ElevenPaths Cyber Security Weekly Briefing 27 February – 5 March HAFNIUM attacks Microsoft Exchange servers with 0-day exploits Microsoft has detected the use of multiple 0-day exploits to carry out targeted attacks against on-premise versions of Microsoft Exchange Server (2013,...
Franco Piergallini Guida How to Trick Apps That Use Deep Learning for Melanoma Detection One of the great achievements of deep learning is image classification using convolutional neural networks. In the article “The Internet of Health” we find a clear example where this...
Juan Elosua Tomé Triki: Cookie Collection and Analysis Tool In July 2020, the Spanish Data Protection Agency, following the entry into force of the European General Data Protection Regulation and several consultations with the European Data Protection Committee...
ElevenPaths Cybersecurity Weekly Briefing November 14-20 Malware distribution campaign supplants the identity of Spanish ministries ESET researchers warn of a malware distribution campaign that is impersonating Spanish ministries to distribute a malicious Android application through links...
Juan Elosua Tomé New FARO Version: Create Your Own Plugin and Contribute to Its Evolution We are pleased to announce the latest version of FARO, our open-source tool for detecting sensitive information, which we will briefly introduce in the following post. Nowadays, any organisation can...
Innovation and Laboratory Area in ElevenPaths Telefónica Tech’s Cybersecurity Unit Becomes Part of The European Commission’s Cybersecurity Atlas Telefónica Tech’s Innovation and Laboratory Area in cyber security has been included as part of the European Commission’s Cybersecurity Atlas, a knowledge management platform that maps, classifies, visualises and...
ElevenPaths Cybersecurity Weekly Briefing September 5-11 Microsoft Patch Tuesday Microsoft published on Tuesday its newsletter with updates for the month of September. In this new bulletin a total of 129 vulnerabilities have been corrected in 15...
ElevenPaths Cyber Security Weekly Briefing December 12-18 Supply Chain compromise: SolarWinds Orion FireEye researchers have unveiled a major global information theft and espionage operation that takes advantage of the supply chain to gain access to the systems...
ElevenPaths Cyber Security Weekly Briefing 27 February – 5 March HAFNIUM attacks Microsoft Exchange servers with 0-day exploits Microsoft has detected the use of multiple 0-day exploits to carry out targeted attacks against on-premise versions of Microsoft Exchange Server (2013,...
Innovation and Laboratory Area in ElevenPaths Telefónica Tech’s Cybersecurity Unit Becomes Part of The European Commission’s Cybersecurity Atlas Telefónica Tech’s Innovation and Laboratory Area in cyber security has been included as part of the European Commission’s Cybersecurity Atlas, a knowledge management platform that maps, classifies, visualises and...
Gonzalo Álvarez Marañón Top 10 TED Talks to Learn about Cybersecurity Discover the top 10 talks to learn about cybersecurity and, at the same time, some ways to improve your own presentations.
Innovation and Laboratory Area in ElevenPaths Uncovering APTualizator: the APT that patches Windows By the end of June 2019, we assisted to an incident were a high number of computers had started to reboot abnormally. In parallel, Kaspersky detected a file called swaqp.exe, which apparently...
#CyberSecurityPulse: The Attack Against the WPA2 Encryption that Poses a Threat to Our Wireless SecurityElevenPaths 17 October, 2017 On October 16, a research has been published about an attack to the current recommended encryption standard for WiFi networks, WPA2. Although the risks to these networks are not new and attacks against WEP or WPA have already proliferated, making these protocols unsafe, the current scheme was considered robust. Until now. The scope of the attack, proposed by Mathy Vanhoef and Frank Piessens and known as Key Reinstallation Attack (KRACK), exploits a severe weakness that would allow an adversary phisically located in the range of the wireless connection to have access to previously assumed information as safe. Once reviewed the information that has just been released, the consequences are serious if the attack is confirmed and would involve up to 10 different CVE whose content has not been published yet. However, that does not mean that all our connections are affected. The attack affects the WPA2 Wi-Fi networks and the most dangerous scenarios would assume the physical proximity of the attacker to the networks and would always affect the confidentiality of the communications within that WiFi network that would be potentially readable if they did not include another layer of additional encryption as HTTPS does for example. Under certain circumstances, the researchers have also been able to not only decrypt, but also inject packets into the network. In any case, the problem is still serious, because it would be expanding the range of attacks that have traditionally been implemented on public networks to a number of environments that we have assumed to be reliable. Sharing the concern of the community while the full details are explained, the usual recommendations are still valid in this case. For those who are really concerned about the potential impact it has on their own wireless networks, they can always reinforce the security measures for home networks by considering them as public networks, for example by forcing connections through VPN and, overall, keeping up to date all