ElevenPaths We Announce Our Digital Operation Centers, Where All Our Digital Services Are Focused The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
ElevenPaths Accelerating European cyber security between the United Kingdom and Telefonica (Wayra) – Part one of two The GCHQ (Government Communications Headquarters) is not very well known outside of the United Kingdom. The governmental organization is almost a century old (it will celebrate its 100th anniversary...
ElevenPaths #CyberSecurityReport18H2: our new periodic report on cybersecurity Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
ElevenPaths We Announce Our Digital Operation Centers, Where All Our Digital Services Are Focused The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester...
Innovation and Laboratory Area in ElevenPaths EasyDoH Update Hot off the Press: New Improvements and Functionalities Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several...
ElevenPaths #CyberSecurityPulse: The Attack Against the WPA2 Encryption that Poses a Threat to Our Wireless Security On October 16, a research has been published about an attack to the current recommended encryption standard for WiFi networks, WPA2. Although the risks to these networks are not...
ElevenPaths Breaking Out HSTS (and HPKP) on Firefox, IE/Edge and (possibly) Chrome. Our Black Hat research We have been for a long time researching about HSTS, HPKP, certificate pinning and TLS technologies in general. As a collateral effect of this work, we have found some...
ElevenPaths We Announce Our Digital Operation Centers, Where All Our Digital Services Are Focused The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
ElevenPaths Dumpster diving in Bin Laden’s computers: malware, passwords, warez and metadata (II) What would you expect from a computer network that belongs to a terrorists group? Super-encrypted material? Special passwords? The Central Intelligence Agency (CIA) on 1 November 2017 released additional...
ElevenPaths The base rate fallacy or why antiviruses, antispam filters and detection probes work worse than what is actually promised Before starting your workday, while your savoring your morning coffee, you open your favorite cybersecurity newsletter and an advertisement on a new Intrusion Detection System catches your attention: THIS IDS...
GSMA IoT Security Champion: Award to our IoT Security teamElevenPaths 27 February, 2019 We have a lot to be happy about! Our IoT Security team, dedicated to cybersecurity specialized in the increasingly relevant world of the Internet of Things, has received a well-deserved award for its contribution to the dissemination and application of the IoT security guides of the GSMA, an entity that represents the interests of the most important mobile operators around the world and is in charge of the Mobile World Congress events around the world, among which is the Barcelona event that takes place this week. For several years, Telefónica has collaborated with other companies in the sector in an initiative led by the GSMA. The interest and support shown by the company during these years has paid off with the achievement of this award, which rewards the work and dedication demonstrated. 2018 was a very important, as some KPIs were defined and fully met, regarding the use of the GSMA checklist in the security assessments of services or incorporating it as part of the RFPs, among others. As part of this initiative, a set of documents describing the security requirements that must be taken into account when designing and implementing services have been prepared, as well as a checklist to assess to what extent these requirements have considered. You can consult the documents in the following links: General IoT Model (IoT Security Guidelines Overview Document) Device Security (IoT Security Guidelines for Endpoint Ecosystems) Network Security (IoT Security Guidelines for Network Operators) Security of the IoT services platform (IoT Security Guidelines for Service Ecosystems) The three documents that talk about security, correspond to the three essential components of any IoT service: the device, the network and the platform to which the device connects to send information or receive orders. In 2016, a case was published where these documents were applied in a project carried out for the port of Seville. In addition, during the past year, one of the case studies published within the framework of this initiative led by the GSMA was also contributed. From the entire ElevenPaths team, we would like to congratulate Security IoT for this award, fruit of their great work and encourage them to continue with their great work. Vicente Segura, Telefónica’s Head of IoT Security, accepted the award on behalf of the team. IoT, the new ally of renewable energies?Take control of your vehicles with Fleet Optimise
Sergio De Los Santos New App to Clean Metadata More Easily We are not going to repeat the dangers of metadata, since it has been discussed for quite some time now. However, we can try to make its management and cleaning simpler. Some...
ElevenPaths We Announce Our Digital Operation Centers, Where All Our Digital Services Are Focused The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester...
Innovation and Laboratory Area in ElevenPaths EasyDoH Update Hot off the Press: New Improvements and Functionalities Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
Innovation and Laboratory Area in ElevenPaths EasyDoH: our new extension for Firefox that makes DNS over HTTPS simpler A year ago, the IETF has raised to RFC the DNS over HTTPS proposal. This new is more important than it may seem. For two reasons: firstly, it’s a...
Sergio De Los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
