ElevenPaths Cyber Security Weekly Briefing 27 February – 5 March HAFNIUM attacks Microsoft Exchange servers with 0-day exploits Microsoft has detected the use of multiple 0-day exploits to carry out targeted attacks against on-premise versions of Microsoft Exchange Server (2013,...
Franco Piergallini Guida How to Trick Apps That Use Deep Learning for Melanoma Detection One of the great achievements of deep learning is image classification using convolutional neural networks. In the article “The Internet of Health” we find a clear example where this...
ElevenPaths #CyberSecurityPulse: Oops, I Went Running and I Published Information From Secret Locations The popular fitness tracking app Strava proudly published a 2017 heat map showing activities from its users around the world, but unfortunately, the map revealed locations of the United...
Innovation and Laboratory Area in ElevenPaths TheTHE: The Threat Hunting Environment, our tool for researchers TheTHE, a unique tool within its category that allows analysts and hunters to carry out their research tasks in a more agile and practical way.
Juan Elosua Tomé New FARO Version: Create Your Own Plugin and Contribute to Its Evolution We are pleased to announce the latest version of FARO, our open-source tool for detecting sensitive information, which we will briefly introduce in the following post. Nowadays, any organisation can...
Innovation and Laboratory Area in ElevenPaths Telefónica Tech’s Cybersecurity Unit Becomes Part of The European Commission’s Cybersecurity Atlas Telefónica Tech’s Innovation and Laboratory Area in cyber security has been included as part of the European Commission’s Cybersecurity Atlas, a knowledge management platform that maps, classifies, visualises and...
ElevenPaths What Kind of Professionals Work in Our Security Operations Center (SOC)? Discover the different profiles of the SOC professionals in this post, who work day and night to provide the best security to our customers.
Gonzalo Álvarez Marañón Hiding Keys Under the Mat: Governments Could Ensure Universal Insecurity The doorbell rang. “Who will be ringing now?” asked Brittney Mills, as she struggled to get off the couch. Her eight months of pregnancy were beginning to hinder her...
ElevenPaths Cyber Security Weekly Briefing 27 February – 5 March HAFNIUM attacks Microsoft Exchange servers with 0-day exploits Microsoft has detected the use of multiple 0-day exploits to carry out targeted attacks against on-premise versions of Microsoft Exchange Server (2013,...
Innovation and Laboratory Area in ElevenPaths Telefónica Tech’s Cybersecurity Unit Becomes Part of The European Commission’s Cybersecurity Atlas Telefónica Tech’s Innovation and Laboratory Area in cyber security has been included as part of the European Commission’s Cybersecurity Atlas, a knowledge management platform that maps, classifies, visualises and...
ElevenPaths Cybersecurity Weekly Briefing 26 September – 2 October The logistics giant CMA CGM affected by a cyber attack This week, the French logistics group CMA CGM, which operates in 160 different countries, reported via its website and social...
ElevenPaths Don’t confuse the frequency of an incident with the ease you remember it Imagine that there have been a few robberies in two parks of your town that have got all the attention for days. This afternoon you would like to go...
