ElevenPaths Cyber Security Weekly Briefing May 1-7 Apple fixes four 0-day vulnerabilities in WebKit Apple released yesterday a security update to fix four 0-day vulnerabilities that could be actively exploited, according to Apple itself. These four flaws...
ElevenPaths Cyber Security Weekly Briefing April 24-30 BadAlloc – Critical Vulnerabilities in Industrial IoT and OT Devices Microsoft security researchers have discovered 25 critical remote code execution (RCE) vulnerabilities, collectively referred to as BadAlloc, affecting a wide...
Innovation and Laboratory Area in ElevenPaths DIARIO: Our Privacy-Friendly Document Malware Detector DIARIO makes possible to scan and analyse documents for malware detection with no need to know the content of those files.. Find out more in this post.
ElevenPaths New report: Twitter botnets detection in sports event We all know that a botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform DDoS attacks,...
ElevenPaths Cyber Security Weekly Briefing May 1-7 Apple fixes four 0-day vulnerabilities in WebKit Apple released yesterday a security update to fix four 0-day vulnerabilities that could be actively exploited, according to Apple itself. These four flaws...
ElevenPaths Cyber Security Weekly Briefing April 10-16 0-days in Chrome and Edge Security researcher Rajvardhan Agarwal has discovered a 0-day vulnerability in the current versions of Google Chrome and Microsoft Edge, which he has made public via his...
ElevenPaths m33tfinder: a vulnerability on Cisco Meeting Server detected by ElevenPaths On November 7th, while we were holding our Security Innovation Day, Cisco published a security advisory with CVE-2018-15446 associated to a vulnerability on the software Cisco Meeting Server reported by our Innovation and Labs...
ElevenPaths ElevenPaths Radio English #5 – The Path After a Security Audit What is the path for a company after a security audit? It is increasingly common for companies of all sizes to decide to carry out such analyses, but what...
ElevenPaths Tips to Download Apps Securely The arrival of smartphones brought about a paradigm shift in the way we use and consume content through mobile devices. So much so that, from that moment on, they...
ElevenPaths Cyber Security Weekly Briefing May 1-7 Apple fixes four 0-day vulnerabilities in WebKit Apple released yesterday a security update to fix four 0-day vulnerabilities that could be actively exploited, according to Apple itself. These four flaws...
ElevenPaths Tips to Download Apps Securely The arrival of smartphones brought about a paradigm shift in the way we use and consume content through mobile devices. So much so that, from that moment on, they...
Gonzalo Álvarez Marañón Encryption That Preserves The Format To Ensure The Privacy Of Financial And Personal Data Your personal information swarms through thousands of databases of public and private organizations. How do you protect its confidentiality so that it does not fall into the wrong hands?...
The Pharmaceutical Retail Industry and Their Mobile ApplicationsCarlos Ávila 21 May, 2020 The pharmaceutical retail industry has been forced to act much faster in this race of the so-called “digital transformation” due to the global pandemic that society is currently going through. Therefore, pharmaceutical companies have had to use applications already deployed or they have had to deploy applications quickly. These applications are the same ones that move their business to manage prescriptions and orders for drugs, discounts, etc. and that make the use of their services attractive to customers in this period of high demand for drugs. On the other hand, many governments around the world established the mandatory quarantine, which led people make greater use of digital media for the purchase of medicines, food, and other products. As a result, mobile applications and the infrastructure supporting them play a key role today and are likely to be introduced into our daily lives more than ever before. What Are the Implications of This? All the data generated through the customers are managed by your mobile device and the technological infrastructure (in-house or third-party) of the pharmaceutical companies. As you might expect, these applications could have vulnerabilities and pose a risk to customer data. Many of these applications have direct communication with company devices and systems running internal processes, creating an additional attack vector for cybercriminals seeking this type of information. Image 1: Description and functionalities of pharmaceutical applications For this analysis, we have selected the latest version of 29 applications (iOS/Android) from pharmaceutical companies where the user can access various services. These include, mainly, online purchase of drugs