AI of Things Brand Sponsored Data: A creative tool for satisfying customers while meeting tangible customer needs Normal 0 false false false EN-US ZH-CN AR-SA /* Style Definitions */ table.MsoNormalTable {mso-style-name:”Table Normal”; mso-tstyle-rowband-size:0; mso-tstyle-colband-size:0; mso-style-noshow:yes; mso-style-priority:99; ...
AI of Things Do not miss what happened at NID 2018: WE ARE IN Under the claim We are in, Telefónica developed the Network Innovation Day 2018 (#NID2018) on July 14th. This was the first annual innovation event of the network, which aims...
Beatriz Sanz Baños IoT transforms the gaming universe Debate is open between those who think that the traditional game console is dying and those who think that it still has a lot of life to live. Could...
Paloma, Recuero de los Santos 5 reasons why everyone wants to learn Python Python is currently the most popular programming language. Many different people from children, students, teachers, researchers of all kinds (Social Sciences, Biology, Medicine, Economics…), experts in Finance, Insurance, Marketing,...
ElevenPaths New tool: SKrYPtEd, your Skype conversations local database protector Did you know your Skype conversations are stored in plaintext in your hard drive? Did you know anyone could just grab them with some kind of malware and upload...
Diego Samuel Espitia Fileless Malware: A Growing but Controllable Attack For some years now, WatchGuard has been generating a report on the security situation detected on the Internet. Following the acquisition of Panda, this report has become even more...
Cybersecurity Weekly Briefing 13-19 JuneElevenPaths 19 June, 2020 Ripple 20 Vulnerabilities in TCP/IP Software JSOF researchers have discovered 19 0-day vulnerabilities, collectively called Ripple 20, in the TCP/IP software library developed by Treck that would affect more than 500 vendors worldwide. The millions of devices affected by these flaws are present everywhere, including homes, hospitals, industries, nuclear power plants and the retail sector, among others. An unauthenticated remote attacker could use specially-designed network packets to cause a denial of service, leak information, or execute arbitrary code. Of the 19 vulnerabilities, there are 4 critical ones with CVSS scores over 9 (two of them, CVE-2020-11896 and CVE-2020-11897 scored 10). They would allow an attacker to remotely execute arbitrary code on the compromised devices. Some vulnerabilities have already been patched by Treck in version 6.0.1.67. However, many devices will not be patched, so it is recommended to minimize their exposure to the Internet. More info: https://www.jsof-tech.com/ripple20/ Adobe Fixes 18 Critical Bugs Adobe has released an out-of-band security update patch to fix 18 critical flaws that could allow attackers to execute arbitrary code on systems running vulnerable versions of Adobe After Effects, Illustrator, Premiere Pro, Premiere Rush, and Audition on Windows and MacOS devices. The vulnerabilities found in these five Adobe products were caused by out-of-bounds reading and writing, stack overflow, and memory corruption errors. Adobe also fixed a “critical” severity vulnerability (CVE-2020-9666) that allowed disclosure of information and affected Adobe Campaign Classic. Adobe advises users to update vulnerable applications to the latest versions using the Creative Cloud update mechanism in order to block attacks that might attempt to exploit unpatched installations. More details: https://helpx.adobe.com/security.html RCE Vulnerability Analysis on Microsoft SharePoint Server Zero Day Initiative researchers have published a remote code execution vulnerability analysis on Microsoft SharePoint Server CVE-2020-1181, fixed this month. The bug would allow an authenticated user to execute arbitrary .NET code on the compromised server. For the attack to be successful, the attacker should have “add and customize pages” permissions on the target SharePoint site. However, the default configuration of SharePoint servers allows authenticated users to perform this function. Therefore, the threat actor could create the malicious site directly from the SharePoint web editor, and it would be considered a legitimate site. More: https://www.zerodayinitiative.com/blog/2020/6/16/cve-2020-1181-sharepoint-remote-code-execution-through-web-parts AWS Shield Mitigates the Greatest DDoS Attack to Date Following the AWS Shield Theat Landscape report, it has been announced that this Amazon service has managed to mitigate the biggest DDoS attack ever experienced, with a volume of 2.3 Tbps. The target of this attack is unknown, but it has been detailed that this incident was carried out by using CLDAP (Connection-less Lightweight Directory Access Protocol) web servers and was ongoing for three days. This protocol is an alternative to LDAP and is used to connect, search and modify shared directories on the Internet. It is also well documented that CLDAP servers amplify DDoS traffic by 56 to 70 times their initial size, making it a highly sought-after protocol to support DDoS services made available on the market for threat actors. It’s worth mentioning that the previous record for the highest volume of DDoS attack was detected in March 2018, with a total of 1.7 Tbps. More information: https://aws-shield-tlr.s3.amazonaws.com/2020-Q1_AWS_Shield_TLR.pdf Vulnerability in Pulse Secure Client Timmy Security Network researchers have discovered a privilege escalation vulnerability in the Pulse Secure Client for Windows systems. By exploiting this flaw, threat actors could abuse PulseSecureService.exe to run an arbitrary Microsoft Installer file (.msi) with SYSTEM privileges, granting them admin permissions. The vulnerability is present in the dsInstallerService component, that gives users without admin privileges the ability to install new components or update them using the installers provided by Pulse Secure. This bug has been successfully tested in versions prior to 9.1.6. More: https://www.redtimmy.com/privilege-escalation/pulse-secure-client-for-windows-9-1-6-toctou-privilege-escalation-cve-2020-13162/ Popular Docker Images under Security ScrutinyMost Software Handling Files Overlooks SmartScreen in Windows
Carlos Ávila IoTM Mobile Applications and The Relevance Of Their Security Almost a year ago in the article “Internet of Health“ I described how incredible is the amount of applications and devices that the medical industry has deployed and will...
ElevenPaths DevSecOps: 7 Key Factors for Implementing Security in Devops DevSecOps, also known as SecDevOps, is a software development philosophy that advocates the adoption of security throughout the software development lifecycle (SDLC). DevSecOps is more than just a specific...
Antonio Gil Moyano Security in video call applications: Microsoft Teams, Zoom and Google Meet There is no doubt that instant messaging programmes have become an essential communication tool in our personal and professional lives. There is also no doubt that video calling applications,...
ElevenPaths Cyber Security Weekly Briefing June 5-11 Microsoft’s monthly bulletin Microsoft has released its June security bulletin, which fixes 50 vulnerabilities, including remote code execution (RCE) flaws, denial of service issues, privilege escalation and memory corruption issues....
ElevenPaths When I grow up I want to be… Engineer “What do you want to be when you grow up? A classic. So simple, yet so complex, and curiously so often asked when we are just kids… when perhaps...
Innovation and Laboratory Area in ElevenPaths We Are Taking Part in The Arsenal Black Hat USA 2021: Hybrid Pandemic Mode On Once again, the ElevenPaths Innovation and Lab team is taking part in the Black Hat USA 2021 Arsenal in Las Vegas to share a new open-source tool with the...
