Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Telefónica Tech Cyber Security Weekly Briefing, 27 May – 2 June Backdoor discovered in hundreds of Gigabyte motherboards Cybersecurity researchers at Eclypsium discovered a secret backdoor in the firmware of hundreds of Gigabyte motherboard models, a well-known Taiwanese manufacturer. Every time...
ElevenPaths Cybersecurity Weekly Briefing 6-12 June Enel and Honda Compromised by Snake Ransomware Italian energy corporation Enel and Japanese automotive giant Honda were hit last weekend by ransomware attacks that would have impacted on their IT...
Innovation and Laboratory Area in ElevenPaths 4th Anniversary of No More Ransom: ElevenPaths, Partner Entity with Two Tools Discover the tools we contribute to this important initiative launched by Europol to help ransomware victims.
Telefónica Tech Cyber Security Weekly Briefing, 19 – 23 June Critical vulnerabilities in Asus routers Asus has issued a security advisory addressing a total of nine vulnerabilities affecting multiple router models. Among these security flaws, the one registered as CVE-2022-26376,...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
ElevenPaths ElevenPaths Radio English #1 – Skills of a Cybersecurity Professional In this first episode, our CSA Deepak Daswani discusses what a true cybersecurity professional must have to be valuable to companies.
Gonzalo Álvarez Marañón Plausibly Deniable Encryption or How to Reveal A Key Without Revealing It When the secret police arrested Andrea at the airport checkpoint, she thought it was a mere formality reserved for all foreign citizens. When they searched her luggage and found...
Telefónica Tech Cyber Security Weekly Briefing, 12 – 16 June Microsoft has fixed more than 70 vulnerabilities in its June Patch Tuesday Microsoft has released its June Patch Tuesday, addressing a number of critical, high, medium and low severity vulnerabilities....
Martiniano Mallavibarrena ‘Insiders’ in Cybersecurity: “Catch me if you can” Within companies, there is a significant window of opportunity for cybersecurity incidents: disgruntled employees, suppliers, subcontractors...
Innovation and Laboratory Area in ElevenPaths AMSIext: Our Extension That Detects Malware in the Browser Memory Given the evolution in malware propagation techniques, we need mechanisms to detect threats as soon as possible such as AMSIext.
Sandra Tello The COVID crisis and diversity in the technology field The pandemic has highlighted the need for STEM profiles The coronavirus pandemic is estimated to have accelerated digitalisation by 5 to 10 years. This means that the technology sector will...
ElevenPaths A story about two minds: the vast difference between real and perceived risk “In our society it is generally not considered justifiable to make a decision purely on an emotional response. We want to be considered scientific and rational, so we come up with...
ElevenPaths Rock appround the clock, our research in DEFCON In the world of Threat Intelligence, determining the attacker’s geographical location of is one of the most valuable data for attribution techniques, even if not perceived like that, this...
ElevenPaths CryptoClipWatcher, our new tool against crypto clipboard hijacking techniques Since 2017, this technique is becoming quite popular. Cryptocurrency in general is a new target for malware, and mining Bitcoins is not profitable anymore in regular computers (maybe Monero...
ElevenPaths #CyberSecurityPulse: Private enterprise’s sad contribution to sharing threat intelligence in the United States After just over two years of Congress passed a major bill that encouraged businesses to share with the government how and when threat actors were trying to get into...
ElevenPaths #CyberSecurityPulse: New proposal to adapt U.S. Marine Corps capabilities to the new times The head of the U.S. Marine Corps wants to remodel his team. The Marine Corps is considering offering bonuses and other benefits to attract older, more experienced Marines to...
ElevenPaths ElevenPaths Announces Strategic Security Alliance with Devo Provides Telefónica Customers Advanced Cybersecurity Monitoring and Protection Services Through Devo Data Operations Platform. Madrid- Thursday 14th of June, 2018. ElevenPaths, the Telefónica Cybersecurity Unit, specialized in development of innovative...
ElevenPaths #CyberSecurityPulse: Changing stereotypes in the security sector Ripples of outrage spread across the cybersecurity industry last week after women in red evening gowns were seen promoting a product at the Infosecurity Europe 2018 conference. The event’s...
ElevenPaths New tools: Metashield Bots, analyzing and cleaning metadata for everyone, from everywhere You all know Metashield. Basically, it is a technology from our own to analyze and clean metadata, that is used in several of our own products. Although metadata seems...
ElevenPaths ElevenPaths further strengthens its reputation as a cybersecurity services provider Today was the fifth edition of the Security Day event, organized by ElevenPaths, the Telefónica Cybersecurity Unit, which took place in Madrid, under the slogan “Cybersecurity On Board“. This...
ElevenPaths #CyberSecurityPulse: Google’s project to fight election attacks On the night of the primary elections in May, the residents from the county Knox, Tennessee, did not know who had won for about an hour. They did not...
Innovation Marketing Team Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
Florence Broderick Quick and dirty script in Powershell to check certificate fingerprints Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