and management of medical prescriptions. The applications were randomly selected from pharmaceutical companies in South America, Spain, and the United States. Within this set of application samples, we focused on analysing only the mobile application. Although weaknesses were discovered on the server side (backend), these were not included. For this analysis, we employed an Android device (rooted), an iPhone 5S (no jailbreak) and our platforms mASAPP (continuous security analysis of mobile applications) and Tacyt (mobile threat cyberintelligence tool). Analysis Results The OWASP Top 10 Mobile Security Controls performed general tests. These are only an overview of the number of tests that could be done on these mobile applications in a comprehensive manner. In our case, the results showed that, although security controls were implemented for the development of these types of applications, several weaknesses to be fixed were found and, above all, maintain continuous improvement in the development process. The vulnerabilities found according to the controls evaluated are in the following summary matrix: General summary of analysed control results(-) Feature applicable only on Android platforms Firstly, we wish to highlight several weaknesses that we found in easily-readable structures such as XML, API Keys, or configuration files. This denotes insecure local storage. Image 2: Certificate/Key Hardcoded files Image 3: Readable API Keys Hardcoded Files While a large number of these applications establish secure communication channels (HTTPS) with their backends, some unencrypted HTTP channels are still working, as showed in our results box. We also found applications that do not verify the authenticity of their certificates or self-signed certificates. This shows that security needs to be improved in this regard. Image 4: Use of Self-Signed Certificates Also, among other unsecure application programming practices, we noted the lack of code obfuscation features (depersonalization) to make the reversing process harder in almost all Android applications. Image 5: Review of java classes after reversing process Image 6: Documentation and technical comments in detail A not-insignificant fact in this analysis is that 5 of the applications were found by Tacyt on unofficial markets. In many cases they were deployed by users who did not necessarily own the application (we do not know for what purpose). Image 7: Sample of an application found on other unofficial markets Conclusions We believe that these findings are a further contribution to the progress towards enhanced security and hope that they will help application developers from the pharmaceutical sector. In this global health crisis, there have been many other cases where industries have had to transform abruptly many of their traditional services into digital services, with all the IT risks that this entails. Managing the security and privacy of the user data of pharmaceutical applications is essential since these store private data of our health. It is important for companies within this sector to be aware that their customer data is exposed to computer risks and that, by performing appropriate controls and continuous evaluations, they should protect it −also keeping their technological infrastructure safe from potential cyberthreats. Business Continuity Plan: From Paper to ActionBestiary of a Poorly Managed Memory (IV)
ElevenPaths Tips to Download Apps Securely The arrival of smartphones brought about a paradigm shift in the way we use and consume content through mobile devices. So much so that, from that moment on, they...
ElevenPaths Cyber Security Weekly Briefing May 1-7 Apple fixes four 0-day vulnerabilities in WebKit Apple released yesterday a security update to fix four 0-day vulnerabilities that could be actively exploited, according to Apple itself. These four flaws...
ElevenPaths Cyber Security Weekly Briefing April 24-30 BadAlloc – Critical Vulnerabilities in Industrial IoT and OT Devices Microsoft security researchers have discovered 25 critical remote code execution (RCE) vulnerabilities, collectively referred to as BadAlloc, affecting a wide...
ElevenPaths Do I Really Need an Antivirus? How can standard users protect themselves? In this article we explain what an antivirus is for and how you can be (more) protected.
Gonzalo Álvarez Marañón NFT Fever: The Latest Cryptocurrency Killing It Online In May 2007, the digital artist known as Beeple decided to create and publish a new piece of artwork on the Internet every day. True to his word, he...
Pablo Alarcón Padellano Telefónica Tech, recognized with Palo Alto Networks’ SASE, Cloud and Cortex Specializations We are the first partner in Spain awarded with Prisma SASE, Prisma Cloud and Cortex XDR/XSOAR specializations.
