Gabriel Bergel Decepticons vs. Covid-19: The Ultimate Battle Social engineering is being used more than ever by cybercriminals. What do Decepticons have to do with it?
ElevenPaths ElevenPaths has achieved AWS Security Competency status Telefónica Tech’s cybersecurity company has demonstrated deep technical and consulting expertise helping large enterprises to adopt, develop and deploy complex cloud security projects that protect their environments on AWS...
ElevenPaths Security and electronic signature for any enterprise ElevenPaths, Microsoft and Gradiant have collaborated to allow companies to benefit from an advanced platform for electronic signatures and digital certificate safekeeping, integrated with a cloud service for HSM...
ElevenPaths #CyberSecurityPulse: Private enterprise’s sad contribution to sharing threat intelligence in the United States After just over two years of Congress passed a major bill that encouraged businesses to share with the government how and when threat actors were trying to get into...
Innovation and Laboratory Area in ElevenPaths Winner of the #EquinoxRoom111 Contest We already have a winner of TheTHE's plugin contest. Discover our collaborative tool for Threat Hunting teams.
Innovation and Laboratory Area in ElevenPaths Developing a Tool to Decrypt VCryptor Ransomware (Available on NoMoreRansom.org) Discover how VCryptor ransomware works and the tool we have developed as part of NoMoreRansom.org to decrypt it.
Innovation and Laboratory Area in ElevenPaths Five interesting own tools that you may have missed (and a surprise) This time we are going to rehash a blog entry by gathering some of the own tools that we have recently developed and we consider of interest. We summarize...
ElevenPaths Rock appround the clock, our research in DEFCON In the world of Threat Intelligence, determining the attacker’s geographical location of is one of the most valuable data for attribution techniques, even if not perceived like that, this...
Innovation and Laboratory Area in ElevenPaths Developing a Tool to Decrypt VCryptor Ransomware (Available on NoMoreRansom.org) Discover how VCryptor ransomware works and the tool we have developed as part of NoMoreRansom.org to decrypt it.
Gonzalo Álvarez Marañón 20 Questions about Covid-19 Tracing Apps Covid-19 tracking apps may raise many questions about citizens' privacy and security. We solve some of them in this article.
Innovation and Laboratory Area in ElevenPaths Our Telegram channel CyberSecurityPulse has already a webpage Our Cybersecurity Pulse Telegram channel already has a website. Follow us to keep up to date with the most relevant cybersecurity news.
ElevenPaths Dumpster diving in Bin Laden’s computers: malware, passwords, warez and metadata (II) What would you expect from a computer network that belongs to a terrorists group? Super-encrypted material? Special passwords? The Central Intelligence Agency (CIA) on 1 November 2017 released additional...
New tool: PySCTCheckerElevenPaths 3 July, 2017 This is a “Quick and dirty” Python script for checking if a domain properly implements Certificate Transparency. If so, it is possible to observe how Certificate Transparency is implemented on the server side. When a server implements Certificate Transparency, it must offer at least one SCT (a proof of inclusion of the server TLS Certificate into a Transparency Log). A SCT can be offered by three different ways: Embedded in the certificate As a TLS extension Via OCSP Stapling Using PySCTChecker is possible to identify the delivery options that the server uses and the logs where certificate has been sent to. Also, it is possible to check if the offered SCTs are valid and legitimately signed by logs. This script needs just a list of domains as input. For each domain, it will check if the server implements Certificate Transparency. If the server offers any SCT, the script will show extra information about it, such for example the logs where the TLS certificate has been sent and which method the server uses to deliver the SCT. Usage: python PySCTChecker/ct_domains_sct_checker.py [domain1 domain2 …] Output example: This is a quick and dirty implementation since it uses OpenSSL for some features, but we hope it helps understand how certificate transparency works. You can download and check source code from here. This tool reinforces our set of tools related with Certificate Transparency developed from ElevenPaths: ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Nuevo plugin para FOCA: SCT Checker Innovación y laboratorio www.elevenpaths.com The Intelligent MSSPElevenPaths participates in AMBER (“enhAnced Mobile BiomEtRics”) project
Innovation and Laboratory Area in ElevenPaths Winner of the #EquinoxRoom111 Contest We already have a winner of TheTHE's plugin contest. Discover our collaborative tool for Threat Hunting teams.
Innovation and Laboratory Area in ElevenPaths Developing a Tool to Decrypt VCryptor Ransomware (Available on NoMoreRansom.org) Discover how VCryptor ransomware works and the tool we have developed as part of NoMoreRansom.org to decrypt it.
ElevenPaths Cybersecurity Weekly Briefing 23-29 May Critical-Severity RCE Vulnerability in Cisco Unified CCX Cisco has fixed a critical remote code execution bug in the Java Remote Management Interface of Cisco Unified Contact Center Express (CCX). This...
Gabriel Bergel Decepticons vs. Covid-19: The Ultimate Battle Social engineering is being used more than ever by cybercriminals. What do Decepticons have to do with it?
Gonzalo Álvarez Marañón 20 Questions about Covid-19 Tracing Apps Covid-19 tracking apps may raise many questions about citizens' privacy and security. We solve some of them in this article.
Gonzalo Álvarez Marañón Zoom Seeks to Be More Secure and Purchases Keybase The most downloaded video call app during the quarantine responds to criticism for its serious security and privacy issues.
