Telefónica Tech Cyber Security Weekly Briefing 12-18 February Researchers develop exploit for critical vulnerability in Magento Positive Technologies’ offensive security team has developed a Proof of Concept (PoC) for the CVE-2022-24086 CVSSv3 9.8 vulnerability, claiming that it would allow control...
Telefónica Tech Cyber Security Weekly Briefing 22-28 January New vulnerabilities in Linux Two new vulnerabilities of risk have recently been disclosed and are reportedly affecting Linux systems. If exploited, they could allow privilege escalation on the vulnerable system. CVE-2021-4034...
Telefónica Tech Cyber Security Weekly Briefing 8–14 january Microsoft security bulletin Microsoft has published its January security bulletin in which it has fixed a total of 97 bugs, including six 0-day vulnerabilities and nine bugs classified as critical....
Telefónica Tech Cyber Security Weekly Briefing 1–7 january Mail delivery failure on Microsoft Exchange on-premises servers 2 January, Microsoft released a workaround to fix a bug that interrupted email delivery on Microsoft Exchange on-premises servers. The bug is a “year...
Telefónica Tech Cyber Security Weekly Briefing 18 – 24 December Log4Shell Vulnerability (update) Through the week new details and comments around the vulnerability known as Log4Shell have continued to appear. First, a new denial-of-service vulnerability affecting Log4j2 on versions from 2.0-alpha1...
Telefónica Tech Cyber Security Weekly Briefing 11 – 17 December New campaign distributing the Anubis banking trojan Researchers at Lookout have reported a malicious campaign distributing a new version of the Anubis banking trojan obfuscated in an Android mobile app...
Telefónica Tech Cyber Security Weekly Briefing 4 – 10 December Catalan government suffers DDoS attack According to the statement issued by the Catalan government, the Centre de Telecomunicacions i Tecnologies de la Informació (CTTI) detected last Friday a cyber-attack that compromised more...
Telefónica Tech Cyber Security Weekly Briefing 27 November – 3 December Apple and Google fined 20 million for using user data The Italian Competition and Market Authority (AGCM) has fined both Google and Apple 10 million euros for their method of...
Telefónica Tech Cyber Security Weekly Briefing 20-26 November Reacharound: possible resurgence of the triple threat Trickbot-Emotet-Ransomware Last January, an international action orchestrated by Europol and Eurojust led to the dismantling of the Emotet infrastructure, a malware widely used...
Telefónica Tech Cyber Security Weekly Briefing 13-19 November Emotet returns Security researchers from Cryptolaemus have identifed what seems to be the reappearence of the popular Emotet malware, whose infrastructure had remained inactive since January after a joint intervenion by security...
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick Now you can use Latch with Dropbox, Facebook and others digital services Many of you have asked us which services you can use Latch with, regretting that so far it could not be used in the more common services, such as...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Heartbleed plugin for FOCA By now, everyone knows about Heartbleed. Just like we did for FaasT, we have created a plugin for FOCA (final version) one of our most downloaded tools. This plugin...
Florence Broderick Responsible full disclosure… por ambas partes La revelación responsable de vulnerabilidades es un viejo debate, pero no necesariamente zanjado. Vamos a observarlo desde el punto de vista del sistema vulnerable o afectado, no desde el...
