ElevenPaths Do I Really Need an Antivirus? How can standard users protect themselves? In this article we explain what an antivirus is for and how you can be (more) protected.
Pablo Alarcón Padellano Telefónica Tech, recognized with Palo Alto Networks’ SASE, Cloud and Cortex Specializations We are the first partner in Spain awarded with Prisma SASE, Prisma Cloud and Cortex XDR/XSOAR specializations.
ElevenPaths Cyber Security Weekly Briefing 27 February – 5 March HAFNIUM attacks Microsoft Exchange servers with 0-day exploits Microsoft has detected the use of multiple 0-day exploits to carry out targeted attacks against on-premise versions of Microsoft Exchange Server (2013,...
ElevenPaths Cybersecurity Weekly Briefing 13-19 June Ripple 20 Vulnerabilities in TCP/IP Software JSOF researchers have discovered 19 0-day vulnerabilities, collectively called Ripple 20, in the TCP/IP software library developed by Treck that would affect more than...
ElevenPaths Cyber Security Weekly Briefing April 10-16 0-days in Chrome and Edge Security researcher Rajvardhan Agarwal has discovered a 0-day vulnerability in the current versions of Google Chrome and Microsoft Edge, which he has made public via his...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths CryptoClipWatcher, our new tool against crypto clipboard hijacking techniques Since 2017, this technique is becoming quite popular. Cryptocurrency in general is a new target for malware, and mining Bitcoins is not profitable anymore in regular computers (maybe Monero...
ElevenPaths The State of Cyber Risk in Spain In Spain, cybersecurity is becoming more of a priority among businesses across all industries. One way to quantify these cybersecurity postures is by looking at Spain’s security ratings across...
ElevenPaths Do I Really Need an Antivirus? How can standard users protect themselves? In this article we explain what an antivirus is for and how you can be (more) protected.
ElevenPaths Cyber Security Weekly Briefing April 10-16 0-days in Chrome and Edge Security researcher Rajvardhan Agarwal has discovered a 0-day vulnerability in the current versions of Google Chrome and Microsoft Edge, which he has made public via his...
ElevenPaths Cybersecurity Weekly Briefing September 19-25 New attack vector for vulnerability in Citrix Workspace Pen Test Partners security researcher Ceri Coburn has discovered a new attack vector for the CVE-2020-8207 vulnerability in Citrix Workspace corrected in...
ElevenPaths Cybersecurity Weekly Briefing October 24-30 Critical vulnerability in Hewlett Packard Enterprise SSMC Hewlett Packard Enterprise has fixed a critical authentication evasion vulnerability (CVE-2020-7197, CVSS 10) affecting its StoreServ Management Console (SSMC) storage management software. HPE...
How to Protect Yourself from Pandemic Cyberattacks Using Free ToolsDiego Samuel Espitia 9 July, 2020 There is no doubt that this COVID-19 pandemic has changed the daily life of humanity, not only while the pandemic lasts, but forever. Many companies are seeking to implement teleworking as a permanent method for their employees. This fact is increasing the time we stay connected, as observed in the connectivity statistics from the months of confinement and beyond, opening multiple possibilities for users and employers who need to use technology for such everyday things as food shopping. However, this is also a great opportunity for cybercriminals to carry out scam-based attacks, that we have discussed in previous articles and that Microsoft has reported as very serious on its security blog. In many articles we have been told about the consequences of these risks materializing, but in many cases we do not know which tools we should set up or how to mitigate them. In this article we will see what free tools we can use and what they protect us from. Attacks While Surfing the Internet When using the browser, we are exposed to many different threats. When you make a typing mistake or receive a DNS attack you may end up on fraudulent websites. When you are at home, without a business protection system, it is very difficult to detect them.To avoid this, it is necessary to set up a system that controls DNS (Domain Name System) spoofing attacks. By doing so, the URL requested in the browser is manipulated to avoid fraudulent sites due to a scanning error or by following a malicious link.In Firefox, all you have to do is install our EasyDoH extension, recently updated to simplify the configuration of the DNS server that the user wants to use. With a simple configuration in the extension, we can see in the following image how it protects from malicious sites: