Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Diego Samuel Espitia When Preventing a Cyberattack Becomes a Vital Decision In recent years, the number of incidents in critical infrastructure networks and industrial systems has increased significantly. There have been attacks with a high degree of complexity and knowledge...
Andrés Naranjo The Challenge of Online Identity (I): Identity Is the New Perimeter We often find ourselves in situations where we are faced with a mission and, as the mission goes on, we realise that the first choices we made were not...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 5 – 11 November Robin Banks Phishing Platform Reactivated Researchers at IronNet have published the second part of their investigation into the Robin Banks phishing-as-a-service platform. The platform was discovered in June this year...
Carlos Ávila The Pharmaceutical Retail Industry and Their Mobile Applications Are users of pharmaceutical applications safe in terms of data security and privacy? Discover this analysis from our CSA Carlos Ávila.
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
Telefónica Tech Cyber Security Weekly Briefing, 15 – 19 May Vulnerabilities in cloud platforms Otorio’s team of researchers found 11 vulnerabilities affecting different cloud management platform providers. Sierra Wireless, Teltonika Networks and InHand Networks are the affected companies. The security flaws...
Carlos Ávila The Pharmaceutical Retail Industry and Their Mobile Applications Are users of pharmaceutical applications safe in terms of data security and privacy? Discover this analysis from our CSA Carlos Ávila.
Diego Samuel Espitia Business Continuity Plan: From Paper to Action How many Business Continuity Plans considered a global pandemic among the possible causes of business blockage?
Rafael Ortiz How to Make API REST Requests to Tor Hidden Services in an Android APK If you are a developer and want to test your Android app with a Tor hidden service, here's how.
Innovation and Laboratory Area in ElevenPaths CapaciCard Is Already Working on iPhone Can you imagine authenticating yourself or authorizing a payment by simply swiping a card on your iPhone screen? CapaciCard makes it possible.
David García Bestiary of a Poorly Managed Memory (III) Our expert David Garcia explains some consequences of poor memory management such as dangling pointers or memory leaks.
Diego Samuel Espitia TypoSquatting: Using Your Brain to Trick You Our brain capacity is outstanding but it also creates some cybersecurity risks. Discover why in this post.
Innovation and Laboratory Area in ElevenPaths DIARIO: Our Privacy-Friendly Document Malware Detector DIARIO makes possible to scan and analyse documents for malware detection with no need to know the content of those files.. Find out more in this post.
David García Bestiary of a Poorly Managed Memory (II) Our expert David Garcia shows what happens when the same block of reserved memory is released twice, the so-called double free.
Nacho Brihuega IoT Device Search Engines: Why Choose if We Can Use All of Them? Nacho Brihuega explains how to use IoT device search engines to detect vulnerabilities and the functioning of a script that will make your research easier.
David García Bestiary of a Poorly Managed Memory (I) WannaCry, EternalBlue, Conficker... their cyber attacks have one thing in common: the arbitrary code execution. Discover how they happen.
ElevenPaths ElevenPaths creates an addon to make Firefox compatible with Certificate Transparency Certificate Transparency will be mandatory in Chrome for new certificates in late 2017. This means that the webpages will show an alert if protected by certificates not present in...
Florence Broderick ElevenPaths Talks: The ISF Standard of Good Practice for Information Security REGISTER HERE! On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is...
Florence Broderick Mobile Connect winner of the 'Connected Life Awards' Mobile Connect is a multi-operator solution driven by GSMA for universal secure access. The user only needs to link their information to their mobile device solution to have quick...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick Heartbleed plugin for FOCA By now, everyone knows about Heartbleed. Just like we did for FaasT, we have created a plugin for FOCA (final version) one of our most downloaded tools. This plugin...
