Innovation and Laboratory Area in ElevenPaths Uncovering APTualizator: the APT that patches Windows By the end of June 2019, we assisted to an incident were a high number of computers had started to reboot abnormally. In parallel, Kaspersky detected a file called swaqp.exe, which apparently...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them detected by antiviruses Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
ElevenPaths The Intelligent MSSP During years, Managed Security Services (MSS) have been the most effective strategy to tackle the increasing and changing threat landscape. Otherwise, some disruptive factors are compelling a new approach...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them detected by antiviruses Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
Innovation and Laboratory Area in ElevenPaths EasyDoH: our new extension for Firefox that makes DNS over HTTPS simpler A year ago, the IETF has raised to RFC the DNS over HTTPS proposal. This new is more important than it may seem. For two reasons: firstly, it’s a...
Sergio De Los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
ElevenPaths You are less rational than you think when you take decisions under uncertain conditions I propose you the following game of luck: Option A: I give 1,000 € to you with a probability of 100%. Option B: Let’s leave it to heads or tails: if...
ElevenPaths CryptoClipWatcher, our new tool against crypto clipboard hijacking techniques Since 2017, this technique is becoming quite popular. Cryptocurrency in general is a new target for malware, and mining Bitcoins is not profitable anymore in regular computers (maybe Monero...
Sergio De Los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
ElevenPaths New tool: Masked Extension Control (MEC), don’t trust Windows extensions Windows relies too much on extensions to choose the program that must process a file. For instance, any .doc file will be opened by Word, regardless of its “magic...
ElevenPaths The base rate fallacy or why antiviruses, antispam filters and detection probes work worse than what is actually promised Before starting your workday, while your savoring your morning coffee, you open your favorite cybersecurity newsletter and an advertisement on a new Intrusion Detection System catches your attention: THIS IDS...
ElevenPaths If you want to change your employees’ security habits, don’t call their will, modify their environment instead You’re in a coffee bar and you need to connect your smartphone to a Wi-Fi, so you check your screen and see the following options. Imagine that you know...
Stela FileTrack protagonist of the 6th Security Innovation Day EditionElevenPaths 13 November, 2018 The Telefónica’s Cybersecurity Unit helds its 6th Security Innovation Day, under the motto Game Is Never Over. Stela FileTrack, a new solution to protect organization’s sensitive documentary information. The Telefónica’s SOC located in Madrid, a highly-qualified incident response team available 24×7. Faast for WordPress and mASAPP Online, focused on online sales, are put on the market. New IoT security services, based on Telefónica’s SOCs strengths. Madrid. 7th November 2018.- ElevenPaths, The Telefónica’s Cybersecurity Unit, helds its 6th Security Innovation Day, an event on innovation and security on a national and international scale, under the motto Game is Never Over. From an approach based on the relation existing between videogames and cybersecurity, ElevenPaths shares its vision about cybersecurity future trends and shows its main strategic lines for next years. Over this event you will have the opportunity to watch speakers such as Chema Alonso –Chief Data Officer (Telefónica) and Chairman (ElevenPaths)–, Pedro Pablo Pérez –CEO (ElevenPaths) and Global Security VP (Telefónica)–, Julia Perea –Digital Security Director (Telefónica España)–, Yaiza Rubio –Intelligence Analyst (ElevenPaths)–, among others. They will carry out an overview of the company’s innovative options in digital security. Within these options, ElevenPaths will present the SOC, located in Madrid. The SOC provides its clients with a customized support, monitoring and specialized reports, as well as with the assistance of a highly-qualified team of experts available 24×7. Besides the SOC located in Madrid, Telefónica has 11 team of experts around the world. As explained by Julia Perea, “Thanks to our SOCs, we ensure that our operations and presence in terms of security are global”. Furthermore, from today two products of the cybersecurity unit portfolio are available via PayPal: Faast for WordPress and mASAPP Online. Faast for WordPress is a technology able to detect vulnerabilities and weaknesses on WordPress sites before these ones can be discovered by attackers. mASAPP Online is a technology able to perform a fully analyse of mobile applications’ vulnerabilities and behaviours. Moreover, mASAPP Online reports on potential security breaches in order to prevent attacks from malicious agents as well as on behaviours that may affect the app reputation. Telefónica and its Cybersecurity Unit, ElevenPaths, provide IoT security services. In this way, endpoint complexity is reduced and integration with the services platform is ensured. These security products are based on the IoT products and services. Within these products, the Telefónica’s IoT managed connectivity platform plays a decisive role. In addition to this, new IoT security services have been developed, driven by Telefónica’s SOCs strengths. ElevenPaths’ security services are being broadened in order to cover and protect the IoT world. In the following lines you will find more new cybersecurity solutions to be presented over the Security Innovation Day by ElevenPaths: Stela FileTrack, a solution to protect organization’s sensitive documentary information, with an additional tracking layer allowing to view online each whole document life cycle. RightsKeeper, it allows to manage shared documents, restricting or removing editing or access permissions, even though they have already been delivered. It shows the relationship between Shadow –particularly its capability to imperceptibly protect documents– and the ElevenPaths’ IRM. SmartPattern and CapaciCard are the new technologies developed by the Innovation and Labs team. SmartPattern constitutes a new authentication method enabling the access to services and the signature of documents by means of an intelligent movement pattern sketched on a smartphone. CapaciCard allows to authenticate or authorize a user by taking advantage from mobile screen or laptop touchpad inherent capacitive features. It does not need NFC nor connection, just a cost-effective card. No additional hardware is required. Connected Car, an application joining three IoT services (credentials provision, anomalies detection and secure DNS) on the connected car environment. Pedro Pablo Pérez “Over this digital transformation process, we remain committed to the end-to-end security. For this purpose, we keep investing in infrastructures, in order to implement new SOCs (Security Operation Centers) in South America.” For more information, please click here You are less rational than you think when you take decisions under uncertain conditionsm33tfinder: a vulnerability on Cisco Meeting Server detected by ElevenPaths
Innovation and Laboratory Area in ElevenPaths EasyDoH: our new extension for Firefox that makes DNS over HTTPS simpler A year ago, the IETF has raised to RFC the DNS over HTTPS proposal. This new is more important than it may seem. For two reasons: firstly, it’s a...
Sergio De Los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
ElevenPaths New tool: Masked Extension Control (MEC), don’t trust Windows extensions Windows relies too much on extensions to choose the program that must process a file. For instance, any .doc file will be opened by Word, regardless of its “magic...
Innovation and Laboratory Area in ElevenPaths Five interesting own tools that you may have missed (and a surprise) This time we are going to rehash a blog entry by gathering some of the own tools that we have recently developed and we consider of interest. We summarize...
Innovation and Laboratory Area in ElevenPaths Uncovering APTualizator: the APT that patches Windows By the end of June 2019, we assisted to an incident were a high number of computers had started to reboot abnormally. In parallel, Kaspersky detected a file called swaqp.exe, which apparently...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them detected by antiviruses Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
