Florence Broderick New Tool: MicEnum, Mandatory Integrity Control Enumerator In the context of the Microsoft Windows family of operating systems, Mandatory Integrity Control (MIC) is a core security feature introduced in Windows Vista and implemented in subsequent lines...
Florence Broderick Telefónica Trend Report: The PoS Malware threat in 2015 A few weeks ago in the United Kingdom, cashless payments overtook the use of notes and coins for the first time. This is the latest demonstration that, while worldwide...
Florence Broderick "Alarmware" in Google Play: will not stop an alarm until you install another malicious app In ElevenPaths, we have spotted a few samples of downloaders in Google Play that work in a very special way. The app hides its icon and installs a service...
Florence Broderick Faast already detects "Logjam": Imperfect Forward Secrecy Faast teams have been working all day long to add a new plugin to our list of detected vulnerabilities. There has been found a new security problem in TLS...
Florence Broderick ElevenPaths finds a XSS problem in Play Framework Play Framework is defined as “The high velocity Web Framemork for Java and Scala”. We use it internally in some of our products. Ricardo Martín from our QA team...
Florence Broderick New tool: Google index Retriever Have you ever found a webpage that seems to talk exactly about what you need, but it has been removed? Yes, Google cache is the answer but… What if...
Florence Broderick The month of the RAT in Google Play A few days ago, Lukas Stefanko from ESET discovered a new remote administration system RAT for Android. Although there are some known RATs for Android, this malware had something...
Florence Broderick More apps in Google Play subscribing to SMS premium numbers: JSSMSers After finding the JSDialers, we should have figured it out. The attackers are using the exact same technique as in JSDialers to spread apps that subscribe the victims to...
Florence Broderick "Not today downloaders": New downloaders techniques in Google Play Downloaders are not new in Android, but lately, they are getting more and more important for attackers as a method to avoid Google Play barriers and malware detection. In...
Florence Broderick JSDialers: apps calling premium rate numbers (with new techniques) in Google Play During last year, a lot of “made in Spain” malware was found in Google Play. It was basically malware that tried to silently subscribe the victim to premium SMS numbers. From a while...
José Luis Núñez Díaz Towards a smarter supply chain One of the recurring use cases that is always mentioned when talking about Blockchain is its application in supply chains. In fact, back in 2018, at Telefónica we were...
ElevenPaths Mum, I want to be a hacker The hacker concept is most often associated with male ‘techies’ and ‘geeks’. But why is it so difficult to find female role models in the world of technology? We...
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick Eleven Paths Talks: WordPress in Paranoid Mode ¡Regístrate aquí! El próximo Jueves 30 de Junio nuestro compañero Pablo González impartirá una charla en la que se verá una prueba de concepto realizada en Eleven Paths. Pablo está en...
Florence Broderick ElevenPaths Talks: The ISF Standard of Good Practice for Information Security REGISTER HERE! On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is...
