Nikolaos Tsouroulas Looking for a MDR partner? Beware, not all MDRs are the same Are you throwing more money than you can afford into your SOC but still failing to detect and respond quickly enough to incidents? Have you suffered the impact of...
ElevenPaths Cybersecurity Weekly Briefing June 20-26 Millions of User Records Exposed on an Oracle Server Security researcher Anurag Sen has found an exposed database containing millions of records belonging to the company BlueKai, owned by Oracle....
ElevenPaths Trend Report: State of Cybersecurity in Spanish companies The team of analysts at ElevenPaths has carried out a study that aims to show the state of cybersecurity of both Spanish companies in general and those included in...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them detected by antiviruses Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
ElevenPaths Cybersecurity Weekly Briefing June 27-July 3 Adobe, Mastercard and Visa Warn of the Need to Upgrade to Magento 2.x Payment providers Visa and Mastercard, together with Adobe, have tried for the last time to convince online...
ElevenPaths New Call: ElevenPaths CSE Programme If you are passionate about cybersecurity, join the ElevenPaths CSE programme and enjoy all its benefits. Don't miss it!
ElevenPaths Technically analysing a SIEM… are your logs secure? The SIEMs are usually utilized within highly secure of regulated environments, where regular log monitoring and analysis is required to search for security incidents. They help to make...
ElevenPaths The Wannacry authors also want their Bitcoin Cash The 12th of May 2017 was a day for many of us which we will not easily forget. Wannacry was one of those incidents which had a major impact...
ElevenPaths Cybersecurity Weekly Briefing June 27-July 3 Adobe, Mastercard and Visa Warn of the Need to Upgrade to Magento 2.x Payment providers Visa and Mastercard, together with Adobe, have tried for the last time to convince online...
ElevenPaths New Call: ElevenPaths CSE Programme If you are passionate about cybersecurity, join the ElevenPaths CSE programme and enjoy all its benefits. Don't miss it!
Gabriel Bergel Risk Analysis Applied to COVID-19 Our CSA Gabriel Bergel shows you how to apply the Risk Analysis methodology to the management of the COVID-19 threat.
Gonzalo Álvarez Marañón China Leads the Race Towards an Attack-Proof Quantum Internet We are one step closer to reaching the Holy Grail of cryptography. Discover the details in this article.
#CyberSecurityPulse: New proposal to adapt U.S. Marine Corps capabilities to the new timesElevenPaths 26 June, 2018 The head of the U.S. Marine Corps wants to remodel his team. The Marine Corps is considering offering bonuses and other benefits to attract older, more experienced Marines to re-enlist and develop cybersecurity capabilities as well. The measure marks a historic change that could transform a force composed primarily of high school graduates. “It’s going to be a little bit older, a little bit more experienced because as much as we love our young Marines, we need a little more age because it takes time to acquire these kinds of skills”, General Robert Neller told defense leaders at a conference in San Diego. The 2018 defense budget earmarked money for the Marine Corps to add 1,000 Marines, many of whom will work in cyberwarfare and electronics. The manipulation of the networks that control air defence operations, for example, could be equal to or more lethal than the firepower in the future. Extremists have also been able to use mobile technology and social media to recruit members and raise money to become a real threat. The Marine Corps will open up these kinds of jobs this October. However, this new occupational field does not avoid the fact that it is subject to the rigors of physical training. On the other hand, the Marine Corps is also developing plans to recruit and retain professionals from the cyberspace in the reserve, and in May unveiled new badges for the enlisted troops and officers working as remote-controlled aircraft operators. “These measures are going to change the Marine Corps and the way we fight”, said Neller. More information available at Marine Corps Times Highlighted News Apple just banned cryptocurrency mining on iOS devices Apple has added new language to its App Store review guidelines related to cryptocurrency. Under the Hardware Compatibility section, Apple now states that “apps, including any third party advertisements displayed within them, may not run unrelated background processes, such as cryptocurrency mining”. As of late May, the only mentions of cryptocurrencies in the guidelines were that apps were allowed to facilitate such transactions “provided that they do so in compliance with all state and federal laws for the territories in which the app functions”. But Apple’s new policy seems to go beyond obviously abusive cases of surreptitious cryptocurrency mining. The guidelines ban any on-device mining—even if users deliberately download an app whose explicit purpose is to mine. More information available at Arstechnica Microsoft reveals which bugs it won’t patch Microsoft has put out initial clarification around which bugs it will rapidly patch, and which ones must wait for a new product release – and which ones it won’t address at all. In a draft document posted online on Tuesday, the software giant laid out the criteria that the Microsoft Security Response Center (MSRC) uses when deciding what to patch and when. There are two litmus tests that broadly guide these decisions, as the company explained in the document: “Does the vulnerability violate a promise made by a security boundary or a security feature that Microsoft has committed to defending?”