Skip to content
Think Big
Countries / Global
  • Global
  • España
  • Ecuador
  • Español
  • Portugues
  • IoT
    • Deep Learning and satellite images to estimate the impact of COVID19 Chuck Martin: “The industry can anticipate consumers’ needs even before they feel that need. This is the future that awaits us on Internet of Things”
  • Big Data
    • Warning About Normalizing Data Executive Insight Series by Glyn Povah, Director of Product Development at LUCA
  • Cybersecurity
    • Wireless attacks on OT Cyber Security Weekly Briefing 29 January – 4 February
Think Big / Business
  • AI of Things
  • Cloud
  • Cybersecurity
  • Blockchain

Vulnerabilities

Detected an extension in Chrome Web Store, active from February, that steals credit cards
ElevenPaths

Detected an extension in Chrome Web Store, active from February, that steals credit cards

We have detected an extension for Google Chrome, still active, that steals data from web site forms visited by the victims. This extension, which is still available on Chrome...
ElevenPaths

m33tfinder: a vulnerability on Cisco Meeting Server detected by ElevenPaths

On November 7th, while we were holding our Security Innovation Day, Cisco published a security advisory with CVE-2018-15446 associated to a vulnerability on the software Cisco Meeting Server reported by our Innovation and Labs...
ElevenPaths

You are less rational than you think when you take decisions under uncertain conditions

I propose you the following game of luck:   Option A: I give 1,000 € to you with a probability of 100%. Option B: Let’s leave it to heads or tails: if...
ElevenPaths

A story about two minds: the vast difference between real and perceived risk

“In our society it is generally not considered justifiable to make a decision purely on an emotional response. We want to be considered scientific and rational, so we come up with...
ElevenPaths

You’ve got mail? You’ve got malware

A few weeks ago I was ‘compromised’. A well-known vulnerability was exploited and I was left financially exposed, with my reputation potentially at risk. “What happened?” I hear you...
Florence Broderick

Studying the trojan apps for Android used in Hacking Team leak

Between the information leaked these days about #HackingTeam, several trojan Android APK files have been found. A first approach with Tacyt shows interesting relations with legitimate apps, the ones leaked a...
Florence Broderick

Faast already detects "Logjam": Imperfect Forward Secrecy

Faast teams have been working all day long to add a new plugin to our list of detected vulnerabilities. There has been found a new security problem in TLS...
Florence Broderick

ElevenPaths finds a XSS problem in Play Framework

Play Framework is defined as “The high velocity Web Framemork for Java and Scala”. We use it internally in some of our products. Ricardo Martín from our QA team...
Florence Broderick

5.500 apps potentially vulnerable to Man in the Middle attacks in Google Play

It has been discovered than AppsGeyser, an app creator “with just a few clicks”, deactivates the SSL certificate validation in its apps. An attacker on the same network as...
Florence Broderick

PhpMyAdmin fixes a XSS detected by ElevenPaths (CVE-2014-9219)

On November 28th, while our Faast team was developing an intrusion module for PhpMyAdmin MySQL manager, we detected a new cross site scripting vulnerability not known so far in this...

Navegación de entradas

Previous articles
1 … 21 22 23
More articles
  • Telefónica Tech

Popular

Innovation Marketing Team
Partnerships that escalate entrepreneurship and innovate the corporation: Ten Wayra startups that do business with Vivo
With 10 years of operations, Wayra has transformed the entrepreneurial ecosystem in Brazil and worldwide. Since its launch in 2011, when it was created to support entrepreneurship, Wayra has...
ElevenPaths
Squeezing the numbers and facts of Google’s annual Android security report
Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick
Quick and dirty script in Powershell to check certificate fingerprints
Malware is using signed binaries to attack Windows systems. Malware needs it to get into the roots of the operative system. So attackers steal or create their own certificates....
Florence Broderick
How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths)
Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick
FOCA Final Version, the ultimate FOCA
You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Think Big
  • Facebook de Telefónica
  • Linkedin de Telefónica
  • Twitter de Telefónica
  • Canal YouTube Telefónica

© Telefónica S.A.

    • Cookies Policy
    • Privacy Policy
    • Accesibility
    • Cookies configuration