Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths #CyberSecurityPulse: Google’s project to fight election attacks On the night of the primary elections in May, the residents from the county Knox, Tennessee, did not know who had won for about an hour. They did not...
ElevenPaths Cybersecurity Weekly Briefing November 14-20 Malware distribution campaign supplants the identity of Spanish ministries ESET researchers warn of a malware distribution campaign that is impersonating Spanish ministries to distribute a malicious Android application through links...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 8 – 14 April Apple fixes two new actively exploited 0-day vulnerabilities Apple has released new security advisories about two new actively exploited 0-day vulnerabilities affecting iPhones, Macs and iPads. First, there is the...
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (I) Sometimes, someone frees by mistake (or not) an enormous set of text files with millions of passwords inside. An almost endless list of e-mail accounts with their passwords or...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Your feelings influence your perception of risk and benefit more than you might think Security is both a feeling and a reality —Bruce Schneier Daniel Gardner starts his book The Science of Fear with the shocking history of US September 11 attacks: And so in...
Telefónica Tech Cyber Security Weekly Briefing 22-28 January New vulnerabilities in Linux Two new vulnerabilities of risk have recently been disclosed and are reportedly affecting Linux systems. If exploited, they could allow privilege escalation on the vulnerable system. CVE-2021-4034...
David García Will Rust save the world? (II) We saw in the previous article the problems of manual memory management, but also the pitfalls of automatic memory management in languages like Java. But what if there was...
Nacho Palou We are now live! Discover the new Telefónica Tech website We have redesigned the Telefónica Tech website to represent who we are as a digital solutions integrator. We also want to share what we do, who is behind it...
Carlos Ávila IoTM Mobile Applications and The Relevance Of Their Security Almost a year ago in the article “Internet of Health“ I described how incredible is the amount of applications and devices that the medical industry has deployed and will...
ElevenPaths DevSecOps: 7 Key Factors for Implementing Security in Devops DevSecOps, also known as SecDevOps, is a software development philosophy that advocates the adoption of security throughout the software development lifecycle (SDLC). DevSecOps is more than just a specific...
Antonio Gil Moyano Security in video call applications: Microsoft Teams, Zoom and Google Meet There is no doubt that instant messaging programmes have become an essential communication tool in our personal and professional lives. There is also no doubt that video calling applications,...
Innovation and Laboratory Area in ElevenPaths We Are Taking Part in The Arsenal Black Hat USA 2021: Hybrid Pandemic Mode On Once again, the ElevenPaths Innovation and Lab team is taking part in the Black Hat USA 2021 Arsenal in Las Vegas to share a new open-source tool with the...
ElevenPaths #LadyHacker: for yourself and for them The end of the academic year has arrived and with it the university admission exams. Young girls and boys in search of a final goal after so many years...
Diego Samuel Espitia Fileless Malware: A Growing but Controllable Attack For some years now, WatchGuard has been generating a report on the security situation detected on the Internet. Following the acquisition of Panda, this report has become even more...
Gonzalo Álvarez Marañón The Future of University Credentials Points Towards Blockchain And Open Badges Do you want a university degree within 48 hours and without having to open a book, for less than €1,000? No problem. You don’t even need to go to...
Carlos Ávila Using DIARIO Through FOCA For Malware Analysis Web servers are one of the main channels for the spread of malware on the internet. They are frequently attacked in search of security flaws that allow them to...
José Luis Núñez Díaz Towards a smarter supply chain One of the recurring use cases that is always mentioned when talking about Blockchain is its application in supply chains. In fact, back in 2018, at Telefónica we were...
ElevenPaths Telefónica WannaCry File Restorer: How can we recover information deleted by WannaCry? When cyberattacks occur in large organizations, it is crucial to remember where duplicate files are stored, as this information is also subject to infection by a malware virus or...
Florence Broderick Mobile Connect winner of the 'Connected Life Awards' Mobile Connect is a multi-operator solution driven by GSMA for universal secure access. The user only needs to link their information to their mobile device solution to have quick...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Information leakage in Data Loss Prevention leader companies Gartner has released a study that classifies the most important companies that offer Data Loss Prevention (DLP) solutions depending on their position, strategy, effectiveness, and market leadership. We have made...