AI of Things Coca-Cola’s use of AI to stay at the top of the drinks market Coca-Cola is the largest beverage company in the world serving over 1.9 billion drinks daily across its 500 brands. Being such a large conglomerate active in so many countries...
AI of Things The best-bits of Changing the Game with Big Data Valencia! Last Thursday, the 14th of December, the finished our schedule of yearly events with the latest edition of Changing the Game with Big Data. This conference was created with...
Beatriz Sanz Baños Telefónica IoT and Honda reduce motorbikes robbery Pucallpa, located in the middle of the Peruvian jungle, has a big concern with the safety of their citizens and their vehicles. With a population of 200.000 inhabitants, the motorcycle...
Beatriz Sanz Baños Connected Health, or IoT as your best lifeline IoT started mainly as a way of automating industrial and mechanical processes that relied heavily on human intervention. Yet one of the biggest yearnings of mankind has always been...
Gonzalo Álvarez Marañón Unravelling the Quantum Tangle of Cybersecurity: Quantum Computers, Quantum and Post-Quantum Cryptography Do you know what’ s the difference between quantum computing, quantum cryptography and post-quantum cryptography? Because to be honest, they have (almost) nothing to do with each other. They...
Andrés Naranjo Secure Homeworking, Applying Cybersecurity from Home Working from home makes it easier to reconcile these difficult days, but safety should not be overlooked. Telework safely with these tips.
Cybersecurity Weekly Briefing July 25-31ElevenPaths 31 July, 2020 BootHole: Vulnerability in GRUB2 Eclypsium researchers have discovered a buffer overflow vulnerability in the GRUB2 bootloader that could be used to execute arbitrary code during the boot process. It has been named BootHole. This security flaw (CVE-2020-10713), which has received a high severity rating (CVSS of 8.2), would affect both Linux and Windows systems, and could allow attackers to install malicious bootloaders to gain almost total control over the vulnerable device. Eclypsium warns that mitigating this threat will require the release of new installers and bootloaders for all versions of Linux and Windows. Some companies, such as Microsoft, have issued a security advisory on this issue. More info: https://eclypsium.com/2020/07/29/theres-a-hole-in-the-boot/ Doki: New Malware Targeting Docker Servers Intezer researchers have discovered a new backdoor for Docker servers running on Linux which they have named Doki and which implements a previously unknown technique. This malware uses an undocumented method to contact its operator by abusing the Dogecoin cryptocurrency blockchain in a unique way. By doing so, Doki manages to generate Command & Control domain addresses dynamically. Doki has managed to stay hidden for over six months despite samples were publicly available on VirusTotal. More details: https://www.intezer.com/container-security/watch-your-containers-doki-infecting-docker-servers-in-the-cloud/ Emotet Evolves in the Sending of Mail Emotet malware has been found to be stealing attachments to increase the authenticity of emails used in its campaigns. This is the first time this malware is using this technique, as there was no attachment stealer module in the malware code before, which was added around 13 June according to Marcus ‘MalwareTech’ Hutchins. Since its first identification in 2014 as a banking Trojan, Emotet has evolved into a malware botnet used by threat actors to infect with different malware families. After 5 months of inactivity, it has returned to life with massive mail campaigns camouflaged as payment reports, invoices or shipping information, compromising victims with TrickBot Trojan or, more recently, with QakBot malware. Learn more: https://www.bleepingcomputer.com/news/security/emotet-malware-now-steals-your-email-attachments-to-attack-contacts/ Alerts on Cyberattacks and Industry Vulnerabilities The U.S. National Security Agency has warned, together with the Cybersecurity & Infrastructure Security Agency (CISA), of the possibility of imminent cyberattacks against the industrial sector. This is a trend marked by the 2017 TRITON attack that could lead to similar attacks affecting Safety Instrumented Systems (SIS), the last line of defense for OT systems. For its part, ICS-CERT has issued an advisoryabout several vulnerabilities in Schneider Triconex SIS, of which the most critical flaw stands out, classified as CVE-2020-7491, with a CVSS v3 of 10. This corresponds to improper access control that would allow unauthorized access and a potential takeover by a threat actor. Schneider Electric has already fixed these issues in the latest versions of its TriStation and Tricon Communications Module (TCM) products. However, ICS-CERT would like to emphasize the features of the OT devices, which are often not updated or provided with security standards at the level of current attacks. For more information: https://us-cert.cisa.gov/ncas/alerts/aa20-205a Cerberus Trojan Source Code Goes to Auction Cerberus Trojan development team has broken up and the source code of the malware will go to auction, according to a team’s post on a Russian underground forum. This is a Trojan mainly affecting Android and operating since 2019. It would be generating about 10,000 dollars a month in profits, according to one of Cerberus managers. After infecting a device, the Trojan acts by creating overlaps in services created by banking applications, stealing credentials and leaking this data to the Command & Control (C2) servers. There have even been cases that show its capability to intercept multi-factor authentication (MFA) mechanisms. The announcement made by the threat actor indicates that they expect to generate up to $100,000 with this sale, offering the possibility of the entire package to the highest bidder, including .apk malware and C2 servers. For more information: https://www.zdnet.com/article/cerberus-banking-trojan-team-breaks-up-source-code-goes-to-auction/ #CyberSecurityReport20H1: Microsoft Fixes Many More Vulnerabilities, but Detects Far FewerCybersecurity and Pandemic (I): People
Carlos Ávila IoTM Mobile Applications and The Relevance Of Their Security Almost a year ago in the article “Internet of Health“ I described how incredible is the amount of applications and devices that the medical industry has deployed and will...
ElevenPaths DevSecOps: 7 Key Factors for Implementing Security in Devops DevSecOps, also known as SecDevOps, is a software development philosophy that advocates the adoption of security throughout the software development lifecycle (SDLC). DevSecOps is more than just a specific...
Antonio Gil Moyano Security in video call applications: Microsoft Teams, Zoom and Google Meet There is no doubt that instant messaging programmes have become an essential communication tool in our personal and professional lives. There is also no doubt that video calling applications,...
ElevenPaths Cyber Security Weekly Briefing June 5-11 Microsoft’s monthly bulletin Microsoft has released its June security bulletin, which fixes 50 vulnerabilities, including remote code execution (RCE) flaws, denial of service issues, privilege escalation and memory corruption issues....
ElevenPaths When I grow up I want to be… Engineer “What do you want to be when you grow up? A classic. So simple, yet so complex, and curiously so often asked when we are just kids… when perhaps...
Innovation and Laboratory Area in ElevenPaths We Are Taking Part in The Arsenal Black Hat USA 2021: Hybrid Pandemic Mode On Once again, the ElevenPaths Innovation and Lab team is taking part in the Black Hat USA 2021 Arsenal in Las Vegas to share a new open-source tool with the...
