Cybersecurity Shot_LinkedIn information leakage

Tuesday, May 31, 2016

Here comes Cybersecurity Shot, a research report on current cases related to databases leaked online that includes leakage prevention recommendations.

Every week in May and June we will be publishing the real cases. You can’t miss it!

Here comes a brief summary of this week’s case:

Case LinkedIn
Investigation research "LinkedIn information leakage"

On May 17th a database with more than 167 million of alleged leaked LinkedIn credentials, recognized by the company in its personal email to the users on May 25th, was published.

Learn from our intelligence analysts about the suspect, the deep web market where the leaked data went on sale, and how cybercriminals exploit such situations to resell passwords in smaller bulks.

» Download the LinkedIn data leakage case

Don't miss the next information leakeage:
» Case AEDyR

More information at

ElevenPaths announced its new strategic alliances in the third Security Day

Friday, May 27, 2016

In the third Security Day the new alliance with Fortinet and ElevenPaths’s new product integrations with Check Point and Spamina solutions to evolve their technologies were presented.

Madrid, 26th May. The Security Day, celebrated on 26th May, 2016 in Madrid under the theme Security Evolution, is the stage where every year ElevenPaths, Telefonica cybersecurity subsidiary, presents its new technological integrations together with its experts and partners. During the last three years the event has become a reference in cybersecurity and ICT sector at the national level.

Chema Alonso, ElevenPaths’ CEO, presented the new partnership signed with Fortinet to integrate the Faast tool with WAF systems, allowing to hot patch vulnerabilities and, for the first time, show the joint functioning of RSA and PaloAlto technologies with SandaS platform to automate the response to security incidents. Besides, as a result of our collaboration with ICC (Industrial Cybersecurity Center), SandaS GRC now offers tools to satisfy compliance with the latest safety regulations in the control of industrial systems and SCADA.

ElevenPaths made reference to its recent agreement with Check Point to offer the latest generation mobile security thanks to the integration of Tacyt, a cyber-intelligence tool against mobile threats, with the Mobile Threat Protection solution; and the new integration of Latch with Clean Email platform by Spamina, thanks to which its users will get an extra safety layer in their digital identities management.

Telefonica’s Cybersecurity brand expanded its portfolio of preventive solutions against sensitive information leakage in digital files with solutions for Exchange Server and Office 365. It has also presented VAMPS powered by Faast for IoT, its security audit system for the Internet of things.

» Donwload Press Release

More information

ElevenPaths Talks: The ISF Standard of Good Practice for Information Security

Tuesday, May 17, 2016

On Thursday, 19 May, our colleague Sebastian will give a speech about The ISF Standard of Good Practice for Information Security. The standard of good practice is fundamental in the world of information security. Improve resilience, validate information security awareness of employees, Form a basis for policies, standards and procedures, is essential for a correct information security management. We also recommend you the speech of our partner, Gabriel Bergel, on testing methodologies.

Sebastian’s speech will take 20 - 25 minutes, plus 5 - 10 minutes will be devoted to questions and answers. It will be held on Hangouts at 15:30 (GMT+1) and once finished, will become available on our YouTube channel. The session will be held in English.

We are looking forward to showing you everything you need to know about the good practice according to ISF in the information security environment. See the calendar of our next talks. Remember that you have an appointment with us on 19 May, at 15:30 (GMT+1)! To sign up use the ElevenPaths Talks form.

[New Report] “Financial cyber threats Q1 2016” conducted by Kaspersky Labs and Telefónica

Friday, May 13, 2016

Our analyst team gives you a quarterly update on the latest tendencies of cyber attacks in financial sector. You can now download the full Financial CyberThreats Q1 2016 Report conducted by Kaspersky Labs and the ElevenPaths’ Analyst Team.

This report uses data from KSN (Kaspersky Security Network). KSN is a distributed network designed for the real time processing of threats against Kaspersky users. The objective of KSN is to be sure that all users have information on threats as soon as possible. New threats are added to the data base minutes after their detection, even if they were previously unknown. KSN also retrieves statistical non-personal information about any malicious code installed on our customers’ devices. Kaspersky Lab customers are free to join KSN, or not, as they wish.

» Download now the full report from our web ElevenPaths

It is mainly based on statistics and data from KSN (Kaspersky Security Network) although reliable information from other sources may also be referenced. The timeframe for this analysis contains data obtained during the period from January 1st, 2016 to April 1st, 2016.

