ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
ElevenPaths Cybersecurity Weekly Briefing September 19-25 New attack vector for vulnerability in Citrix Workspace Pen Test Partners security researcher Ceri Coburn has discovered a new attack vector for the CVE-2020-8207 vulnerability in Citrix Workspace corrected in...
Innovation and Laboratory Area in ElevenPaths TheTHE: The Threat Hunting Environment, our tool for researchers TheTHE, a unique tool within its category that allows analysts and hunters to carry out their research tasks in a more agile and practical way.
ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Gonzalo Álvarez Marañón Plausibly Deniable Encryption or How to Reveal A Key Without Revealing It When the secret police arrested Andrea at the airport checkpoint, she thought it was a mere formality reserved for all foreign citizens. When they searched her luggage and found...
ElevenPaths Cybersecurity Weekly Briefing August 22-28 Conti ransomware distributed after Trickbot Conti is a relatively new ransomware that appeared in isolated attacks in December 2019 but started to become a relevant threat in June 2020, when...
Gonzalo Álvarez Marañón Rock, Paper, Scissors and Other Ways to Commit Now and Reveal Later Have you ever played rock, paper, scissors? I bet you have. Well, let’s put the tin lid on it: how would you play through the phone? One thing is...
ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
ElevenPaths You are less rational than you think when you take decisions under uncertain conditions I propose you the following game of luck: Option A: I give 1,000 € to you with a probability of 100%. Option B: Let’s leave it to heads or tails: if...
Alberto Cuesta Partida We Acquire iHackLabs to Boost the Training of Our Ethical Hackers Telefónica Tech, through ElevenPaths, incorporates the platforms and knowledge about cyber security training of the iHackLabs startup.
Telefónica, Gradiant and Incibe Improve Companies’ Cyber SecurityElevenPaths 30 October, 2020 The agreement boosts knowledge transfer to the private sectorTEGRA continues on the path to consolidate Galicia’s position as a major player in the European field of cyber security Telefónica, Gradiant and the Spanish National Cyber Security Institute (Incibe) will facilitate the transfer of knowledge in cyber security to Galician companies. In addition, they will promote the retention of specialised cyber security talent and raise awareness of the need for digital security in Galician society. This was set out in the agreement that the three institutions have signed this week and which will be developed through TEGRA, the cyber security centre that ElevenPaths, Telefónica’s cyber security company, and Gradiant created in 2018 – which emerged from the joint research unit IRMÁS – to develop products and services that improve the security of companies’ information. The agreement setting out the objectives of the three institutions was signed this week by ElevenPaths CEO Pedro Pablo Pérez García, Gradiant CEO Luis Pérez Freire and Incibe CEO Rosa Díaz Moles. The activities to be developed include the preparation of a biennial research report with the aim of transferring knowledge to the business world, the realization of STEM conferences to foster vocations for science studies, especially aimed at girls in Galicia or the realization of conferences to promote entrepreneurship in cyber security. “This agreement reinforces Incibe’s commitment to protecting citizens and companies, promoting talent, R+D and the cyber security industry in Spain. We are committed to supporting the attraction of innovative talent related to TEGRA’s specialisation and to promoting this initiative on the cyber security R+D map”, says Rosa Díaz Moles, CEO of Incibe. Renewing the Alliance in Cyber Security Telefónica and Gradiant have renewed their alliance in the joint development of R+D projects and applications linked to the improvement of cyber security. Through the IRMÁS Mixed Research Unit, which is supported by the Xunta de Galicia, both entities consolidate their position to place Galicia as a relevant agent in the field of cyber security. A new period now begins with IRMÁS 2.0, in which TEGRA will maintain its leadership position (with Telefónica and Gradiant at the forefront) and where work will be carried out in three essential areas for business cyber security: information protection, protection against digital fraud and cyber intelligence. The agreement was signed in person and virtually The consolidation of TEGRA will serve as a driving force and a pole of job creation in this emerging sector, allowing confidence in current information systems to increase. “This consolidation means securing a pole of innovation in cyber security in Galicia that provides us with international projection in technologies that are essential pillars for companies to carry out their digital transition with all the guarantees” states Luis Pérez Freire, CEO of Gradiant. Pedro Pablo Pérez García, CEO of ElevenPaths, adds that “the success of TEGRA as a model of innovation centre in cyber security specialised in information protection, has served as a mirror for the launch of other specialised centres such as C4IN (Industry/OT security) in León and SOTH (IOT security and regulatory compliance) in Valencia”. Likewise, “the acceleration of digitalisation by organisations due to the current situation requires products and services that mitigate the risks of greater exposure of corporate information. TEGRA, with its specialisation in the protection of information, creates technologies that allow to keep balance”. The mixed research unit in cyber security IRMAS 2.0, which will give continuity to the work initiated by TEGRA, is supported by the Axencia Galega de Innovación and is co-financed by the European Union Operational Programme ERDF 2014-2020, which aims to promote technological development, innovation and quality research. Press Release Click to access telefonica-gradiant-incibe-improve-companies-cybersecurity.pdf Are You Crypto-Agile to Respond Quickly to Changing Cyberthreats?Cybersecurity Weekly Briefing October 24-30
ElevenPaths Cyber Security Weekly Briefing January 16-22 SolarWinds Update New details have been released about the software supply chain compromise unveiled in December. FireEye researchers have published an analysis that puts the focus on the threat actor called...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (II) As a continuation of the first article in which we saw both the regulation of homeworking and the security and privacy measures in this modality, in this second issue...
Gonzalo Álvarez Marañón Plausibly Deniable Encryption or How to Reveal A Key Without Revealing It When the secret police arrested Andrea at the airport checkpoint, she thought it was a mere formality reserved for all foreign citizens. When they searched her luggage and found...
ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Kaspersky researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a...
Sergio De Los Santos The Attack on SolarWinds Reveals Two Nightmares: What Has Been Done Right and What Has Been Done Wrong All cyber security professionals now know at least part of what was originally thought to be “just” an attack on SolarWinds, which has just truned out to be one...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (I) At this point in time and looking back on 2020, nobody would have imagined the advance in the digitalisation of organisations and companies due to the irruption of homeworking...