Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
Sergio de los Santos Pay When You Get Infected by Ransomware? Many Shades of Grey The Internet is full of articles explaining why ransomware should not be paid. And they are probably right, but if you don’t make a difference between the type of ransomware and...
ElevenPaths Cybersecurity Weekly Briefing October 3-9 New botnet detected that deletes data from the infected device A group of researchers from the company Netlab 360 published yesterday their latest findings on a new botnet that specialises...
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths #CyberSecurityPulse: Monero and EternalRomance, the perfect formula Last year’s release by ShadowBrokers about tools belonging to the National Security Agency continues to be a talking point. A new malware which utilizes the EternalRomance tool has appeared...
Alexandre Maravilla Digital Identity Wallets against identity theft fraud Identity theft or impersonation is a type of fraud in which criminals manage to supplant the identity of the person being deceived, based on the theft of their personal...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
ElevenPaths Cybersecurity Weekly Briefing 26 September – 2 October The logistics giant CMA CGM affected by a cyber attack This week, the French logistics group CMA CGM, which operates in 160 different countries, reported via its website and social...
Gonzalo Álvarez Marañón Challenges and Business Opportunities of Post Quantum Cryptography Sooner or later we'll have to make the leap to post-quantum cryptography. Discover this new system and prepare your organization for change.
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
Florence Broderick White Paper: Practical hacking in IPv6 networks with Evil FOCA We have released a white paper about practical hacking in IPv6 networks with Evil FOCA. This document describes IPv6 basic concepts, most common IPv6 current attacks and how to implement...
Florence Broderick Information leakage in Data Loss Prevention leader companies Gartner has released a study that classifies the most important companies that offer Data Loss Prevention (DLP) solutions depending on their position, strategy, effectiveness, and market leadership. We have made...
Florence Broderick Mobile banking and banking trojans During 2012 there was an increase around 28% in mobile banking or M-Banking operations. Users can access their bank accounts from their mobile devices, mainly making use of a specifically...
Florence Broderick (re) Introducing Evil Foca (DEFCON Edition) Evil Foca was introduced in early April, as a tool to make local networks pentesters and auditors life easier. In a simple way and with a very simple interface too, it allows...
Florence Broderick FaaS: Visión global de Pentesting by Design La idea que tenemos sobre seguridad es diferente sobre lo que históricamente las organizaciones han ido utilizando. ¿Realmente es lo que necesitaban? Pensamos que un sistema continuo de pentesting...
Florence Broderick Eleven Paths is growing Eleven Paths is growing. Apart from the people who joined from the beginning (just two months ago!), we’ve been hiring new employees that will have a key role in...
Florence Broderick Security should be transparent, but ready when needed Security should be totally transparent for users; this was one of the key messages we discussed last week during the press conference we did with several journalists when launching Eleven...
Florence Broderick The beginning It is widely known that writing the first post is always a difficult task, but it is a compelling one. It’s the start of a new path that you...
Innovation Marketing Team Empowering women in entrepreneurship: 10 female – led startups in Germany In Germany, only about 15% of startups are initiated by women. Sadly, the figure has been stagnant for years. Additionally, female-led startups receive significantly less Venture Capital than those...
ElevenPaths Squeezing the numbers and facts of Google’s annual Android security report Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
ElevenPaths Latch and IoT, a perfect symbiosis The Internet of Things stopped being the future to become our present. It’s rare that on any given day we do not interact in one way or another with...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...