ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Kaspersky researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a...
Sergio De Los Santos The Attack on SolarWinds Reveals Two Nightmares: What Has Been Done Right and What Has Been Done Wrong All cyber security professionals now know at least part of what was originally thought to be “just” an attack on SolarWinds, which has just truned out to be one...
ElevenPaths #CyberSecurityReport18H2: our new periodic report on cybersecurity Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just...
ElevenPaths Cyber Security Weekly Briefing December 5-11 Microsoft Security Newsletter On December 8, Microsoft published its monthly security update newsletter, which this time includes patches for 58 vulnerabilities and an advisory for various Microsoft products. Nine of...
ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Kaspersky researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a...
Sergio De Los Santos The Attack on SolarWinds Reveals Two Nightmares: What Has Been Done Right and What Has Been Done Wrong All cyber security professionals now know at least part of what was originally thought to be “just” an attack on SolarWinds, which has just truned out to be one...
ElevenPaths Cybersecurity Weekly Briefing September 5-11 Microsoft Patch Tuesday Microsoft published on Tuesday its newsletter with updates for the month of September. In this new bulletin a total of 129 vulnerabilities have been corrected in 15...
ElevenPaths New research: we discover how to avoid SmartScreen via COM Hijacking and with no privileges COM Hijacking technique has a simple theoretical basis, similar to the DLL Hijacking one: What does it happen when an application searches for a non-existent COM object on the...
ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Kaspersky researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (I) At this point in time and looking back on 2020, nobody would have imagined the advance in the digitalisation of organisations and companies due to the irruption of homeworking...
SCC CyberThreats Service COVID-19: Risk Guide and Recommendations on Cyber Security From the point of view of cyber security, the current situation caused by the coronavirus is also particularly worrying. Users and companies are being threatened. From the Telefonica’s SCC...
ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Kaspersky researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a...
We Announce Our Digital Operation Centers, Where All Our Digital Services Are FocusedElevenPaths 14 November, 2019 The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester Tejedor, among others; who provide an overview of the company’s digital security innovation offer.Telefónica brings together in a single Digital Operation Centers (DOC) in Madrid all the cloud services, cybersecurity, Big Data and Internet of Things of more than 1,500 major clients from companies and the Spanish Administration. Madrid, November 13, 2019.- ElevenPaths, the Telefónica Cybersecurity Unit, holds its VII Security Innovation Day, our in-house event on innovation and security known worldwide. Under the motto Guards for Digital Lives,this event is based on the dystopic scenario augured by the film ‘Blade Runner’ for November 2019. Over the event, ElevenPaths shares its vision of future cybersecurity trends in the market and presents its main strategic lines for the coming years The event is opened by Pedro Pablo Pérez, CEO of ElevenPaths and CEO Business Security Unit of Telefónica. He provides a brief summary of what will be told throughout the event. A fun summary full of similarities between the event and the movie Blade Runner. Then they take the stage Raúl Breton (SOC Manager for Telefónica España), Ester Tejedor (Telefónica Global SOC Manager), Miguel Ángel de Castro (SOC Architect) and Carmen Torrano (AI Expert). They tell us how old, manual and unautomated operation centers have become the future and current centers integrated with digital services such as Big Data, Cloud, IoT and Digital Workplace, plus automation and Artificial Intelligence, as well as the development of the DOC (Digital Operations Center) for the future. This DOC integrates both service automation and orchestration, threat detection and response management, outstanding information on them and advanced incident analysis ⸻all this managed by Artificial Intelligence. It’s time to talk about start-ups and innovation centers located in different points of the country. Rames Sarwat (VP of Strategic Alliances, new products and Chief Security Ambassadors) and Paloma Castellano (Director of Wayra Madrid Telefónica) tell us how through open innovation Telefónica is committed to technological start-ups with the aim of creating innovative projects. The three guest