. And secondly, “does the severity of the vulnerability [as determined by Microsoft’s five-tier rating system] meet the bar for servicing?”. The “bar for servicing” in Microsoft parlance means that the flaw is rated Critical (i.e., allowing for remote code execution) or Important (privilege escalation, information disclosure, security bypasses and RCE), according to the document details. If the answer to both questions is yes, then the prescribed action is to issue a patch, either on Patch Tuesday or, in rare cases, in an out-of-band release. If the answer to either question is no, then the bug is relegated to back-burner status in most cases, with a fix coming in a subsequent release of the product or service. More information available at Windows News from the rest of the week macOS still leaks secrets stored on encrypted drives A macOS feature that caches thumbnail images of files can leak highly sensitive data stored on password-protected drives and encrypted volumes. The automatically generated caches can be viewed only by someone who has physical access to a Mac or infects the Mac with malware, and the behavior has existed on Macs for almost a decade. Still, the caching is triggered with minimal user interaction and causes there to be a permanent record of files even after the original file is deleted or the USB drive or encrypted volume that stored the data is disconnected from the Mac. More information available at Objetive-See Google to fix location data leak in Google Home, Chromecast Google in the coming weeks is expected to fix a location privacy leak in two of its most popular consumer products. New research shows that Web sites can run a simple script in the background that collects precise location data on people who have a Google Home or Chromecast device installed anywhere on their local network. “The only real limitation is that the link needs to remain open for about a minute before the attacker has a location. The attack content could be contained within malicious advertisements or even a tweet”, researcher told KrebsOnSecurity. More information available at Krebs on Security Android gets new anti-spoofing feature to make biometric authentication secure Currently, the Android biometric authentication system uses two metrics borrowed from machine learning (ML): False Accept Rate (FAR), and False Reject Rate (FRR). In Android 8.1, they introduced two new metrics that more explicitly account for an attacker in the threat model: Spoof Accept Rate (SAR) and Imposter Accept Rate (IAR). As their names suggest, these metrics measure how easily an attacker can bypass a biometric authentication scheme. Spoofing refers to the use of a known-good recording (e.g. replaying a voice recording or using a face or fingerprint picture), while impostor acceptance means a successful mimicking of another user’s biometric (e.g. trying to sound or look like a target user). More information available at Blog de Google Other news North Korea’s new trojan is called Typeframe More information available at US Cert Google developer discovers a critical bug in modern web browsers More information available at The Hacker News Magento credit card stealer Reinfector allows reinfect sites with malicious code More information available at Security Affairs Hackers steal $31 million from South Korean cryptocurrency exchange Bithumb More information available at Bithumb Register for our newsletter! ElevenPaths Announces Strategic Security Alliance with Devo#CyberSecurityPulse: Private enterprise’s sad contribution to sharing threat intelligence in the United States
ElevenPaths Cybersecurity Weekly Briefing June 27-July 3 Adobe, Mastercard and Visa Warn of the Need to Upgrade to Magento 2.x Payment providers Visa and Mastercard, together with Adobe, have tried for the last time to convince online...
ElevenPaths New Call: ElevenPaths CSE Programme If you are passionate about cybersecurity, join the ElevenPaths CSE programme and enjoy all its benefits. Don't miss it!
ElevenPaths COVID-19, Insight from the Telco Security Alliance How have cybercriminals behaved during the COVID-19 pandemic? Find out in this ElevenPaths report with Alien Labs and Trustwave.
Nikolaos Tsouroulas Looking for a MDR partner? Beware, not all MDRs are the same Are you throwing more money than you can afford into your SOC but still failing to detect and respond quickly enough to incidents? Have you suffered the impact of...
Gonzalo Álvarez Marañón China Leads the Race Towards an Attack-Proof Quantum Internet We are one step closer to reaching the Holy Grail of cryptography. Discover the details in this article.
Sergio De Los Santos Ripple20: Internet Broken Down Again Billions of IoT devices have been affected. However, this is not the first time a catastrophe of this magnitude has occurred.