The second threat is when some malicious executable on the website runs a process without “touching the disk”. This means that, without us downloading or directly executing anything, they perform actions from the browser’s memory. This is a very critical threat, because when it does not reach the disk protection systems such as AntiVirus or EndPoint Response cannot detect the threat. For this we have recently developed an extension that, like the previous one, just needs to be installed for the browser to start controlling this threat. This extension is called AMSIext and is available for Chrome and Firefox. Once installed, it connects the browser to the system called AMSI, which allows to validate the programs to be executed in memory before their execution. File-Based Attacks There is no doubt that file-based scams are one of the techniques most widely used by cybercriminals and have increased significantly in recent times. Criminals use two mechanisms that, although they seem simple, are very effective in bypassing some of our PC’s controls. The first technique we are going to focus on is the change of file extensions. Windows trusts file extensions too much and, for example, if the extension is .docx, it opens the file with MS Word regardless of the content. To avoid this risk, we have developed a program to validate that the extension matches the Magic Numbers (forensic technique for full file identification).This program called MEC only needs to be installed on your computer and, automatically, every time the user tries to open a file, the system compares the Magic Numbers with the extension. If they do not match, the program shows the user that the file cannot be opened with the program that the extension suggests.The second file-based threat that has increased exponentially in recent months is malware hidden within Macros and JavaScript in MS Word, MS Excel and PDF documents. This time, if the user opens the files and grants execution permissions, it is actually opening the door for cybercriminals to execute actions or connect to the machine.To combat this type of threat we have developed DIARIO, a free tool for users to check all documents they receive by email or download from the Internet before opening them, and thus validate whether or not they contain malicious macros. To protect users’ privacy, DIARIO’s artificial intelligence only uses the macro for analysis, protecting the sensitive information that the file may contain.The tool can be used directly on the website or you can download the installer depending on your machine’s operating system. The suspicious file is uploaded and then the tool provides information about whether or not it has any executable processes and whether or not they are malicious, as it can be seen in the image below: As we can see, we have several free and simple tools to significantly increase our security levels, closing the door to the most common attacks currently being executed. Nowadays, we are all searching for information, so cybercriminals take advantage of the circumstances to make a profit and attack us. This is why it is necessary to be more protected than ever. ElevenPaths Radio English #1 – Skills of a Cybersecurity ProfessionalCybersecurity Weekly Briefing July 4-10
ElevenPaths Do I Really Need an Antivirus? How can standard users protect themselves? In this article we explain what an antivirus is for and how you can be (more) protected.
Gonzalo Álvarez Marañón NFT Fever: The Latest Cryptocurrency Killing It Online In May 2007, the digital artist known as Beeple decided to create and publish a new piece of artwork on the Internet every day. True to his word, he...
Pablo Alarcón Padellano Telefónica Tech, recognized with Palo Alto Networks’ SASE, Cloud and Cortex Specializations We are the first partner in Spain awarded with Prisma SASE, Prisma Cloud and Cortex XDR/XSOAR specializations.
ElevenPaths Cyber Security Weekly Briefing April 10-16 0-days in Chrome and Edge Security researcher Rajvardhan Agarwal has discovered a 0-day vulnerability in the current versions of Google Chrome and Microsoft Edge, which he has made public via his...
ElevenPaths Cyber Security in Times of Pandemic: How Has Confinement Affected Our Digital Security? The pandemic has accelerated the transition to a digital life, and with it, cyber-attacks against users and businesses have risen. The most frequent attack, which is the most common...
ElevenPaths Top 4 Programming Languages for Beginners Have you set yourself new challenges this year but don’t know where to start? How would you like to become an expert in programming? We know that, at first,...