The report emphasizes the growth of phishing, focused on executive identity theft and infections with the trojan Zeus. Thus, Android turned out to be the most attacked OS.

Countries with the highest percentage of victims attacked by phishing are Brazil and China. They are followed by the United Kingdom, Japan, India, Australia, Bangladesh, Canada, Ecuador and Ireland. Mexico, which was the most attacked country in the last period, was not included in the top of attacked countries.

One of the most remarkable points in Q1 2016 is significant decrease of percentage users suffered from Dyre Trojan infection attempts from 0.422% to 0.159% of all KSN users. The Dyre activities significantly decreased starting from the end of November because of a successful Russian law enforcement operation against the corresponding cybercriminal group.

» Download now the full report “Financial cyber threats Q1 2016”

*You may also be interested on:
More information:

Today in the ITW (Chicago) we will be talking about Network Security

Tuesday, May 10, 2016

We are taking part in the International Telecoms Week that is going to take place in Chicago, where Pedro Pablo Pérez (Product and Services VP) will give a speech: "THE PATH TO NETWORK SECURITY IN THE WHOLESALE WORLD" this afternoon, at 4:00 p.m (Chicago time)

Cyberattacks on networks have been a daily threat for years and carriers are investing heavily in solutions to avoid network downtime and to keep customers’ data safe. Yet, the threat persists. Hackers never seem short of new ways to breach security barriers.

This session will look at the latest security issues, how carriers have been combating the attacks and will discuss how, if at all, carriers can stay one step ahead of attackers. It will also look at the wholesale world and the holes in protection that can occur when data is running over a number of different networks to reach the end-user.

  • How quickly are the nature of attacks on networks changing and how easy or difficult is it to keep up with them?
  • What are the latest severe threats and which solutions have proved most effective?
  • Is Network Virtualisation solving security problems or creating greater threats than before? What consequences can be drawn from this?
  • Is it enough for every carrier to do their own best, or does the wholesale world require combined efforts and universal standards to really provide end-to-end security?

ITW is the world’s largest meeting for the global wholesale telecommunications community. In its 9th year, Pedro Pablo Pérez will give his speech. Don’t miss it out! This afternoon, at 4:00 p.m (Chicago time).

Security Day 2016_Security Evolution

Wednesday, May 4, 2016

The digital revolution moves forward unstoppably, and the current business ecosystem requires adjustment. At ElevenPaths, we believe that adjustment comes together with evolution and that security is the means to evolve. Therefore, the motto of the third edition of our Security Day is Security Evolution.

It is our third anniversary and we want to celebrate it with you. Come join us in the third edition of our Security Day. We hope to see you on May 26, at 9:30 a.m. in the Auditorium Rafael del Pino, Calle Rafael Calvo 39A, Madrid (at the corner of Paseo de la Castellana).

Also, this year we give away t-shirts with “Global Security” logo. They are so easy to get! Follow us on Twitter @ElevenPaths and let us know about it on your arrival to the event. If this is not enough, we raffle off 2 double tickets for our day of security. Yes, you got it right. Don´t miss out anything on our Blog and Twitter!

Among all our news, we will tell you about Virtual Patching and how to use Faast with WAF systems to hot patch vulnerabilities. Besides that, we’ll tell you about how we deployed digital signature services with digital certificates, set up with manual digital certificate and protected with Latch; as well as how we used SandaS GRC and Vamps in industrial systems and SCADA control.

Metashield Protector comes back with the product innovation for Exchange Server and Office 365. For the first time we will present our strategic alliances made with Fortinet and the integrations with CheckPoint and Kaspersky. We’ll allot a session to tell you about the new implementations with Sinfonier and Latch that have been created during our talent contests and some other surprises.

Here is the agenda that we have prepared:

09:30: Guest list

10:00: Global Security Keynote
  • United we are stronger. Integration of security solutions to combat the complexity.
  • Industrial cyber security to protect critical infrastructures with SandaS GRC.
  • Digital signature in your organization: simple, innovative and user-friendly.
  • Hack Your Future: Latch & Sinfonier Contests.
  • Data Loss Detection: How to fight against Panamá Papers.

13:30: Farewell cocktails

For further details:

Seating is limited! Thus, we recommend you to register as soon as possible.

Register Now!

All this and even more at:

Follow us on our social networks to stay updated on our news: