ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths The Intelligent MSSP During years, Managed Security Services (MSS) have been the most effective strategy to tackle the increasing and changing threat landscape. Otherwise, some disruptive factors are compelling a new approach...
Gonzalo Álvarez Marañón Blockchain, Cryptocurrencies, zkSTARKs and the Future of Privacy in a Decentralised World In the Renaissance Italy, duels between mathematicians were common, but not by crossing steels, but by solving difficult problems. One of the hardest bones to crack at the time...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths #CyberSecurityPulse: Army Launches Direct Commissioning Program for Civilian Cybersecurity Experts The Army has approved a program to recruit experienced cybersecurity experts directly into the service as cyber officers in an attempt to bolster a growing field that military leaders...
ElevenPaths #CyberSecurityPulse: Guess Riddle… How Is Information Stored In a Bitcoin Address? As we have seen in previous post on ElevenPaths blog, the OP_RETURN field of a Bitcoin transaction is used to store a small portion of information (up to 80...
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths Cybersecurity Weekly Briefing October 3-9 New botnet detected that deletes data from the infected device A group of researchers from the company Netlab 360 published yesterday their latest findings on a new botnet that specialises...
ElevenPaths Cybersecurity Weekly Briefing 13-19 June Ripple 20 Vulnerabilities in TCP/IP Software JSOF researchers have discovered 19 0-day vulnerabilities, collectively called Ripple 20, in the TCP/IP software library developed by Treck that would affect more than...
Security and Privacy on the “Internet of Health”Carlos Ávila 21 July, 2020 At the time of writing this article, there are many companies around the world that are innovating, creating and improving various applications, robots and gadgets to monitor our health. In fact, many of these are already a reality and are being sold in the application market and implemented in hospitals around the world. All these watches with sensors, chips inserted in our bodies, smart phones and other devices are fantastic and store a lot of user data but, is this data being protected? Will it be used to issue diagnoses? What about the security of the software of these devices? What do we get, for example, from surgeries performed by robots by remote control? The Digitization of the Healthcare Industry We talk about innovation, digitalisation and robotisation in the health industry and this has led mankind to carry out interesting projects such as the well-known DaVinci (the robot with the most advanced surgical system in the world) or perhaps lesser-known projects such as the microrobot called ViRob, designed to clean and drain “pipes” from the body as a necessity in operations. But if we talk about common devices and accessibility for users, we find hearing aids to monitor your overall health in real time. In terms of mobile applications, we see how a photograph taken with a mobile device and advanced image processing could detect certain types of skin cancer. So much so that GoogleLeNet project, originally designed to interpret images for smart cars, has been working on this for a long time. At present it is impossible to keep up with such a large number of devices that generate information and this is no exception for doctors. A doctor can make diagnoses from his experience with several patients, but a computer is currently doing so based on data and comparisons of results that were obtained from hundreds or millions of similar cases. Health Comes First, As Long As It’s Secure The data that is processed today by all these gadgets in the health industry needs to be reliable and secure in order to make a reliable diagnosis through analysis. Therefore, the software developments that make these technological devices work must be protected and tested. The cybersecurity community, as well as security companies in general, have been conducting research on this topic, where they have exposed attack vectors and vulnerabilities on this type of environment. Similarly, the FDA (US Food and Drug Administration) has created guidelines and makes frequent calls to the creators of medical technologies to ensure the security of their products. The health industry, like many others, depends largely on technology to understand our health status. Each new device we use is likely to share data in some way with other platforms for physician decision-making. The “Internet of Health” Just as the “Internet of Things” refers to interconnecting various devices so that in many cases they interact automatically, the “Internet of Health” will perhaps allow all our medical data to be connected together, so that through various systems they can be condensed into a comprehensive report. We are now at the point where all this data is being stored in environments that should have a level of security that is managed, evaluated and monitored frequently, because decision making will depend on it. It is really important that we get involved in this problem as a community and as users. Furthermoe, it is necessary that both governments and legal entities ensure full commitment of all actors in this industry on a permanent basis through laws and regulations. In this way, we will be able to maintain an adequate level of security that will allow us to feel a little calmer in the face of cyber threats. Challenges and Business Opportunities of Post Quantum CryptographyUniversity and Industry: Talent Is Out There (III)
ElevenPaths Cyber Security Weekly Briefing April 3-9 Malware distribution campaign via LinkedIn The eSentire research team has published details on the analysis of a new malware distribution campaign via LinkedIn. Threat actors are sending zipped files under...
ElevenPaths No Pain, No Gain: Let´s Hack 2021 “No pain, no gain”, you have probably heard this on more than one occasion. An expression that is used endlessly in different environments, in a time when the body...
ElevenPaths What is VPN and What is It For? VPN connections are nothing new, they have been with us for a long time, always linked to the business world. The great versatility and its different uses have made...
ElevenPaths Cyber Security Weekly Briefing March 20-26 Analysis of the new cyber-espionage group SilverFish The PRODAFT Threat Intelligence team (PTI) has discovered a highly sophisticated cybercriminal group called SilverFish, which operates exclusively against large enterprises and public...
ElevenPaths Cyber Security Mechanisms for Everyday Life It is becoming more and more common to find in the general media news related to cyber-attacks, data breaches, privacy scandals and, in short, all kinds of security incidents....
ElevenPaths Everything You Need to Know About SSL/TLS Certificates What is a digital certificate? Secure Sockets Layer/Transport Layer Security digital certificate is the most widely used security protocol that enables encrypted data transfer between a web server and a...