ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths #CyberSecurityPulse: The Transparent Resolution of Vulnerabilities Is Everyone’s Business The new year has started with a story that has taken the covers of specialized and generalist media all around the world. The vulnerabilities named as Meltdown and Spectre...
ElevenPaths Cybersecurity Weekly Briefing November 7-13 Links between Vatet, PyXie and Defray777 Researchers from Palo Alto Networks have investigated the families of malware and operational methodologies used by a threat agent that has managed to go...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths Technically analysing a SIEM… are your logs secure? The SIEMs are usually utilized within highly secure of regulated environments, where regular log monitoring and analysis is required to search for security incidents. They help to make...
Rafael Ortiz How to Make API REST Requests to Tor Hidden Services in an Android APK If you are a developer and want to test your Android app with a Tor hidden service, here's how.
ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths Cybersecurity Weekly Briefing September 5-11 Microsoft Patch Tuesday Microsoft published on Tuesday its newsletter with updates for the month of September. In this new bulletin a total of 129 vulnerabilities have been corrected in 15...
ElevenPaths Cybersecurity Weekly Briefing September 19-25 New attack vector for vulnerability in Citrix Workspace Pen Test Partners security researcher Ceri Coburn has discovered a new attack vector for the CVE-2020-8207 vulnerability in Citrix Workspace corrected in...
The New Digital Workforce and The Risks Around Robotics Process Automation (RPA)Martiniano Mallavibarrena 9 March, 2021 In recent years, many companies in different sectors have chosen to base their digital transformation on RPA – Robot Process Automation, which has facilitated the creation of hundreds of thousands of bots (software robots) in the technology environments of thousands of companies globally. This small army of automation routinely interacts with employees to form a new “digital workforce”. These automations, known as bots, are usually a modern and agile version of complex, multi-system scripts and will therefore be able to process spreadsheets, download attachments from mailboxes, plan processes or balance accounting reports. People involved in business processes can now (with very light training and many utilities) program powerful bots outside the IT department or external providers. This is the so-called low code approach. In recent years, the RPA sector has added various AI-related tools to its software suites. With this reinforcement, we will avoid writing complex computer programs and use approaches such as Machine Learning so that the system is trained (e.g., detecting fields in all types of invoices, in any language) and continues to learn over time. To this improvement, we would like to add some NLP (Neuro-Linguistic Programming) type function that allows us to have a first level of understanding of text information (e-mail messages or customer chats) in multiple languages. All this firepower is a reality in thousands of companies where financial processes and insurance companies make up the majority of digital employees. Industrial, logistics or telecommunications companies have been using this technology intensively for several years now as well. From a cyber security point of view, RPA scenarios can be a new focus of attacks of various kinds. The various manufacturers of these platforms provide bot creators with all possible functionalities in terms of data encryption, authentication, use of external business identity platforms, etc. This enables the creation of process robotics platforms that are truly robust in terms of security. Types of Attacks Against RPAs The most likely attacks to be attempted in an RPA deployment will typically involve authentication, especially when the environment is complex (federation, MFA, 2FA, etc.) and attacks on the central consoles (where the system log, authorisations, credential chests, etc. will be stored). We must remember that bots interacting with our business systems will need sets of credentials analogous to those used by human employees. A second attack vector will be related to source code and the potential weaknesses of the usual ecosystem of in-house developers, service companies, subcontractors, etc. If we do not maximise secure development measures (a DevSecOps-type framework, for example) and maximise best practices (such as the use of credential chests, instead of clear passwords) or external authentication systems (for accounts with higher privileges), we will unintentionally create a large attack surface for our adversaries. Training systems and other AI functions should be reviewed following these best practices to avoid allowing vulnerabilities in the final systems we put into production. The major cyber security frameworks (such as the NIST framework in the United States) can be applied to review the entire collection of controls that we will need to take into consideration when developing our specific RPA solution. In a company with a mixed workforce (human employees and software robots), the level of constant monitoring and cyber security governance cannot overlook these new “digital employees” and all the technology that keeps them active. They, like us, will be logging into systems, creating and using files with sensitive information and acting directly on our business platforms (ERP, CRM, etc.) possibly on a 24/7 basis. If these platforms are vulnerable and offer a large attack surface, a new generation of cyber security risks will start to appear on every CISO’s agenda. Therefore, our current approach to cyber security must gradually prepare to include such platforms, processes and activity in its coverage. It will soon be part of our daily reality and we must be prepared for it. #LadyHacker 2021, IT’S HERE!Nobody on The Internet Knows You Are A Dog, Even If You Use TLS Certificates
ElevenPaths A Trillion-Dollar on Offer to the Puzzle Solver Are you a fan of mathematical puzzles? Well, here’s a lucrative one… but hard to beat! If you discover a method to crack the hashes used in Blockchain, you...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths What is VPN and What is It For? VPN connections are nothing new, they have been with us for a long time, always linked to the business world. The great versatility and its different uses have made...
ElevenPaths Cyber Security Weekly Briefing March 20-26 Analysis of the new cyber-espionage group SilverFish The PRODAFT Threat Intelligence team (PTI) has discovered a highly sophisticated cybercriminal group called SilverFish, which operates exclusively against large enterprises and public...
ElevenPaths Cyber Security Mechanisms for Everyday Life It is becoming more and more common to find in the general media news related to cyber-attacks, data breaches, privacy scandals and, in short, all kinds of security incidents....