ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths Cybersecurity Weekly Briefing 13-19 June Ripple 20 Vulnerabilities in TCP/IP Software JSOF researchers have discovered 19 0-day vulnerabilities, collectively called Ripple 20, in the TCP/IP software library developed by Treck that would affect more than...
ElevenPaths How are we preparing ourselves for the RSA Conference 2018? 2018 is a unique year for us. We continue on our journey with the great security community to jointly combat the threats faced by our sector. At ElevenPaths, Telefónica’s...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths #CyberSecurityPulse: Tell me your social networks and you will be welcome in the United States (or maybe not) The US Department of State wants to ask visa applicants to provide details of their social networks which they have used within the last five years, as well as...
Gonzalo Álvarez Marañón China Leads the Race Towards an Attack-Proof Quantum Internet We are one step closer to reaching the Holy Grail of cryptography. Discover the details in this article.
ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
Diego Samuel Espitia Detecting the Indicators of An Attack We always choose to implement prevention and deterrence rather than containment mechanisms in security. However, the implementation of these mechanisms is not always effective or simple to set up...
Business Continuity Plan: From Paper to ActionDiego Samuel Espitia 20 May, 2020 Medium and large companies that must comply with industry or national standards and controls have had to develop what is known as a BCP (Business Continuity Plan). Through it, experts in the company’s operations or specialised consultants define the route of action to be taken in different scenarios where business continuity is threatened. On the other hand, many small companies have had to implement them in order to do business with the companies that must by law require them. This emerged after the attacks of September 11th, 2001, when it became clear that many companies did not know how to react in case their headquarters were blocked. Therefore, disaster scenarios were raised on one business area or the whole business, looking for alternatives to fill that gap for a period of time. Some of these plans considered earthquakes, tsunamis, and access closures due to social circumstances, among others. But, how many of them included a pandemic among the potential causes of a business blockage? Not many companies took it into account. However, this is the simplest problem. Even if some of the approaches made for natural disasters or access blockages to headquarters were followed, we cannot know exactly when it would possible to go back to work. The Technology and Security that a BCP Should Include When Facing a Pandemic Let’s start by explaining what should have been done previously to be prepared. It is essential to have a pilot project of how our services and employees would react to telework. Why? Because even if we use a VPN that allows us to simulate that the worker is directly connected to the company’s network, the services and the network are not necessarily ready to receive requests from that connection. According to the behaviour on the Internet, when performing validations of the services exposed we can see a growth of more than 40% in the use of RDP, as shown by Shodan in its blog. When making a simple search, we find computers having known vulnerabilities: Actually, not all companies have the technology required to deploy enough VPNs to get the entire company connected remotely. However, this should have been taken into account in order to avoid exposing vulnerable services. To this end, there are many comparisons and aids on the Internet to help you make secure decisions fitting within the budget. Secondly, companies must know what they are exposed to on the Internet and how is the regular use of these services. Just by means of this basic data it is possible to identify when the use from external networks is exceeding the capacities of each service or when we are being cyberattacked. So, What’s the Next Step? As long as the services exposed are clear, information security measures can be taken. These should be implemented at the moment of starting the continuity plan. In other words, by this time they should be fully operational and under review. These measures must be oriented to the full identification of users. As we are working remotely, the local identification measures such as the network, the MAC of the computer and its configuration are not available. In most cases, only the user and password are controlled, and this has proven not to be a mechanism that guarantees identification. Once you have this control, you must start monitoring events in all services and have fine-tuned alerts to detect external threats, since at this time all connections will be made outside the company network. For this reason, all perimeter security controls must go to what was calculated in the continuity plan. What to Do Next? The last measure that must be covered by this continuity plan is the technological tools that will be used to control the operations and work of the different groups within the company. These must include training for the staff −and to this end, it is essential to have strategic allies in the world of technology. This is because of the endless number of tools available on the Internet today. However, not all comply with the information protection measures required to ensure business continuity. One of the main examples of these tools are in cloud services. In recent years, cloud-based tools have experienced exponential growth in terms of options and implementations. However, not in all cases this is done with sufficient security measures. This is critical considering that this is almost the cornerstone of the digital transformation as well as of a good development of the continuity plan, which today must be operating at its maximum capacity. Conclusions Following the first month of measures at a global level, it has been possible to verify that the business continuity plans of some companies have worked properly in terms of their essential objective of keeping employees performing their functions and being able to access information. Nevertheless, due to the growth of services exposed on the Internet and the vulnerabilities detected in these, information security was not taken into account when designing these plans. This is evidenced by the control reports made from our SOC (Security Operations Centre), which have been widely analysed in different media by our ElevenPaths experts and published in a guide: Risk Guide and Recommendations on Cyber Security in times of COVID-19. For this reason, companies must begin to align their plans with the new circumstances and to implement controls and mechanisms that allow their employees, not only to carry out their tasks, but also guarantee the security of the information that, in the near future, will constitute the continuity of the companies. How to Make API REST Requests to Tor Hidden Services in an Android APKThe Pharmaceutical Retail Industry and Their Mobile Applications
ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths What is VPN and What is It For? VPN connections are nothing new, they have been with us for a long time, always linked to the business world. The great versatility and its different uses have made...
ElevenPaths Cyber Security Weekly Briefing March 20-26 Analysis of the new cyber-espionage group SilverFish The PRODAFT Threat Intelligence team (PTI) has discovered a highly sophisticated cybercriminal group called SilverFish, which operates exclusively against large enterprises and public...
ElevenPaths Cyber Security Mechanisms for Everyday Life It is becoming more and more common to find in the general media news related to cyber-attacks, data breaches, privacy scandals and, in short, all kinds of security incidents....