Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cyber Security Weekly Briefing January 23-29 Attack against SonicWall by exploiting a possible 0-day in its VPN appliances Firewall manufacturer SonicWall has issued a security alert warning that it has detected a sophisticated attack against...
ElevenPaths Cybersecurity Weekly Briefing August 15-21 EmoCrash: stopping Emotet for almost 6 months Emotet’s comeback after a 6 month-period absence has hinted that the hiatus in the malware’s operations could be due to the discovery of...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Diego Samuel Espitia TypoSquatting: Using Your Brain to Trick You Our brain capacity is outstanding but it also creates some cybersecurity risks. Discover why in this post.
ElevenPaths Cybersecurity Weekly Briefing September 5-11 Microsoft Patch Tuesday Microsoft published on Tuesday its newsletter with updates for the month of September. In this new bulletin a total of 129 vulnerabilities have been corrected in 15...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech Cyber Security Weekly Briefing 23-29 October Google fixes two 0-days in Chrome browser Google has released a new Chrome update (95.0.4638.69) for Windows, Mac and Linux, which fixes 7 vulnerabilities, two of them being 0-days. Regarding...
Sergio de los Santos Google takes a step forward to improve Certificate Transparency’s ecosystem: No dependence on Google Google will change certificate transparency requirements to make it more independent of itself
Florence Broderick The deadline for our Latch and Sinfonier contests has been extended! Latch Plugins Contest 2015 Are you aware of the second edition of Latch Plugins Contest? Submit your Latch plugins before February 15h! As a developer or intelligence analysts, do what...
Florence Broderick Cybercrime is already a global scourge…Do you really think you are protected? Nowadays, the exponential development experienced within the ICT field has led to a new scenario where the organizations are capable of exchanging information more effectively, stablishing new business models,...
Florence Broderick Metashield for Exchange soon to be available. How does it work? Metashield for Exchange stacks up to our currently offered server-side metadata cleaning solutions and broadens the flexibility and customization options that we offer companies to get rid of sensitive...
Florence Broderick Plugin for EmetRules: Now, easier to use EmetRules is a simple tool we created two years ago. Not meant to change the world, it was a first incursion in certificate pinning universe, and intended to ease...
Florence Broderick IoT – The new security headache for the enterprise IT department? 2015 could prove to be the year that enterprise adoption of BYOD takes a step further, and evolves into BYOIoT. Several reports (i) have already predicted the rise, spurred...
Florence Broderick Inside Mobile Connect (I) This is the first of a series of technical articles about the Mobile Connect architecture and the different components that make it up. But, hold on a second… what...
Florence Broderick Mobile Connect makes headway with launch of cross-border pilot European trial makes Mobile Connect the first private-sector cross-border public service authentication solution compatible with European Union eIdentification and Trust Services (eIDAS) Regulation. Throughout the next few weeks, Mobile...
Florence Broderick ElevenPaths Black Friday The highly anticipated Black Friday starts at Eleven Paths with the very best desktop tools against metadata. Friday November 27th Metashield desktop suite of products for Client and for Outlook...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Research: On the overexposure of Amazon credentials in mobile apps The development of mobile applications that interact with common services in mobility environments such as Amazon Simple Storage Service (S3), Amazon Simple Notification Service (SNS), Amazon Simple Queue Service...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Florence Broderick Latch, new ElevenPaths' service During the time we’ve been working in ElevenPaths we’ve faced many kind of events internally, buy one of the most exciting and awaited is the birth of Latch. It’s a technology of our...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
