Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (I) At this point in time and looking back on 2020, nobody would have imagined the advance in the digitalisation of organisations and companies due to the irruption of homeworking...
Juan Elosua Tomé Triki: Cookie Collection and Analysis Tool In July 2020, the Spanish Data Protection Agency, following the entry into force of the European General Data Protection Regulation and several consultations with the European Data Protection Committee...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Sergio de los Santos The attack against OpenPGP infrastructure: consequences of a SOB’s actions What is happening with the attack against OpenPGP infrastructure constitutes a disaster, according to the affected people who maintain the protocol. Robert J. Hansen, who communicated the incident, has...
ElevenPaths Cyber Security Weekly Briefing May 22-28 Windows HTTP protocol stack vulnerability also affects WinRM Security researchers have discovered that the vulnerability affecting the Windows IIS web server (CVE-2021-31166, CVSS 9.8), which resides in the HTTP protocol...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech Cyber Security Weekly Briefing 27 November – 3 December Apple and Google fined 20 million for using user data The Italian Competition and Market Authority (AGCM) has fined both Google and Apple 10 million euros for their method of...
Innovation and Laboratory Area in ElevenPaths Cyber Security State: Top Threats, Risks and Vulnerabilities There are many reports on security trends and summaries, but at Telefónica Tech we want to make a difference. The Innovation and Lab team has just launched our own...
Pablo Alarcón Padellano Managed Detection & Response: Prevention is Not Enough, You Need to Become Cyber-Resilient You want your organization to be cyber-resilient but you have no means? You have advanced security solutions in place, but you lack skilled staff trained to take advantage of them? You...
ElevenPaths #CyberSecurityPulse: Guess Riddle… How Is Information Stored In a Bitcoin Address? As we have seen in previous post on ElevenPaths blog, the OP_RETURN field of a Bitcoin transaction is used to store a small portion of information (up to 80...
ElevenPaths #CyberSecurityPulse: The Transparent Resolution of Vulnerabilities Is Everyone’s Business The new year has started with a story that has taken the covers of specialized and generalist media all around the world. The vulnerabilities named as Meltdown and Spectre...
ElevenPaths Come to Create Technology at Telefónica’s Chief Data Office Unit Hi Hacker! Technology is in a constant evolution and so are we. Therefore, from Telefónica, throughout the Chief Data Office (CDO) led by Chema Alonso, which includes Aura -Cognitive Intelligence-, ElevenPaths -Cybersecurity-, LUCA -Big Data-...
ElevenPaths #CyberSecurityPulse: The Boom of JavaScript Miners The most common question in recent months derived from the rebound in the value of numerous cryptocurrency is: Do I invest or not invest? However, as we know, there...
ElevenPaths #CyberSecurityPulse: Army Launches Direct Commissioning Program for Civilian Cybersecurity Experts The Army has approved a program to recruit experienced cybersecurity experts directly into the service as cyber officers in an attempt to bolster a growing field that military leaders...
ElevenPaths Breaking Out HSTS (and HPKP) on Firefox, IE/Edge and (possibly) Chrome. Our Black Hat research We have been for a long time researching about HSTS, HPKP, certificate pinning and TLS technologies in general. As a collateral effect of this work, we have found some...
ElevenPaths #CyberSecurityPulse: Injection and XSS, the Most Critical Web Application Security Risks The Open Web Application Security Project (OWASP) has just updated the top ten list of web app vulnerabilities for the first time since 2013 but not much has actually...
ElevenPaths SealSign integration with the Azure Key Vault ElevenPaths and Microsoft, thanks to Gradiant technology, have integrated the Azure Key Vault into the SealSign platform. This partnership provides a server-based digital signature and certificate safekeeping service, based...
ElevenPaths Dumpster diving in Bin Laden’s computers: malware, passwords, warez and metadata (II) What would you expect from a computer network that belongs to a terrorists group? Super-encrypted material? Special passwords? The Central Intelligence Agency (CIA) on 1 November 2017 released additional...
Florence Broderick Participating in GSMA Mobile 360 LATIN AMERICA Mobile 360 – Latin America brings market leaders from Central and South America across the mobile telecom ecosystem for a two-day thought leadership conference together with operator-led Working Groups...
Florence Broderick Our CEO, Pedro Pablo Pérez, will represent Telefonica in the European Cyber Security Organization Brussels and the cybersecurity industry will earmark up to 1.8 billion euros in research TELEFONICA JOINS THE DECISION-MAKING BODIES OF THE EUROPEAN CYBER SECURITY ORGANIZATION AS...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Telefónica and ElevenPaths announce new market leading security offering following key sector agreements
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
