ElevenPaths Cyber Security Weekly Briefing June 19-25 SonicWall fixes a critical vulnerability that had been partially fixed In October last year, SonicWall fixed a critical buffer overflow vulnerability in SonicOS under the identifier CVE-2020-5135, which affected more than...
Bernardo Campillo Telefónica Tech At MWC: Economic and Social Recovery Are Our Priorities After a year of forced suspension due to health circumstances, in 2021 the world’s leading telecommunications and technology event will be held once again: the Mobile World Congress in...
Telefónica Tech Telefónica Tech was Present at Advanced Factories 2021 With Its Proposal For The Industrial Sector On the 8th, 9th and 10th of June, the 5th edition of the Advanced Factories event was held in Barcelona, a major event in Spain on industrial automation, robotics...
Barry Bowen Fraud Orchestration is Helping Financial Institutions Fight Fraud in Real-Time Banking has gone digital. In 2019, financial institutions are leveraging technology more than ever to provide the type of customer experience being demanded by today’s consumer market. The financial...
ElevenPaths Cyber Security Weekly Briefing June 12-18 0-day vulnerability in Chrome, the seventh so far this year Yesterday, June 17, Google released version 91.0.4472.114 of Chrome for Windows, Mac and Linux, resolving a 0-day vulnerability classified as...
Carlos Ávila IoTM Mobile Applications and The Relevance Of Their Security Almost a year ago in the article “Internet of Health“ I described how incredible is the amount of applications and devices that the medical industry has deployed and will...
ElevenPaths DevSecOps: 7 Key Factors for Implementing Security in Devops DevSecOps, also known as SecDevOps, is a software development philosophy that advocates the adoption of security throughout the software development lifecycle (SDLC). DevSecOps is more than just a specific...
Antonio Gil Moyano Security in video call applications: Microsoft Teams, Zoom and Google Meet There is no doubt that instant messaging programmes have become an essential communication tool in our personal and professional lives. There is also no doubt that video calling applications,...
José Luis Núñez Díaz Alastria 3.0: the spanish blockchain consortium On the June 1st, the Annual Assembly of Alastria, the Spanish Blockchain consortium, was held. Today we are already more than 500 members: companies of all sizes, profiles and...
ElevenPaths Cyber Security Weekly Briefing June 5-11 Microsoft’s monthly bulletin Microsoft has released its June security bulletin, which fixes 50 vulnerabilities, including remote code execution (RCE) flaws, denial of service issues, privilege escalation and memory corruption issues....
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
