Miguel Ángel Martos Has the Office as We Know It Come to an End? 2020 has had a difficult start. We have learned that what was “usual” may not be the best. We should reconsider this idea of “the office” as the centre...
ElevenPaths Telefónica’s ElevenPaths enhances its global IoT security capabilities with Subex This collaboration provisions the offering of IoT Threat Detection, an incident monitoring and response service for IoT environments.This solution has the capability of learning and modelling the legitimate behaviour...
ElevenPaths How are we preparing ourselves for the RSA Conference 2018? 2018 is a unique year for us. We continue on our journey with the great security community to jointly combat the threats faced by our sector. At ElevenPaths, Telefónica’s...
ElevenPaths Cybersecurity Weekly Briefing 29 August-4 September Red Dawn, new attached document from Emotet The use of a new attached document template by Emotet has been identified over the past week. The name given by security researcher Joseph...
Innovation and Laboratory Area in ElevenPaths DIARIO Already Detects “Stomped” Macros, But What Are They Exactly? Few weeks ago, we presented DIARIO, the malware detector that respects the privacy of users, and we continue to improve it so that it detects more and better. We...
Innovation and Laboratory Area in ElevenPaths New TheTHE Version with URLScan and MalwareBazaar Plugins The first time an IoC lay on your hands. Let’s say it is a hash, URL, IP or a suspicious domain. You need to know some basic information. Is...
Sergio De Los Santos Facebook signed one of its apps with a private key shared with other Google Play apps since 2015 Facebook Basics is a Facebook app aimed at countries with poor connectivity, where a free access service to WhatsApp and Facebook is provided. It has been discovered that the Android version...
ElevenPaths New tool: “Web browsers HSTS entries eraser”, our Metasploit post exploitation module This module deletes the HSTS/HPKP database of the main browsers: Chrome, Firefox, Opera, Safari and wget in Windows, Mac and Linux. This allows an attacker to perform man in...
Innovation and Laboratory Area in ElevenPaths DIARIO Already Detects “Stomped” Macros, But What Are They Exactly? Few weeks ago, we presented DIARIO, the malware detector that respects the privacy of users, and we continue to improve it so that it detects more and better. We...
Miguel Ángel Martos Has the Office as We Know It Come to an End? 2020 has had a difficult start. We have learned that what was “usual” may not be the best. We should reconsider this idea of “the office” as the centre...
ElevenPaths CSAs 10 Tips for Secure Homeworking in Your Company We tell you ten measures you can take to make homeworking secure for your company, employees and customers.
Gonzalo Álvarez Marañón Top 10 TED Talks to Learn about Cybersecurity Discover the top 10 talks to learn about cybersecurity and, at the same time, some ways to improve your own presentations.
Winner of the #EquinoxRoom111 ContestInnovation and Laboratory Area in ElevenPaths 2 June, 2020 We already have a winner of TheTHE‘s plugin contest. What is TheTHE? This is our collaborative IoC analysis and research all-in-one tool. TheTHE is a simple, shareable, expandable and team-focused Threat Hunting environment. Anyone can develop a plugin to increase the capabilities of this tool, and now we have more and better plugins thanks to those who took part in our #EquinoxRoom111 contest. What is TheTHE for? A given IoC comes to your hands, for instance a hash, URL, IP or suspicious domain. You need to find out some basic information: Is it malware? Is it in any repository? Since when? Whois? Source country? Is it in pastebin? You start to open tabs, enter passwords in the different services and launch queries. Hopefully, you have an API shared with a co-worker and, after checking several systems, you open a TXT to recopy the data to the intelligence platform. Your co-worker, who you share those APIs and passwords with but who is on your computer elsewhere in the world, does the same because the same IoC has also reached his or her hands. This is over with TheTHE. Contest Winner The winner is Santiago Rocha, who has developed a plugin for TheTHE that connects to our sandbox and intelligence service Dinoflux. The information added by Dinoflux to any IoC is very rich, since it is based on the detonation and cross enrichment of the samples. Thanks to Santiago’s plugin we will be able to gather more and better information about the analyses performed on the binaries. Although it is also possible to apply any type of IoC, such as an IP address, and check if it is connected to any malware. Congrats, Santiago! As we already posted, all the other plugins received will be included in TheTHE’s GitHub. Thank you all very much for your participation. Developing a Tool to Decrypt VCryptor Ransomware (Available on NoMoreRansom.org)The Security behind Apple’s and Google’s API for Tracing COVID-19 Infections
Innovation and Laboratory Area in ElevenPaths DIARIO Already Detects “Stomped” Macros, But What Are They Exactly? Few weeks ago, we presented DIARIO, the malware detector that respects the privacy of users, and we continue to improve it so that it detects more and better. We...
Miguel Ángel Martos Has the Office as We Know It Come to an End? 2020 has had a difficult start. We have learned that what was “usual” may not be the best. We should reconsider this idea of “the office” as the centre...
ElevenPaths Telefónica’s ElevenPaths enhances its global IoT security capabilities with Subex This collaboration provisions the offering of IoT Threat Detection, an incident monitoring and response service for IoT environments.This solution has the capability of learning and modelling the legitimate behaviour...
Innovation and Laboratory Area in ElevenPaths New TheTHE Version with URLScan and MalwareBazaar Plugins The first time an IoC lay on your hands. Let’s say it is a hash, URL, IP or a suspicious domain. You need to know some basic information. Is...
Franco Piergallini Guida Adversarial Attacks: The Enemy of Artificial Intelligence (II) In Machine and Deep Learning, as in any system, there are vulnerabilities and techniques that allow manipulating its behaviour at the mercy of an attacker. As we discussed in...
ElevenPaths Cybersecurity Weekly Briefing September 19-25 New attack vector for vulnerability in Citrix Workspace Pen Test Partners security researcher Ceri Coburn has discovered a new attack vector for the CVE-2020-8207 vulnerability in Citrix Workspace corrected in...
