Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
ElevenPaths #CyberSecurityPulse: Oops, I Went Running and I Published Information From Secret Locations The popular fitness tracking app Strava proudly published a 2017 heat map showing activities from its users around the world, but unfortunately, the map revealed locations of the United...
ElevenPaths Stela FileTrack protagonist of the 6th Security Innovation Day Edition The Telefónica’s Cybersecurity Unit helds its 6th Security Innovation Day, under the motto Game Is Never Over. Stela FileTrack, a new solution to protect organization’s sensitive documentary information. The Telefónica’s SOC...
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
ElevenPaths You’ve got mail? You’ve got malware A few weeks ago I was ‘compromised’. A well-known vulnerability was exploited and I was left financially exposed, with my reputation potentially at risk. “What happened?” I hear you...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
ElevenPaths Dumpster diving in Bin Laden’s computers: malware, passwords, warez and metadata (I) What would you expect from a computer network that belongs to a terrorists group? Super-encrypted material? Special passwords? The Central Intelligence Agency (CIA) on 1 November 2017 released...
ElevenPaths The Framing Effect: you make your choices depending on how information is presented You have received an alert from cyber intelligence. A terrible and enormous cyberattack is approaching. You must ensure the protection of 600 positions within your organization. You don’t have...
New plugins for FOCA: HaveIBeenPwned and SQLiElevenPaths 19 March, 2018 Following the publication of Foca OpenSource, a lot of people are now enthusiatic about the idea of adding new plugins or improving existing ones. On this occasion, we present two new plugins to get even more out of FOCA. In a joint effort between the Laboratory team and CSAs team, mainly, at the hands of José Sperk and Carlos Ávila, we have set to work to improve a plugin which has been in high demand: the one of SQLinjection. To do this, we have decided to interact with one of the most utilised hacking tools in the market, the famous SQLMap. From this, we have advanced with the development of a plugin which allows us to detect and exploit SQL injection vulnerabilities in web applications, using REST-JSON API of SQLMap, but from a friendlier and more well-known graphic environment, such as that of the FOCA. The following video shows you how to download and utilise the SQLI plugin in FOCA, taking into account that previously you must download and install SQLMap on your computer to launch the scans from there. If you prefer or you have installed SQLMap on another computer, you can also select “Remote Server API” and connect from the FOCA OpenSource to launch scans remotely As if that was not enough, we have also created another new haveibeenpwned plugin for Foca which interacts through the https://haveibeenpwned.com/ APIs and with http://hesidohackeado.es/. In this way, the email addresses which you find whilst analyzing the metadata with FOCA OpenSource, can be directly consulted from the application against those two data bases. Likewise, if you have a file with an address list which you want to verify, you can do it directly from this plugin. The following video shows how it works. Finally, we have released the source code for PluginApi.dll, in charge of communicating the plugins with FOCA, providing different options to make the most of the results of the analyses of which we carry out. Remember that if you want to add new plugins, we have provided several examples that contain everything you need to develop a new one. All of this is available in our FOCA market, where you are welcome to participate with your proposals. Claudio Caracciolo Team Leader of the CSA and the Bs. As. Research Office at ElevenPaths Innovation and Laboratory claudio.caracciolo@11paths.com @holesec #CyberSecurityPulse: Biggest-Ever DDoS Attack Hits Github Website#CyberSecurityPulse: PyeongChang Olympics: A New False Flag Attack?
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Download for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How to Overcome Thinking Errors That Bias Your Judgements’ In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for one detail: their lack of...
Sergio De Los Santos New App to Clean Metadata More Easily We are not going to repeat the dangers of metadata, since it has been discussed for quite some time now. However, we can try to make its management and cleaning simpler. Some...
ElevenPaths We Announce Our Digital Operation Centers, Where All Our Digital Services Are Focused The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester...
Innovation and Laboratory Area in ElevenPaths EasyDoH Update Hot off the Press: New Improvements and Functionalities Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
