Diego Samuel Espitia If you own any Apple devices, run to update them On September 13, Apple surprised its users with a system update on iPhone, iWatch, iPad and macOS, something that doesn’t happen very often and less often comes with an...
Telefónica Tech Cyber Security Weekly Briefing 11-17 September S.O.V.A. – New Android banking trojan Researchers at Threat Fabric have discovered the existence, at least since the beginning of August, of a new banking trojan for Android which they...
David García D3FEND, the other side of the ATT&CK coin We are already familiar with the ATT&CK project of the MITRE corporation. It is a de facto standard that helps us to characterise threats based on the techniques and...
Telefónica Tech Cyber Security Weekly Briefing 4-10 September Critical vulnerability in Zoho ADSelfService Plus The company Zoho has issued a security advisory warning of a critical vulnerability in ADSelfService Plus, an enterprise password and login management software. The...
Telefónica Tech Cyber Security Weekly Briefing 28 August – 3 September PoC available and scans detected for RCE in Confluence On Wednesday 25 August, Confluence published a security advisory to warn of a vulnerability in Confluence Server and Data Center in versions prior...
Telefónica Tech Cyber Security Weekly Briefing 14-27 August Exploitation of vulnerabilities in Exchange ProxyShell Security researcher Kevin Beaumont has analyzed the recent massive exploitation of Microsoft Exchange Server vulnerabilities known as ProxyShell. These are a set of flaws revealed by Orange...
David García The Malware Created in Go Is A Trend And Is Here To Stay Even though it cannot be said that Go is a new programming language (it is already more than ten years old), it does belong to that new batch of...
Telefónica Tech Cyber Security Weekly Briefing 31 July-13 August Vulnerabilities in DNS-as-a-Service Researchers Shir Tamari and Ami Luttwak, from the security firm Wiz, revealed at the Black Hat security conference multiple vulnerabilities that could affect DNS-as-a-Service (DNSaaS) services. They...
Innovation and Laboratory Area in ElevenPaths #CyberSecurityReport21H1: More than 246 million OT cyber security events detected in six months There are many reports on security trends and summaries, but at Telefónica Tech we want to make a difference. From the Innovation and Lab team, we have just launched...
Víctor Mayoral-Vilches Cybercrime in robotics, the Alias Robotics research that is travelling to Black Hat Are industrial robots safe? This is the opening question of this analysis that Alias Robotics has worked on, together with TrendMicro, as part of an investigation into robotic security,...
Florence Broderick Evil FOCA is now Open Source We are really happy to announce that Evil FOCA is now Open Source. We have received lots of comments and feedback about how you are using Evil FOCA, or how...
Florence Broderick How to bypass antiXSS filter in Chrome and Safari (discovered by ElevenPaths) Modern browsers usually have an antiXSS filter, that protects users from some of the consequences of this kind of attacks. Normally, they block cross site scripting execution, so the...
Florence Broderick HookMe, a tool for intercepting communications with API hooking HookMe is a tool for Windows that allows to intercept system processes when calling APIs needed for network connections. The tool, still in beta, was developed by Manuel Fernández (now...
Florence Broderick How does blacklisting work in Java and how to take advantage of it (using whitelisting) Oracle has introduced the notion of whitelisting in its latest version of Java 7 update 40. That is a great step ahead (taken too late) in security for this...
Florence Broderick Quick and dirty shellcode to binary python script https://google-code-prettify.googlecode.com/svn/loader/run_prettify.js If you work with exploits and shellcode, you already know what shellcode is and how to deal with it. Sometimes it comes with exploits in C, Perl, Python…...
