our Ethical Hackers Telefónica Tech, through ElevenPaths, incorporates the platforms and knowledge about cyber security training of the iHackLabs startup.
Florence Broderick News: Latch plugin for SugarCRM is out We have uploaded to GitHub our latest plugin for SugarCRM. It makes it easier to use Latch technology with this popular CRM platform. You can download it form here....
Florence Broderick News: Latch plugin for Moodle is out We have uploaded to GitHub our latest plugin for Moodle. It makes it easier to use Latch technology with this popular e-learning platform. You can download it form here....
Florence Broderick Latch in Node.js… too mainstream? Hoy en día cuando comenzamos cualquier proyecto web que se precie existen unos pasos de obligado cumplimiento si queremos estar en la cresta de la ola y convertirnos en...
Florence Broderick News: Latch plugin for Windows is out With this plugin, you may protect access to Windows Systems, as a standalone machine not connected to any other authenticator. The plugin may be downloaded directly from here or here depending...
Florence Broderick News: New versions and features in Latch apps Facing the summer and holidays for most of you, in Eleven Paths we have created a new important update for Latch app, We have a new version for Android, iOS and Windows Phone,...
Florence Broderick The weakest hand (on security) Users have much more at stake in the digital world than ever before. Arguably as much or more, even, than our employers: our personal and professional reputations, livelihood, assets,...
Florence Broderick News: Latch plugin for phpBB 3.x is out We have uploaded to GitHub our latest plugin for phpBB 3.x. It makes it easier to use Latch technology with this popular forum system. You can download it form...
Florence Broderick New features for Latch website and new plugins Latch website has been updated with some interesting news that make Latch reach more people and in many other ways. These are the most important:: The website is available in...
Florence Broderick Heartbleed plugin for FOCA By now, everyone knows about Heartbleed. Just like we did for FaasT, we have created a plugin for FOCA (final version) one of our most downloaded tools. This plugin...
Florence Broderick Eleven Path's first anniversary. Cakes and Labs Although our first post was created in May, Eleven Paths officially started a year ago, in April 2013. It has been a whole year of hard work, but with...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
