Alexandre Maravilla Are SMS for sending verification codes secure? I recently forgot the password to access the personal area of my current bank’s online banking app. I show you the process of resetting the password, carried out from...
Telefónica Tech Cyber Security Weekly Briefing 28 February – 4 March Daxin: highly sophisticated backdoor Researchers at Symantec have published a paper reporting a new backdoor they have called Daxin, which they attribute to actors linked to China. According to Symantec,...
Telefónica Tech Cyber Security Weekly Briefing 19-25 February New privilege escalation flaw in Linux Security researchers at Qualys have discovered seven flaws in Canonical’s Snap software packaging and deployment system used in operating systems that use the Linux...
Telefónica Tech Cyber Security Weekly Briefing 12-18 February Researchers develop exploit for critical vulnerability in Magento Positive Technologies’ offensive security team has developed a Proof of Concept (PoC) for the CVE-2022-24086 CVSSv3 9.8 vulnerability, claiming that it would allow control...
Diego Samuel Espitia A practical approach to integrating MITRE’s ATT&CK and D3FEND Businesses have become aware of the need to have mechanisms in place to ensure the protection of their information and how important it is to understand their weaknesses in...
Telefónica Tech Cyber Security Weekly Briefing 5 – 11 February Microsoft disables macros and MSIX to prevent malware distribution Microsoft has been actively mobilising against multiple malware attacks that use some of its technologies as an entry vector. The products...
Alexandre Maravilla Digital Identity Wallets against identity theft fraud Identity theft or impersonation is a type of fraud in which criminals manage to supplant the identity of the person being deceived, based on the theft of their personal...
Telefónica Tech Cyber Security Weekly Briefing 29 January – 4 February Exploits that allow privilege elevation in Windows published Security researchers have made public several exploits that leverage a known elevation of privilege vulnerability that affects all versions of Windows 10. The exploits...
Telefónica Tech Cyber Security Weekly Briefing 22-28 January New vulnerabilities in Linux Two new vulnerabilities of risk have recently been disclosed and are reportedly affecting Linux systems. If exploited, they could allow privilege escalation on the vulnerable system. CVE-2021-4034...
Susana Alwasity The risks of not having controlled exposure to information (III) Finally comes the last and long-awaited post in this series on the risks of uncontrolled information overexposure. As we saw in the previous post, we know how to minimise...
Florence Broderick Participating in GSMA Mobile 360 LATIN AMERICA Mobile 360 – Latin America brings market leaders from Central and South America across the mobile telecom ecosystem for a two-day thought leadership conference together with operator-led Working Groups...
Florence Broderick Our CEO, Pedro Pablo Pérez, will represent Telefonica in the European Cyber Security Organization Brussels and the cybersecurity industry will earmark up to 1.8 billion euros in research TELEFONICA JOINS THE DECISION-MAKING BODIES OF THE EUROPEAN CYBER SECURITY ORGANIZATION AS...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Telefónica and ElevenPaths announce new market leading security offering following key sector agreements
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
