Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cybersecurity Weekly Briefing July 4-10 RCE Vulnerability in F5’s BIG-IP (CVE-2020-5902) Last Wednesday a new critical Remote Code Execution vulnerability (CVE-2020-5902 CVSSv3 10) was published for F5’s Traffic Management User Interface (TMUI). This vulnerability allows...
Telefónica Tech Cyber Security Weekly Briefing, 15 – 19 May Vulnerabilities in cloud platforms Otorio’s team of researchers found 11 vulnerabilities affecting different cloud management platform providers. Sierra Wireless, Teltonika Networks and InHand Networks are the affected companies. The security flaws...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Sergio de los Santos OpenPGP: Desperately Seeking Kristian Open Source applications run on a server system that has never worked properly. Why does this happen?
Franco Piergallini Guida Thinking About Attacks on WAFs Based on Machine Learning One of the fundamental pieces for the correct implementation of machine and deep learning is data. This type of algorithm needs to consume, in some cases, a large amount...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Telefónica Tech IoT, Big Data and AI convergence report The IoT and Smart Cities Cybersecurity Innovation Centre of Telefónica Tech Ciber Security & Cloud in Valencia, Spain, brings us a compilation of the potential risks related to IoT,...
Telefónica Tech Cyber Security Weekly Briefing, 13 – 17 June Hertzbleed. New side-channel attack on AMD and Intel processors Security researchers at several US universities have discovered a new side-channel attack affecting Intel and AMD processors, called Hertzbleed. What is remarkable...
Florence Broderick ElevenPaths with triple representation at the eCrime 2015 conference This year, the antiphishing working group organizes the eCrime 2015 conference in Barcelona from May 26 to 29. This symposium on eCrime investigation is attended by professionals who have...
Florence Broderick Faast already detects "Logjam": Imperfect Forward Secrecy Faast teams have been working all day long to add a new plugin to our list of detected vulnerabilities. There has been found a new security problem in TLS...
Florence Broderick Latch, the best mobile app of 2015 We are the winners!Latch, our mobile app to protect your online accounts and services when your are not connected, has just been recognized as the best mobile app of...
Florence Broderick ElevenPaths finds a XSS problem in Play Framework Play Framework is defined as “The high velocity Web Framemork for Java and Scala”. We use it internally in some of our products. Ricardo Martín from our QA team...
Florence Broderick New tool: Google index Retriever Have you ever found a webpage that seems to talk exactly about what you need, but it has been removed? Yes, Google cache is the answer but… What if...
Florence Broderick Vote for Latch on the Internet Day awards 2015 Vote for Latch now About Internet Day awardsInternet Day awards recognise those initiatives, persons and organizations that best use Internet and new technologies.The entryThe main categories to Internet Day awards...
Florence Broderick Fake AdBlocks in Chrome Web Store leads to… ¿adware? No platform is free from abuse. Chrome Web Store has been abused in the past, mainly by ad injectors or general adware. In fact, Google has just removed almost...
Florence Broderick The month of the RAT in Google Play A few days ago, Lukas Stefanko from ESET discovered a new remote administration system RAT for Android. Although there are some known RATs for Android, this malware had something...
Florence Broderick More apps in Google Play subscribing to SMS premium numbers: JSSMSers After finding the JSDialers, we should have figured it out. The attackers are using the exact same technique as in JSDialers to spread apps that subscribe the victims to...
Florence Broderick "Not today downloaders": New downloaders techniques in Google Play Downloaders are not new in Android, but lately, they are getting more and more important for attackers as a method to avoid Google Play barriers and malware detection. In...
ElevenPaths Telefónica WannaCry File Restorer: How can we recover information deleted by WannaCry? When cyberattacks occur in large organizations, it is crucial to remember where duplicate files are stored, as this information is also subject to infection by a malware virus or...
Florence Broderick Our CEO, Pedro Pablo Pérez, will represent Telefonica in the European Cyber Security Organization Brussels and the cybersecurity industry will earmark up to 1.8 billion euros in research TELEFONICA JOINS THE DECISION-MAKING BODIES OF THE EUROPEAN CYBER SECURITY ORGANIZATION AS...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick Who are you going to believe, me or your own eyes? The dilemma of managed security Organizations are facing a context of increasingly complex IT threats jeopardizing the everyday development of production processes. We are referring to persistent advanced attacks, zero-day threats, industrial espionage, hacktivism,...
Florence Broderick Latch USB Monitor: New tool to monitor PNP devices with Latch Latch USB Monitor is a tool that monitors Plug ‘n Play device (PNP) changes in Windows and gives the user the possibility of tracking incoming devices, and react accordingly...
