ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
ElevenPaths ElevenPaths participates in AMBER (“enhAnced Mobile BiomEtRics”) project ElevenPaths participates in the AMBER (“enhAnced Mobile BiomEtRics”) project since 1st January 2017 as an Industrial Partner. AMBER is a Marie Skłodowska-Curie Innovative Training Network under Grant Agreement No....
ElevenPaths Cybersecurity and Business in the New Era: Security Innovation Days 2020 (Day 1) First day of the Security Innovation Days 2020 completed with more than 1500 people connected from all over the world. If you missed the first day of our cybersecurity...
ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Gonzalo Álvarez Marañón Plausibly Deniable Encryption or How to Reveal A Key Without Revealing It When the secret police arrested Andrea at the airport checkpoint, she thought it was a mere formality reserved for all foreign citizens. When they searched her luggage and found...
Innovation and Laboratory Area in ElevenPaths Developing a Tool to Decrypt VCryptor Ransomware (Available on NoMoreRansom.org) Discover how VCryptor ransomware works and the tool we have developed as part of NoMoreRansom.org to decrypt it.
ElevenPaths #CyberSecurityPulse: Tell me your social networks and you will be welcome in the United States (or maybe not) The US Department of State wants to ask visa applicants to provide details of their social networks which they have used within the last five years, as well as...
ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
Franco Piergallini Guida Adversarial Attacks: The Enemy of Artificial Intelligence What happens when the data used by artificial intelligence to predict behaviour is manipulated? Is this an attack vector?
Carlos Ávila The Dark Side of WebAssembly Nowadays, the technologies for developing software for webs are multiplying rapidly, while introducing, in some cases, new ways of attack or unexpected advantages for attackers. Let’s see what WebAssembly...
¿Ransomware in Pandemic or Ransomware Pandemic?Gabriel Bergel 9 November, 2020 No one imagined what could happen in the field of cyber security during the Covid-19 pandemic. Perhaps some colleagues were visionary, or others were basically guided by the statistics of recent years regarding incidents and security breaches, which have been steadily increasing. I hope everyone understands that no one is free from a cyber incident nowadays. A Little Bit of History The beginnings of ransomware do not date back to the 2000’s as most people believe. As early as December 1989, when the first website had not even been created yet, 20,000 diskettes of 5¼” were sent from London to companies in the UK and abroad, to subscribers to PC Business World magazine and also to participants at an AIDS conference organised by the World Health Organisation. On the sticker of these diskettes was written AIDS Information Introductory Diskette, it was and said to be from the PC Cyborg Corporation. All of this was a deceit, it encrypted the hard drive of the computers and asked for a ransom. AIDS was the first ransomware to also spread globally, reaching over 90 countries by postal mail. Nowadays, 31 years have passed, and ransomware has already become an industry, with incredible advances in the field. The Covid-19 pandemic has only accelerated the development of infection campaigns. The numbers and incidents that have occurred in the pandemic, I would say, are unprecedented. Remote working could be one of the causes, as cyber security controls are weaker in the home than in the corporate environment, but mainly it has to do with our anxiety and uncertainty, which makes us more “prone” to fall into a phishing operation containing ransomware. However, this increase in numbers in the region is already evident in several studies since last year: Ransomware by country. Source: Symantec The Ransomware Business Not long ago, ransomware was classified as an incident (DBIR) rather than a breach, because data encryption does not necessarily involve a disclosure of confidentiality. However, that has changed: the business of ransomware is no longer so much about encryption but about making money from the threat of information leakage, and there are cases to back this statement up. Not long ago, ransomware was classified as an incident (DBIR) rather than a breach, because data encryption does not necessarily involve a disclosure of confidentiality. However, that has changed: the business of ransomware is no longer so much about encryption but about making money from the threat of information leakage, and there are cases that demonstrate this. At Elevenpaths, we have been tracking the several ransomware campaigns that exist and shared them with the community through our weekly briefings and cyber security research reports. I also talked about it a month ago, after giving many interviews about the incident at Banco Estado de Chile, allegedly provoked by Sodinokibi. A ransomware whose campaigns, we at ElevenPaths, had already been following since January this year. On the other hand, advances in ransomware development are evident. For example, Conti occupies 32 CPU threads in parallel during the infection process of a computer. Sergio de los Santos wrote a highly recommended post called ” What Do Criminals in the Ransomware Industry Recommend so that Ransomware Does Not Affect You?” which may be useful to understand what is happening in this new era. To sum up, the non-profit volunteer hacker initiative called the CTI League (Cyber Threat Intelligence League), a global community of emergency response volunteers who defend and neutralize cyber security threats and vulnerabilities to life-saving sectors related to the current Covid-19 pandemic, should be highlighted for the great work they have done in helping and preventing more health institutions from being affected by these types of cyber attacks. Just a question: what will be the next level in this battle? Cyber Security Weekly Briefing 31 October – 6 NovemberElevenPaths Radio English #4 – Privacy and Personal Data Protection
ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
Gonzalo Álvarez Marañón Plausibly Deniable Encryption or How to Reveal A Key Without Revealing It When the secret police arrested Andrea at the airport checkpoint, she thought it was a mere formality reserved for all foreign citizens. When they searched her luggage and found...
ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Kaspersky researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a...
Sergio De Los Santos The Attack on SolarWinds Reveals Two Nightmares: What Has Been Done Right and What Has Been Done Wrong All cyber security professionals now know at least part of what was originally thought to be “just” an attack on SolarWinds, which has just truned out to be one...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (I) At this point in time and looking back on 2020, nobody would have imagined the advance in the digitalisation of organisations and companies due to the irruption of homeworking...