#CyberSecurityReport20H2: Microsoft Corrects Many More Vulnerabilities, But Discovers Far FewerInnovation and Laboratory Area in ElevenPaths 26 January, 2021 There are many reports on security trends and summaries, but at ElevenPaths we want to make a difference. From the Innovation and Laboratory team, we have just launched our own cyber security report that summarises the highlights of the second half of 2020. Its philosophy is to offer a global, accurate and useful overview of the most relevant data and facts about cyber security, and it is designed to be consumed by both professionals and amateurs in a simple and visually appealing way. The purpose of this report is to summarise the cyber security information of the last few months, taking a perspective that covers most aspects of cyber security, in order to help the reader understand the risks of the current situation. The information gathered is largely based on the compilation and synthesis of internal data, cross-checked with public information from sources we consider to be of high quality. The following are some of the points that are important to us. #CyberSecurityReport20H2: General Data Regarding Microsoft, the total number of flaws discovered and fixed is more than 600 during this half-year, the same as the previous one. We understand that most of the non-credited flaws may come from vulnerabilities found in 0-days or other circumstances where the author is not known and has not been reported anonymously. In these cases, Microsoft does not credit anyone in particular. This difference between credited and ” non-credited ” vulnerabilities, which is not the same as anonymous, is reflected in the following chart: Compared to the previous half-year, the data on who discovers vulnerabilities at Microsoft looks very different. The long queue of “others” leads the list. This means that they are discovered by researchers with less than 5 cumulative flaws. The ZDI initiative remains (increasingly) the favourite formula for researchers. This trimester, Zhiniang Peng is a very relevant actor with 66 flaws. It is also striking that Qihoo, responsible for hundreds of flaws discovered regularly in previous years, has completely disappeared from the list this semester. Interesting comparison with the previous semester: Vulnerabilities in Mobile Phones 2020 has closed with 187 vulnerabilities patched in the iOS operating system, 37 of which are considered high-risk, with the possibility of executing arbitrary code. Some of them affect the kernel of the system itself. On Android, this was the second year with the highest number of reported vulnerabilities. With respect to this year’s Apple transparency report, there are some interesting facts. For example, these requests occur when law enforcement agencies act on behalf of clients who require assistance related to fraudulent activity involving credit cards or gift cards that have been used to purchase Apple products. In this sense, Spain is one of the most active countries requesting data from the company. Regarding the number of vulnerabilities per manufacturer, Microsoft, Google and Oracle continue to lead. However, this number has to be seen in the perspective of criticality, number of products, etc. Other Conclusions In mobile phone security, the number of IOS vulnerabilities continues to trend upwards since the downturn in 2018. For Android, 2020 was the second year with the most reported vulnerabilities, after the historic 2017. In comparison with last semester, CWE-89 based on SQL injection, and CWE-287, which explains poor authentication, sneak into the list. These are problems that have been around for years and never quite disappear from the list of the most serious known vulnerabilities. The top of the list remains intact compared to the first half of the year. APT groups, meanwhile, have not stopped their activity. Kimsuky (Aka “Velvet Chollima”) and Fancy Bear are still active, while the OceanLotus Group has been unmasked by Facebook. In a half-year period where again almost every month Microsoft has exceeded 100 vulnerabilities fixed, this time Qihoo does not appear in the list of manufacturers that have found the most flaws. ZDI is still the favourite formula for communicating (and rewarding) serious flaws. You can access the full report on our website. Laboratory Information Management System (LIMS) and its Mobile Applications4 Tips to Secure Your Data
ElevenPaths Cyber Security Weekly Briefing 27 February – 5 March HAFNIUM attacks Microsoft Exchange servers with 0-day exploits Microsoft has detected the use of multiple 0-day exploits to carry out targeted attacks against on-premise versions of Microsoft Exchange Server (2013,...
Juan Elosua Tomé New FARO Version: Create Your Own Plugin and Contribute to Its Evolution We are pleased to announce the latest version of FARO, our open-source tool for detecting sensitive information, which we will briefly introduce in the following post. Nowadays, any organisation can...
Innovation and Laboratory Area in ElevenPaths Telefónica Tech’s Cybersecurity Unit Becomes Part of The European Commission’s Cybersecurity Atlas Telefónica Tech’s Innovation and Laboratory Area in cyber security has been included as part of the European Commission’s Cybersecurity Atlas, a knowledge management platform that maps, classifies, visualises and...
Franco Piergallini Guida How to Trick Apps That Use Deep Learning for Melanoma Detection One of the great achievements of deep learning is image classification using convolutional neural networks. In the article “The Internet of Health” we find a clear example where this...
ElevenPaths Cyber Security Weekly Briefing February 13-19 Privilege escalation vulnerability in Windows Defender SentinelLabs researcher Kasif Dekel has discovered a new vulnerability in Windows Defender that could have been active for more than twelve years. The flaw,...
Gonzalo Álvarez Marañón Functional Cryptography: The Alternative to Homomorphic Encryption for Performing Calculations on Encrypted Data — Here are the exact coordinates of each operative deployed in the combat zone.— How much?— 100.000.— That is too much.— And a code that displays on screen the...