Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths ElevenPaths has achieved AWS Security Competency status Telefónica Tech’s cybersecurity company has demonstrated deep technical and consulting expertise helping large enterprises to adopt, develop and deploy complex cloud security projects that protect their environments on AWS...
ElevenPaths Cybersecurity Weekly Briefing 29 August-4 September Red Dawn, new attached document from Emotet The use of a new attached document template by Emotet has been identified over the past week. The name given by security researcher Joseph...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths AuthCode: Our award-winning continuous-authentication system, jointly developed with the University of Murcia Continuous-authentication systems aim to identify users’ behavior through interactions with their device. The main advantage of this type of authentication is that it improves users’ experience when using services...
ElevenPaths Cyber Security Weekly Briefing December 5-11 Microsoft Security Newsletter On December 8, Microsoft published its monthly security update newsletter, which this time includes patches for 58 vulnerabilities and an advisory for various Microsoft products. Nine of...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Nacho Brihuega Zerologon, Patch or Die! Zerologon. If you are in the IT world and haven’t heard this name yet, you should be worried. Keep reading. Zerologon is possibly the vulnerability of this “special” year and...
ElevenPaths Cybersecurity Weekly Briefing July 25-31 BootHole: Vulnerability in GRUB2 Eclypsium researchers have discovered a buffer overflow vulnerability in the GRUB2 bootloader that could be used to execute arbitrary code during the boot process. It has...
Innovation and Laboratory Area in ElevenPaths DIARIO: Our Privacy-Friendly Document Malware Detector DIARIO makes possible to scan and analyse documents for malware detection with no need to know the content of those files.. Find out more in this post.
David García Bestiary of a Poorly Managed Memory (II) Our expert David Garcia shows what happens when the same block of reserved memory is released twice, the so-called double free.
Nacho Brihuega IoT Device Search Engines: Why Choose if We Can Use All of Them? Nacho Brihuega explains how to use IoT device search engines to detect vulnerabilities and the functioning of a script that will make your research easier.
David García Bestiary of a Poorly Managed Memory (I) WannaCry, EternalBlue, Conficker... their cyber attacks have one thing in common: the arbitrary code execution. Discover how they happen.
Gonzalo Álvarez Marañón DataCOVID-19: Fighting the Coronavirus by Using the Approximate Location Data of Your Smartphone Find the answers to your questions about how the Spanish Government is using Big Data to improve research on the COVID-19 pandemic.
Innovation and Laboratory Area in ElevenPaths Do You Dare to Develop a TheTHE Plugin? #EquinoxRoom111 Contest Dare yourself to participate in our contest by creating your own plugin for TheTHE, our tool for Threat Hunting teams.
ElevenPaths What Kind of Professionals Work in Our Security Operations Center (SOC)? Discover the different profiles of the SOC professionals in this post, who work day and night to provide the best security to our customers.
Gabriel Bergel Risk Analysis Applied to COVID-19 Our CSA Gabriel Bergel shows you how to apply the Risk Analysis methodology to the management of the COVID-19 threat.
Gonzalo Álvarez Marañón Top 10 TED Talks to Learn about Cyber Security Discover the top 10 talks to learn about cybersecurity and, at the same time, some ways to improve your own presentations.
SCC CyberThreats Service COVID-19: Risk Guide and Recommendations on Cyber Security From the point of view of cyber security, the current situation caused by the coronavirus is also particularly worrying. Users and companies are being threatened. From the Telefonica’s SCC...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Florence Broderick Latch, new ElevenPaths' service During the time we’ve been working in ElevenPaths we’ve faced many kind of events internally, buy one of the most exciting and awaited is the birth of Latch. It’s a technology of our...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
