Skip to content
Think Big
Countries / Global
  • Global
  • España
  • Ecuador
  • Español
  • Portugues
  • IoT
    • AI of Things(I): Multiplying the value of connected things The Champions is also IoT
  • Big Data
    • The best Data Science certifications How IoT technology is helping candy producers make sweet profits!
  • Cybersecurity
    • New research: we discover how to avoid SmartScreen via COM Hijacking and with no privileges Cyber Security Weekly Briefing, 15-21 October
Think Big / Business
  • AI of Things
  • Cloud
  • Cybersecurity
  • Blockchain

Vulnerabilities

Detected an extension in Chrome Web Store, active from February, that steals credit cards
ElevenPaths

Detected an extension in Chrome Web Store, active from February, that steals credit cards

We have detected an extension for Google Chrome, still active, that steals data from web site forms visited by the victims. This extension, which is still available on Chrome...
ElevenPaths

m33tfinder: a vulnerability on Cisco Meeting Server detected by ElevenPaths

On November 7th, while we were holding our Security Innovation Day, Cisco published a security advisory with CVE-2018-15446 associated to a vulnerability on the software Cisco Meeting Server reported by our Innovation and Labs...
ElevenPaths

You are less rational than you think when you take decisions under uncertain conditions

I propose you the following game of luck:   Option A: I give 1,000 € to you with a probability of 100%. Option B: Let’s leave it to heads or tails: if...
ElevenPaths

A story about two minds: the vast difference between real and perceived risk

“In our society it is generally not considered justifiable to make a decision purely on an emotional response. We want to be considered scientific and rational, so we come up with...
ElevenPaths

You’ve got mail? You’ve got malware

A few weeks ago I was ‘compromised’. A well-known vulnerability was exploited and I was left financially exposed, with my reputation potentially at risk. “What happened?” I hear you...
Florence Broderick

Studying the trojan apps for Android used in Hacking Team leak

Between the information leaked these days about #HackingTeam, several trojan Android APK files have been found. A first approach with Tacyt shows interesting relations with legitimate apps, the ones leaked a...
Florence Broderick

Faast already detects "Logjam": Imperfect Forward Secrecy

Faast teams have been working all day long to add a new plugin to our list of detected vulnerabilities. There has been found a new security problem in TLS...
Florence Broderick

ElevenPaths finds a XSS problem in Play Framework

Play Framework is defined as “The high velocity Web Framemork for Java and Scala”. We use it internally in some of our products. Ricardo Martín from our QA team...
Florence Broderick

5.500 apps potentially vulnerable to Man in the Middle attacks in Google Play

It has been discovered than AppsGeyser, an app creator “with just a few clicks”, deactivates the SSL certificate validation in its apps. An attacker on the same network as...
Florence Broderick

PhpMyAdmin fixes a XSS detected by ElevenPaths (CVE-2014-9219)

On November 28th, while our Faast team was developing an intrusion module for PhpMyAdmin MySQL manager, we detected a new cross site scripting vulnerability not known so far in this...

Navegación de entradas

Previous articles
1 … 21 22 23
More articles
  • Telefónica Tech

Popular

ElevenPaths
Squeezing the numbers and facts of Google’s annual Android security report
Last month Google published its third annual security report on Android’s security protections, aiming to send a clear message to the world about mobile malware (or Potentially Harmful Applications...
Florence Broderick
Evil FOCA is now Open Source
We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick
Heartbleed plugin for FOCA
By now, everyone knows about Heartbleed. Just like we did for FaasT, we have created a plugin for FOCA (final version) one of our most downloaded tools. This plugin...
Florence Broderick
How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths)
Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick
FOCA Final Version, the ultimate FOCA
You all know FOCA. Over the years, it had a great acceptation and became quite popular. Eleven Path has killed the FOCA to turn it into a professional service,...
Think Big
  • Facebook de Telefónica
  • Linkedin de Telefónica
  • Twitter de Telefónica
  • Canal YouTube Telefónica

© Telefónica S.A.

    • Cookies Policy
    • Privacy Policy
    • Accesibility
    • Cookies configuration