Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths ElevenPaths has achieved AWS Security Competency status Telefónica Tech’s cybersecurity company has demonstrated deep technical and consulting expertise helping large enterprises to adopt, develop and deploy complex cloud security projects that protect their environments on AWS...
ElevenPaths Cyber Security Weekly Briefing January 2-8 SolarWinds Update To end the year, Microsoft published an update of its findings regarding the impact of the SolarWinds incident on its systems. In this release, it emphasizes that neither...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths Cybersecurity Weekly Briefing October 3-9 New botnet detected that deletes data from the infected device A group of researchers from the company Netlab 360 published yesterday their latest findings on a new botnet that specialises...
Nacho Palou Cybercrime, a constant threat to all types of companies Cyber threats have existed since technology began to be used in companies and organizations. But the evolution of the technology world in the 21st century has changed the landscape:...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Diego Samuel Espitia Detecting the Indicators of An Attack We always choose to implement prevention and deterrence rather than containment mechanisms in security. However, the implementation of these mechanisms is not always effective or simple to set up...
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Sergio de los Santos A government is known by the Apple data it requests Sometimes, governments need to be underpinned by huge corporations to carry out their work. When a threat depends on knowing the identity or gaining access to a potential attacker...
ElevenPaths Your feelings influence your perception of risk and benefit more than you might think Security is both a feeling and a reality —Bruce Schneier Daniel Gardner starts his book The Science of Fear with the shocking history of US September 11 attacks: And so in...
ElevenPaths Why you are late delivering all your projects and what you can do to address it Anyone who causes harm by forecasting should be treated as either a fool or a liar. Some forecasters cause more damage to society than criminals. —Nassim Taleb, The Black Swan, 2007 In 1957,...
ElevenPaths How the “antimalware” XProtect for MacOS works and why it detects poorly and badly Recently, MacOS included a signature in its integrated antivirus, intended to detect a binary for Windows; but, does this detection make sense? We could think it does, as a...
ElevenPaths How to forecast the future and reduce uncertainty thanks to Bayesian inference (II) In the first part of this article we explained how Bayesian inference works. According to Norman Fenton, author of Risk Assessment and Decision Analysis with Bayesian Networks: Bayes’ theorem is...
ElevenPaths New research: Docless Vietnam APT. A very interesting malware against Vietnam Government We have detected a malware sent to some email accounts belonging to a Vietnam government domain. This email is written in Vietnamese and is dated March 13th, 2019. It seems to...
ElevenPaths How to forecast the future and reduce uncertainty thanks to Bayesian inference (I) Imagine that you come back home from San Francisco, just arrived from the RSA Conference. You are unpacking your suitcase, open the drawer where you store your underwear and…...
ElevenPaths The base rate fallacy or why antiviruses, antispam filters and detection probes work worse than what is actually promised Before starting your workday, while your savoring your morning coffee, you open your favorite cybersecurity newsletter and an advertisement on a new Intrusion Detection System catches your attention: THIS IDS...
ElevenPaths If you want to change your employees’ security habits, don’t call their will, modify their environment instead You’re in a coffee bar and you need to connect your smartphone to a Wi-Fi, so you check your screen and see the following options. Imagine that you know...
ElevenPaths Don’t confuse the frequency of an incident with the ease you remember it Imagine that there have been a few robberies in two parks of your town that have got all the attention for days. This afternoon you would like to go...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick FOCA Final Version, the ultimate FOCA You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Florence Broderick Latch, new ElevenPaths' service During the time we’ve been working in ElevenPaths we’ve faced many kind of events internally, buy one of the most exciting and awaited is the birth of Latch. It’s a technology of our...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