the usual security elements to benefit from the security updates as soon as they are published. Being concerned is healthy and is well justified, but, at the same time, we have the obligation to face events that are happening live like this one with the appropriate serenity too. » More information at KRACK Attacks Top Stories Outlook Has Attached a Plaintext Copy of Encrypted Emails for 6 Months The encrypted emails sent using Microsoft Outlook have been sent with an attached plaintext copy of the original encrypted content. This would expose the content of the emails to an attacker with access to the email server, one of the threat cases against which encryption tries to fight back. The vulnerability, which has been correspondingly classified as severe, has affected the S/MIME end-to-end encryption protocol which is precisely one of the most spread encryption standards for email communications. » More information at The Hacker News Bitcoin Reaches a New Maximum over 5000 USD Cryptocurrencies are experimenting a new wave. Satoshi Nakamoto’s Bitcoin has reached a new maximum after widely surpassing the figure of 5500 US Dollars per Bitcoin exchange rate for the first time since its appearance. Because of that, it has almost reached the 100 billion dollars of total market capitalization for the Bitcoin economy itself. As usual, such an increase has also boosted the exchange of many other cryptocurrencies which are also benefiting from the Bitcoin upswing so as to almost reach new historical records in the case of Ethereum and relevant local maximums in several other cryptocurrencies such as Litecoin or Ripple. » More information at Coinmarketcup Rest of the Week´s News ASD Revealed Hacker Stole Sensitive Data on Australia’s Military Capabilities The Australia’s foreign intelligence agency, the Australian Signals Directorate (ASD), admitted that a hacker has stolen over 30 GB of military documents. The hacker stole the huge trove of confidential data on military capabilities at an unnamed Department of Defence contractor. The ASD spokesperson Mitchell Clarke, confirmed that not “top secret” data was compromised, but it included information not publicly accessible. » More information at Security Affairs US Congress Mulls First Hack Back Law The Active Cyber Defense Certainty Act (ACDC) amends the Computer Fraud and Abuse Act to make limited retaliatory strikes against cyber-miscreants legal in America for the first time. The bill would allow hacked organizations to venture outside their networks to identify an intruder and infiltrate their systems, destroy any data that had been stolen, and deploy “beaconing technology” to trace the physical location of the attacker. » More information at United States House of Representatives Disqus Confirms Database Breach Disqus confirmed a database breach impacting some data for 17.5 million users and including information dating back to 2007. “The snapshot includes email addresses, Disqus user names, sign-up dates, and last login dates in plain text for 17.5mm users,” Jason Yan, the company’s CTO, wrote in a blog post. Additionally, passwords (hashed using SHA1 with a salt; not in plain text) for about one-third of users were included.  » More information at Disqus Further Reading Iranian Hackers Compromised Theresa May’s Email Account » More information at Security Affairs Ukraine Police Warns of New NotPetya-Style CyberAttacks » More information at The Hacker News DoubleLocker, the Android Ransomware That Encrypts Files and Changes PIN Lock » More information at Security Affairs Sign up for our newsletter! Telefónica and ElevenPaths integrate its digital signature solution and biometric SealSign with Microsoft AzureTrend Report: State of Cybersecurity in Spanish companies
ElevenPaths Cyber Security Weekly Briefing 27 February – 5 March HAFNIUM attacks Microsoft Exchange servers with 0-day exploits Microsoft has detected the use of multiple 0-day exploits to carry out targeted attacks against on-premise versions of Microsoft Exchange Server (2013,...
Juan Elosua Tomé New FARO Version: Create Your Own Plugin and Contribute to Its Evolution We are pleased to announce the latest version of FARO, our open-source tool for detecting sensitive information, which we will briefly introduce in the following post. Nowadays, any organisation can...
Innovation and Laboratory Area in ElevenPaths Telefónica Tech’s Cybersecurity Unit Becomes Part of The European Commission’s Cybersecurity Atlas Telefónica Tech’s Innovation and Laboratory Area in cyber security has been included as part of the European Commission’s Cybersecurity Atlas, a knowledge management platform that maps, classifies, visualises and...
Franco Piergallini Guida How to Trick Apps That Use Deep Learning for Melanoma Detection One of the great achievements of deep learning is image classification using convolutional neural networks. In the article “The Internet of Health” we find a clear example where this...
ElevenPaths Cyber Security Weekly Briefing February 13-19 Privilege escalation vulnerability in Windows Defender SentinelLabs researcher Kasif Dekel has discovered a new vulnerability in Windows Defender that could have been active for more than twelve years. The flaw,...
Gonzalo Álvarez Marañón Functional Cryptography: The Alternative to Homomorphic Encryption for Performing Calculations on Encrypted Data — Here are the exact coordinates of each operative deployed in the combat zone.— How much?— 100.000.— That is too much.— And a code that displays on screen the...