Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Juan Elosua Tomé Triki: Cookie Collection and Analysis Tool In July 2020, the Spanish Data Protection Agency, following the entry into force of the European General Data Protection Regulation and several consultations with the European Data Protection Committee...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (I) At this point in time and looking back on 2020, nobody would have imagined the advance in the digitalisation of organisations and companies due to the irruption of homeworking...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
José Vicente Catalán What Little Red Riding Hood teaches us about cyber security They say that a good fairy tale will be considered as such if it has many different readings and is able to convey hundreds of different messages. Little Red...
ElevenPaths Cyber Security Weekly Briefing April 24-30 BadAlloc – Critical Vulnerabilities in Industrial IoT and OT Devices Microsoft security researchers have discovered 25 critical remote code execution (RCE) vulnerabilities, collectively referred to as BadAlloc, affecting a wide...
ElevenPaths How to forecast the future and reduce uncertainty thanks to Bayesian inference (I) Imagine that you come back home from San Francisco, just arrived from the RSA Conference. You are unpacking your suitcase, open the drawer where you store your underwear and…...
ElevenPaths The base rate fallacy or why antiviruses, antispam filters and detection probes work worse than what is actually promised Before starting your workday, while your savoring your morning coffee, you open your favorite cybersecurity newsletter and an advertisement on a new Intrusion Detection System catches your attention: THIS IDS...
ElevenPaths If you want to change your employees’ security habits, don’t call their will, modify their environment instead You’re in a coffee bar and you need to connect your smartphone to a Wi-Fi, so you check your screen and see the following options. Imagine that you know...
ElevenPaths Don’t confuse the frequency of an incident with the ease you remember it Imagine that there have been a few robberies in two parks of your town that have got all the attention for days. This afternoon you would like to go...
ElevenPaths GSMA IoT Security Champion: Award to our IoT Security team We have a lot to be happy about! Our IoT Security team, dedicated to cybersecurity specialized in the increasingly relevant world of the Internet of Things, has received a...
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (II) Over the last entry we focused on analyzing the content of these files from a critical point of view, this is: on clarifying that when a massive leak freeing...
Gonzalo Álvarez Marañón Post-Quantum Future Is Around the Corner and We Are Still Not Prepared Every year we have more powerful computers with a higher calculation capacity, is that fact good or bad? Think twice before giving an answer. It depends. Because if global information...
ElevenPaths The hugest collection of usernames and passwords has been filtered…or not (I) Sometimes, someone frees by mistake (or not) an enormous set of text files with millions of passwords inside. An almost endless list of e-mail accounts with their passwords or...
ElevenPaths Detected an extension in Chrome Web Store, active from February, that steals credit cards We have detected an extension for Google Chrome, still active, that steals data from web site forms visited by the victims. This extension, which is still available on Chrome...
Gonzalo Álvarez Marañón 2019 Won’t Be the Year When Quantum Computers Replace the Cryptography That We All Use What would happen if a fully error corrected quantum computer of several thousands of logical qubits started working today? Public key infrastructures would fall down. The secrets of the...
ElevenPaths Telefónica WannaCry File Restorer: How can we recover information deleted by WannaCry? When cyberattacks occur in large organizations, it is crucial to remember where duplicate files are stored, as this information is also subject to infection by a malware virus or...
Florence Broderick Our CEO, Pedro Pablo Pérez, will represent Telefonica in the European Cyber Security Organization Brussels and the cybersecurity industry will earmark up to 1.8 billion euros in research TELEFONICA JOINS THE DECISION-MAKING BODIES OF THE EUROPEAN CYBER SECURITY ORGANIZATION AS...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick Who are you going to believe, me or your own eyes? The dilemma of managed security Organizations are facing a context of increasingly complex IT threats jeopardizing the everyday development of production processes. We are referring to persistent advanced attacks, zero-day threats, industrial espionage, hacktivism,...
Florence Broderick New Tool: MicEnum, Mandatory Integrity Control Enumerator In the context of the Microsoft Windows family of operating systems, Mandatory Integrity Control (MIC) is a core security feature introduced in Windows Vista and implemented in subsequent lines...
