Telefónica Tech Cyber Security Weekly Briefing 5-11 March Mozilla patches two 0-day vulnerabilities Mozilla has issued a security advisory patching two 0-day vulnerabilities that are reportedly being actively exploited and affect Firefox, Focus and Thunderbird. Both vulnerabilities were...
María Teresa Nieto Galán Understanding the concept of “rollup” for blockchain scalability In previous articles we have already discussed how important scalability is in Blockchain technology and how this ecosystem is starting to create solutions to achieve faster and more computationally...
Alexandre Maravilla Are SMS for sending verification codes secure? I recently forgot the password to access the personal area of my current bank’s online banking app. I show you the process of resetting the password, carried out from...
Telefónica Tech Cyber Security Weekly Briefing 28 February – 4 March Daxin: highly sophisticated backdoor Researchers at Symantec have published a paper reporting a new backdoor they have called Daxin, which they attribute to actors linked to China. According to Symantec,...
Telefónica Tech AI of Things(I): Multiplying the value of connected things Written by Álvaro Capell and David Bonomo The recent media explosion of the metaverse concept has overshadowed another technological trend, augmented or mixed reality, which is transforming the way we...
Telefónica Tech Cyber Security Weekly Briefing 19-25 February New privilege escalation flaw in Linux Security researchers at Qualys have discovered seven flaws in Canonical’s Snap software packaging and deployment system used in operating systems that use the Linux...
Diego Samuel Espitia A practical approach to integrating MITRE’s ATT&CK and D3FEND Businesses have become aware of the need to have mechanisms in place to ensure the protection of their information and how important it is to understand their weaknesses in...
Telefónica Tech Cyber Security Weekly Briefing 5 – 11 February Microsoft disables macros and MSIX to prevent malware distribution Microsoft has been actively mobilising against multiple malware attacks that use some of its technologies as an entry vector. The products...
Alexandre Maravilla Digital Identity Wallets against identity theft fraud Identity theft or impersonation is a type of fraud in which criminals manage to supplant the identity of the person being deceived, based on the theft of their personal...
Telefónica Tech Cyber Security Weekly Briefing 29 January – 4 February Exploits that allow privilege elevation in Windows published Security researchers have made public several exploits that leverage a known elevation of privilege vulnerability that affects all versions of Windows 10. The exploits...
Innovation Marketing Team Empowering women in entrepreneurship: 10 female – led startups in Germany In Germany, only about 15% of startups are initiated by women. Sadly, the figure has been stagnant for years. Additionally, female-led startups receive significantly less Venture Capital than those...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
ElevenPaths How to cause a DoS in Windows 8 explorer.exe We have discovered by accident how to cause a Denial of Service (DoS) in Windows 8. It’s a little bug that is present in the last version of the...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
