Telefónica Tech Cyber Security Weekly Briefing 26 March- 1 April Spring4Shell vulnerability Spring has released security updates for the 0-day remote code execution (RCE) flaw known as Spring4Shell. Since the appearance of the vulnerability, unconfirmed information has been released from different...
Telefónica Tech Cyber Security Weekly Briefing 19-25 March Privilege escalation vulnerability in Western Digital Independent security researcher Xavier Danest has reported a privilege escalation vulnerability in EdgeRover. It should be mentioned that EdgeRover is a software developed by storage products...
Mark Skelton 3 Key Cyber Security Considerations To tackle cyber security effectively, we need to find new ways to meet the cyber challenges facing all of us. As CTO for Telefónica Tech UK&I, I regularly speak...
Sandra Tello Towards a green digital transformation COVID-19 has created challenges that were previously unimaginable, but it has also given us an incredible opportunity to reinvent and rebuild ourselves. In my last blog post we saw...
ElevenPaths Cyber Security Weekly Briefing 12-18 March Vishing by impersonating Microsoft The Office of Internet Security (OSI) has issued a security advisory to report an increase, in recent weeks, of fraudulent calls in which a supposed Microsoft...
Telefónica Tech's Innovation and Laboratory Area #CyberSecurityReport2021H2: Log4Shell, the vulnerability that has exposed the software’s reliance on altruistically maintained libraries and their enormous security impact. There are many reports on security trends and security summaries, but Telefónica Tech wants to make a difference. The Innovation and Lab team has just launched our own report...
Lucía López Sánchez Are airlines companies as safe as they seem? Recently, the number of news reporting cybersecurity incidents involving airlines companies worldwide has increased; cybercriminals are targeting airlines more and more often. Some examples of these incidents are the...
Telefónica Tech Telefónica Tech at Mobile Word Congress 2022 MWC 2022 was undoubtedly one of the busiest in recent years. With the post-pandemic halt and the rescheduling of MWC 2021, even though it was only 6 months since...
Telefónica Tech Cyber Security Weekly Briefing 5-11 March Mozilla patches two 0-day vulnerabilities Mozilla has issued a security advisory patching two 0-day vulnerabilities that are reportedly being actively exploited and affect Firefox, Focus and Thunderbird. Both vulnerabilities were...
Telefónica Tech 42 Madrid students solve Telefónica Tech’s challenges In recent years, cybersecurity has become a major cornerstone for businesses. Data is today’s gold and protecting it is an essential part of a project. In 2021, there were...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
