Telefónica Tech Cyber Security Weekly Briefing 6-12 November Microsoft’s security bulletin Microsoft has published its November security bulletin in which it has fixed a total of 55 bugs in its software, including six 0-day vulnerabilities, two of which...
Sergio de los Santos Chronicle Of the Attack on A Youtuber Who Knew About Cyber Security The news recently broke: youtubers with the largest number of followers are being targeted for extortion. The attacks are on the rise and the techniques are not new, but...
Rubén Menéndez Díaz Fraud against financial institutions with particular incidence in France extends its impact to national territory In September and October of this year, a malicious campaign was observed in France against the French population, affecting financial institutions, and it has spread to banks in Spain. The...
Telefónica Tech Cyber Security Weekly Briefing 30 October-5 November Trojan Source: vulnerability in source code compilers Researchers at the University of Cambridge have published a paper detailing a new attack method called “Trojan Source” that exploits a flaw in...
Cristina del Carmen Arroyo Siruela Monitoring technologies, a key element in cyber security IDS (Intrusion Detection System), IPS (Intrusion Prevention System) and SIEM solutions are fundamental elements in event monitoring and cybersecurity. IDSs and IPSs are intrusion detection and prevention systems that employ...
Marta Nieto Gómez-Elegido Edge Computing and Virtual Reality, new classmates It’s been a little while since the new school year started. New subjects, new challenges and new classmates. Among them, one name is becoming increasingly heard: Edge Computing. Thanks to...
Telefónica Tech Cyber Security Weekly Briefing 23-29 October Google fixes two 0-days in Chrome browser Google has released a new Chrome update (95.0.4638.69) for Windows, Mac and Linux, which fixes 7 vulnerabilities, two of them being 0-days. Regarding...
Diego Samuel Espitia Facebook affected by compromise of JavaScript development packages Programming languages such as Python and JavaScript, which in 2021 are competing for the top spot according to programmer ratings, are found in the services that we find on...
Telefónica Tech Cyber Security Weekly Briefing 16-22 October Zerodium interested in acquiring 0-days of Windows VPN software Information security company Zerodium has reported its willingness to purchase 0-day vulnerabilities targeting VPN service software for Windows systems: ExpressVPN, NordVPN...
Gonzalo Fernández Rodríguez Manageability: the importance of a malleable system in a Cloud Native world We recently published the post Cloud Chestnuts in The Cloud, Or What It Means That My Software in which we tried to explain what the term Cloud Native meant...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
