Skip to content
Think Big
Countries / Global
  • Global
  • España
  • Ecuador
  • Español
  • Portugues
  • IoT
    • IoT Trends for 2017, users in the spotlight IoT transforms the gaming universe
  • Big Data
    • World Energy Saving Day: Efficiency to drive progress GDPR 101: What you need to know
  • Cybersecurity
    • Cyber Security Weekly Briefing 25 September – 1 October Steps to move security solutions forward in the face of current world challenges
Think Big / Business
  • AI of Things
  • Cloud
  • Cybersecurity
  • Blockchain

Vulnerabilities

Detected an extension in Chrome Web Store, active from February, that steals credit cards
ElevenPaths

Detected an extension in Chrome Web Store, active from February, that steals credit cards

We have detected an extension for Google Chrome, still active, that steals data from web site forms visited by the victims. This extension, which is still available on Chrome...
ElevenPaths

m33tfinder: a vulnerability on Cisco Meeting Server detected by ElevenPaths

On November 7th, while we were holding our Security Innovation Day, Cisco published a security advisory with CVE-2018-15446 associated to a vulnerability on the software Cisco Meeting Server reported by our Innovation and Labs...
ElevenPaths

You are less rational than you think when you take decisions under uncertain conditions

I propose you the following game of luck:   Option A: I give 1,000 € to you with a probability of 100%. Option B: Let’s leave it to heads or tails: if...
ElevenPaths

A story about two minds: the vast difference between real and perceived risk

“In our society it is generally not considered justifiable to make a decision purely on an emotional response. We want to be considered scientific and rational, so we come up with...
ElevenPaths

You’ve got mail? You’ve got malware

A few weeks ago I was ‘compromised’. A well-known vulnerability was exploited and I was left financially exposed, with my reputation potentially at risk. “What happened?” I hear you...
Florence Broderick

Studying the trojan apps for Android used in Hacking Team leak

Between the information leaked these days about #HackingTeam, several trojan Android APK files have been found. A first approach with Tacyt shows interesting relations with legitimate apps, the ones leaked a...
Florence Broderick

Faast already detects "Logjam": Imperfect Forward Secrecy

Faast teams have been working all day long to add a new plugin to our list of detected vulnerabilities. There has been found a new security problem in TLS...
Florence Broderick

ElevenPaths finds a XSS problem in Play Framework

Play Framework is defined as “The high velocity Web Framemork for Java and Scala”. We use it internally in some of our products. Ricardo Martín from our QA team...
Florence Broderick

5.500 apps potentially vulnerable to Man in the Middle attacks in Google Play

It has been discovered than AppsGeyser, an app creator “with just a few clicks”, deactivates the SSL certificate validation in its apps. An attacker on the same network as...
Florence Broderick

PhpMyAdmin fixes a XSS detected by ElevenPaths (CVE-2014-9219)

On November 28th, while our Faast team was developing an intrusion module for PhpMyAdmin MySQL manager, we detected a new cross site scripting vulnerability not known so far in this...

Navegación de entradas

Previous articles
1 … 21 22 23
More articles
  • Telefónica Tech

Popular

Innovation Marketing Team
Empowering women in entrepreneurship: 10 female – led startups in Germany
In Germany, only about 15% of startups are initiated by women. Sadly, the figure has been stagnant for years. Additionally, female-led startups receive significantly less Venture Capital than those...
Florence Broderick
Evil FOCA is now Open Source
We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
ElevenPaths
How to cause a DoS in Windows 8 explorer.exe
We have discovered by accident how to cause a Denial of Service (DoS) in Windows 8. It’s a little bug that is present in the last version of the...
Florence Broderick
How does blacklisting work in Java and how to take advantage of it (using whitelisting)
Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick
Showing certificate chain without validating with Windows "certificate store" (C#)
Java has its own independent certificate store. If you wish to view natively in Windows a certificate extracted from an APK or JAR file Windows may not find the...
Think Big
  • Facebook de Telefónica
  • Linkedin de Telefónica
  • Twitter de Telefónica
  • Canal YouTube Telefónica

© Telefónica S.A.

    • Cookies Policy
    • Privacy Policy
    • Accesibility
    • Cookies configuration