start-ups are: Balbix Inc: This start-up is located in Silicon Valley and operates in the field of prediction, performing analyses of the cybersecurity state and predicting how we may be attacked.Hdiv Security: Its purpose is to protect web applications and APIs, being a complete solution that covers security errors and business logic flaws on the SDLC (Software Development Life Cycle).CPI Consulting: This cybersecurity company is specialized in Wi-Fi network protection, providing specialized solutions in Wi-Fi and Bluetooth protection. On the other hand, they highlighted the relevance of the recently opened innovation centers such as C4IN and Tegra, located in Spain and whose aims are both to create technology, disseminate and raise awareness of cybersecurity, as well as to recruit specialized talent. In the coming months a new center will be opened in Valencia, Soth (Security of Things). ElevenPaths plans to continue opening more centers in the coming years, both in Latin America and Europe. After the coffee break, it’s time to talk about how resistance against distributed denial of service attacks is intended to be improved. Alejandro Ramos (Security Operations Director) and Gloria Nieto (Telefónica’s Network Security Manager) tell us how thanks to the continuous testing we perform we are improving the response and prevention of DDoS attacks. During the round table on innovation and diversity in the field of cybersecurity the importance of plural teams to strengthen and go further is stressed. Julia Perea (Digital Security Director of Telefónica España), Juan Cobo (Global CISO of Ferrovial), Natalia Moreno (CyberThreats Security Analyst of Telefónica) and Laura Castela (Head of 42 Madrid Fundación Telefónica) speak about the importance of diversity among their teams and how thanks to collaboration each member achieve better their goals. The Innovation and Labs team, led by Sergio de los Santos (Innovation and Labs Director of ElevenPaths), Yaiza Rubio (Technical Lead Network Tokenization Telefónica), Claudio Caracciolo (Head of Chief Security Ambassadors & Lab Coordinator) and José Torres (Tech Lead Innovation and Lab Team ElevenPaths) announce once again new tools: IDoT: IoT identification through CapaciCard technology and Telefónica’s PKI so that the systems inherit credentials from both the device and the user who is using it at the moment.Rosetta: System to connect security to any instant messaging channel such as WhatsaApp, Telegram…Diario: Tool to detect malware in documents intelligently without compromising their content.MAD: Tool to detect advertising aggressiveness in terms of intrusiveness in Android applications before installing them. Finally, to close this event Chema Alonso (Chairman of ElevenPaths and Chief Data Officer of Telefónica) shows during his presentation ‘Keep Always Alert!’ several live demos focusing on privacy and APT. Naturally, it couldn’t miss a demo of the star tool of the Cybersecurity Unit: our FOCA (called for this occasion FOCA GPS). Read the full informative notice here. EasyDoH Update Hot off the Press: New Improvements and FunctionalitiesNew App to Clean Metadata More Easily
ElevenPaths Cyber Security Weekly Briefing January 9-15 Sunburst shows code matches with Russian-associated malware Kaspersky researchers have found that the Sunburst malware used during the SolarWinds supply chain attack is consistent in its characteristics with Kazuar, a...
Sergio De Los Santos The Attack on SolarWinds Reveals Two Nightmares: What Has Been Done Right and What Has Been Done Wrong All cyber security professionals now know at least part of what was originally thought to be “just” an attack on SolarWinds, which has just truned out to be one...
Antonio Gil Moyano Homeworking: Balancing Corporate Control and Employee Privacy (I) At this point in time and looking back on 2020, nobody would have imagined the advance in the digitalisation of organisations and companies due to the irruption of homeworking...
Innovation and Laboratory Area in ElevenPaths 46% Of the Main Spanish Websites Use Google Analytics Cookies Before the Consent Required by The Spanish Data Protection Agency (AEPD) Over the past few months, many IT departments have been busy carrying out this task of adaptation in order to comply with the new regulations on cookies. Every time...
Carlos Ávila WhatsApp terms and conditions update – a cheeky move? Surely by now many have already accepted the new terms and privacy policies without really knowing what they were about or their impact on the privacy of their data,...
ElevenPaths Cyber Security Weekly Briefing January 2-8 SolarWinds Update To end the year, Microsoft published an update of its findings regarding the impact of the SolarWinds incident on its systems. In this release, it emphasizes that neither...