How to forecast the future and reduce uncertainty thanks to Bayesian...
Imagine that you come back home from San Francisco, just arrived from the RSA Conference. You are unpacking your suitcase, open the drawer where you store your underwear and… what do you discover? A...
View ArticleNew research: Docless Vietnam APT. A very interesting malware against Vietnam...
We have detected a malware sent to some email accounts belonging to a Vietnam government domain. This email is written in Vietnamese and is dated March 13th, 2019. It seems to come from an account...
View ArticleHow to forecast the future and reduce uncertainty thanks to Bayesian...
In the first part of this article we explained how Bayesian inference works. According to Norman Fenton, author of Risk Assessment and Decision Analysis with Bayesian Networks: Bayes’ theorem is...
View ArticleHow the “antimalware” XProtect for MacOS works and why it detects poorly and...
Recently, MacOS included a signature in its integrated antivirus, intended to detect a binary for Windows; but, does this detection make sense? We could think it does, as a reaction to the fact that...
View ArticleThe attack against OpenPGP infrastructure: consequences of a SOB’s actions
What is happening with the attack against OpenPGP infrastructure constitutes a disaster, according to the affected people who maintain the protocol. Robert J. Hansen, who communicated the incident,...
View Article#CyberSecurityReport19H1: 45,000 apps removed from Google Play, 2% of them...
Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just launched another...
View ArticleUncovering APTualizator: the APT that patches Windows
By the end of June 2019, we assisted to an incident were a high number of computers had started to reboot abnormally. In parallel, Kaspersky detected a file called swaqp.exe, which apparently was not...
View ArticleFive interesting own tools that you may have missed (and a surprise)
This time we are going to rehash a blog entry by gathering some of the own tools that we have recently developed and we consider of interest. We summarize their functionalities and accept suggestions....
View ArticleNew tool: Masked Extension Control (MEC), don’t trust Windows extensions
Windows relies too much on extensions to choose the program that must process a file. For instance, any .doc file will be opened by Word, regardless of its “magic number” (the first two bytes that...
View ArticleEasyDoH: our new extension for Firefox that makes DNS over HTTPS simpler
A year ago, the IETF has raised to RFC the DNS over HTTPS proposal. This new is more important than it may seem. For two reasons: firstly, it’s a new resolving paradigm that shakes network...
View ArticleGoogle report 17% of Microsoft vulnerabilities. Microsoft and Qihoo, 10%
Who finds more vulnerabilities in Microsoft products? What percentage of vulnerabilities are discovered by Microsoft, other companies or vulnerability brokers? How many flaws have unknown discoverers?...
View ArticleEasyDoH Update Hot off the Press: New Improvements and Functionalities
Just a few weeks ago, we launched EasyDoH: an extension for Firefox that simplifies the use of DNS over HTTPS. We have been asked about its improvements and several have expressed their interest in...
View ArticleWe Announce Our Digital Operation Centers, Where All Our Digital Services Are...
The Telefónica Cybersecurity Unit holds its VII Security Innovation Day, under the motto ‘Guards for Digital Lives.’With speakers such as Chema Alonso, Pedro Pablo Pérez, Julia Perea and Ester...
View ArticleDownload for Free Our New Book: ‘Irrational Decisions in Cybersecurity: How...
In the transmedia universe of Blade Runner, replicants are artificial human beings manufactured by bioengineering by Tyrell Corporation. They are physically indistinguishable from a human, except for...
View ArticleOur Telegram channel CyberSecurityPulse has already a webpage
Our Telegram channel CyberSecurityPulse has exceeded all our expectations: it already has more than 3000 subscribers. Considering it is a Telegram channel in Spanish addressing cybersecurity news not...
View Article#CyberSecurityReport19H2: Qihoo is the company that most collaborates in the...
Currently, there are a number of reports addressing trends and summaries on security. However, at ElevenPaths we want to make a difference. Our Innovation and Labs team has just launched another...
View ArticleTheTHE: The Threat Hunting Environment, our tool for researchers
A given IOC comes to your hands, for instance a hash, URL, IP or suspicious domain. You need to find out some basic information. Is it malware? Is it in any repository? Since when? Whois? Source...
View ArticleAPTualizator (II): Deconstructing Necurs Rootkit and Tools for Detecting and...
This report has been drafted by Roberto Santos and Javier Rascón from the CSIRT-SCC (Security Cyberoperations Center) Research Team, in collaboration with ElevenPaths. At the end of June 2019, a big...
View ArticleElevenPaths at RSA Conference 2020
Once again, we return to the RSA Conference, the reference event in the cybersecurity sector. From February 24 to 27 we will be presenting our proposal under the claim Humanizing Security. Three days...
View ArticleCARMA: Our Free Research-Focused Set of Android Malware Samples
We detected academic researchers usually working with very poor malware sets or having problems to get a good malware set. We want the academic field to work with better samples, so that their...
View Article