Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
Innovation and Laboratory Area in ElevenPaths Uncovering APTualizator: the APT that patches Windows By the end of June 2019, we assisted to an incident were a high number of computers had started to reboot abnormally. In parallel, Kaspersky detected a file called swaqp.exe, which apparently...
ElevenPaths #CyberSecurityPulse: From the bug bounties (traditional) to the data abuse bounties Social networks image The Internet giants are going to great lengths to be transparent with their communication about the information they are gathering from their users. In the case...
ElevenPaths New report: Twitter botnets detection in sports event We all know that a botnet is a number of Internet-connected devices, each of which is running one or more bots. Botnets can be used to perform DDoS attacks,...
Innovation and Laboratory Area in ElevenPaths EasyDoH Update Hot off the Press: New Improvements and Functionalities Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
ElevenPaths New tool: SKrYPtEd, your Skype conversations local database protector Did you know your Skype conversations are stored in plaintext in your hard drive? Did you know anyone could just grab them with some kind of malware and upload...
Sergio De Los Santos The attack against OpenPGP infrastructure: consequences of a SOB’s actions What is happening with the attack against OpenPGP infrastructure constitutes a disaster, according to the affected people who maintain the protocol. Robert J. Hansen, who communicated the incident, has...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
Sergio De Los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
ElevenPaths How to forecast the future and reduce uncertainty thanks to Bayesian inference (II) In the first part of this article we explained how Bayesian inference works. According to Norman Fenton, author of Risk Assessment and Decision Analysis with Bayesian Networks: Bayes’ theorem is...
ElevenPaths Tackling Cybercrime: Three Recommendations for 2018 In 2017 we saw ransomware variants such as Wannacry wreak havoc across computer networks in the UK. Not only were these variants of malware almost impossible to remove from...
Latch Plugins Contest 2016: Videos and DocumentationFlorence Broderick 21 February, 2017 You can find here the compilation of plugins submitted to the Latch Plugins Contest 2016. Congratulations to all participants for the work done and the results! Plugin Name: Latch OpenWRT. Author: Juan Camero. Description: Plugin for the OpenWRT open firmware for neutral routers that allows to manage the internet connection of wireless devices in an intuitive way through a smartphone with Latch. Github Linkb: https://github.com/JCameroMartin/LatchOpenWRT Documentation Link: https://github.com/JCameroMartin/LatchOpenWRT Video Link: Plugin Name: Umbraco Latch Author: Cristhian Amaya Description: Plugin or package in Umbraco’s jargon (CMS open source) that allows to protect several operations of the administration area or backoffice. Github Link: https://github.com/camaya/umbraco-latch Documentation Link: https://github.com/camaya/umbraco-latch Video Link: Plugin Name: Latchdroid Author: Pepe Nieto Description: Lock of Android devices with Latch acting as a curfew, so that minors stop using these devices. Github Link: https://www.github.com/ppnieto/latchdroid Documentation Link: https://github.com/ppnieto/latchdroid/blob/master/Latchdroid-UserManual.pdf Video Link: Plugin Name: Heaven´s Door RA. Author: Matías Troncoso. Description: Plugin that allows the activation/deactivation of remote access to a device through the Internet. Performing a Port Forwarding on the router that allows access to the Internet. Github Link: https://github.com/matiast-gh/heavens-door-ra Documentation Link: https://github.com/matiast-gh/heavens-door-ra/tree/master/docs Video Link: Plugin Name: Latch MyCar. Author: Diego Gamboa. Description: It adds a security layer to vehicles that are powered by mobile devices or wireless keys. Github Link: https://github.com/skyg4mb/LatchMyCar Documentation Link: https://micloud.movistar.es/share/8de115813d5a02b302b2017055a66b33b1239716b47432b0#1 Video Link: Plugin Name: Mosquito MQTT Author: Álvaro Caso Description: A Mosquitto plugin that allows us to easily add a second factor authorization to the IoT ecosystem, performing the integration in the platform (MQTT Broker), releasing resources and maximizing compatibility and scalability. Github Link: https://github.com/oribit/latch-plugin Documentation Link: https://github.com/oribit/latch-plugin/tree/master/manual Video Linko: We would like to take this opportunity to remind you the winners of the contest: First prize: 5.000 USD. Winner: Alvaro Caso. Plugin: Mosquito MQTT. Second prize: 2.000 USD. Winner: Juan Camero. Plugin: Latch OpenWRT. Thank you all for participating! ElevenPaths and Enigmasec associated to help small and medium organizations in face of the invasion of systems4 reasons why you should visit the LUCA stand at MWC2017
Innovation and Laboratory Area in ElevenPaths EasyDoH Update Hot off the Press: New Improvements and Functionalities Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several...
Innovation and Laboratory Area in ElevenPaths Google report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10% Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers? Over this report we have analyzed...
Innovation and Laboratory Area in ElevenPaths EasyDoH: our new extension for Firefox that makes DNS over HTTPS simpler A year ago, the IETF has raised to RFC the DNS over HTTPS proposal. This new is more important than it may seem. For two reasons: firstly, it’s a...
Sergio De Los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
ElevenPaths New tool: Masked Extension Control (MEC), don’t trust Windows extensions Windows relies too much on extensions to choose the program that must process a file. For instance, any .doc file will be opened by Word, regardless of its “magic...
Innovation and Laboratory Area in ElevenPaths Five interesting own tools that you may have missed (and a surprise) This time we are going to rehash a blog entry by gathering some of the own tools that we have recently developed and we consider of interest. We summarize...
