#CyberSecurityPulse: Last Update About Bad Rabbit Ransomware

Tuesday, October 31, 2017

On October 24th infections about a ransomware called Bad Rabbit began to spread. Less than one day, it has been targeting organizations and consumers, mostly in Russia, Ukraine, Turkey, Bulgaria and the United States.

The ransomware dropper was distributed with the help of drive-by attacks. While the target is visiting a legitimate website, a malware dropper is being downloaded from the threat actor’s infrastructure. No exploits were used, so the victim would have to manually execute the malware dropper, which pretends to be an Adobe Flash installer.

Whitepaper “Windows Malicious Events Detection With Security Monitoring”

Friday, October 27, 2017

This whitepaper gathers the results of the work carried out by Telefonica Chief Data Officer and ElevenPaths Product Unit in order to detect a sucession of events, not necessarily security related, giving hints to consider a Windows Machine jeopardized, using for that purpose the ElevenPaths´ Product “Security Monitoring”. The Whitepaper was written by  Pablo González Pérez (Security Researcher, ElevenPaths), Santiago Hernández Ramos (Security Researcher, ElevenPaths) and Santiago Urbano López de Meneses (Product Manager, ElevenPaths).

Trend Report: State of Cybersecurity in Spanish companies

Friday, October 20, 2017

The team of analysts at ElevenPaths has carried out a study that aims to show the state of cybersecurity of both Spanish companies in general and those included in the IBEX 35.

This analysis has shown that more work is needed to integrate cybersecurity into the core of all businesses to prevent very basic errors from leading to the increased risks and incidents we see on a daily basis.

#CyberSecurityPulse: The Attack Against the WPA2 Encryption that Poses a Threat to Our Wireless Security

Tuesday, October 17, 2017

On October 16, a research has been published about an attack to the current recommended encryption standard for WiFi networks, WPA2. Although the risks to these networks are not new and attacks against WEP or WPA have already proliferated, making these protocols unsafe, the current scheme was considered robust. Until now.

The scope of the attack, proposed by Mathy Vanhoef and Frank Piessens and known as Key Reinstallation Attack (KRACK), exploits a severe weakness that would allow an adversary phisically located in the range of the wireless connection to have access to previously assumed information as safe. Once reviewed the information that has just been released, the consequences are serious if the attack is confirmed and would involve up to 10 different CVE whose content has not been published yet. However, that does not mean that all our connections are affected. The attack affects the WPA2 Wi-Fi networks and the most dangerous scenarios would assume the physical proximity of the attacker to the networks and would always affect the confidentiality of the communications within that WiFi network that would be potentially readable if they did not include another layer of additional encryption as HTTPS does for example. Under certain circumstances, the researchers have also been able to not only decrypt, but also inject packets into the network. In any case, the problem is still serious, because it would be expanding the range of attacks that have traditionally been implemented on public networks to a number of environments that we have assumed to be reliable.

Telefónica and ElevenPaths integrate its digital signature solution and biometric SealSign with Microsoft Azure

Thursday, October 5, 2017

The company presents its latest developments at the 5th Security Innovation Day

  • This integration of the SealSign platform with Microsoft Azure Key Vault, thanks to the Gradiant technology, will provide users with improved storage, scalability and availability with a saving of implementation costs of up to 80%.

  • A large number of Telcos around the world are joining together to tackle cybersecurity threats. This supplements the 2016 collaboration announcements with Fortinet, Symantec, McAfee, Cisco, Check Point Software Technologies, RSA, Microsoft o Palo Alto Networks.

  • Mikko Hyppönen, Chief Research Officer at F-Secure, and creator of various patents such as the US patent 6577920 “computer virus screening”, is the invited star of the event.

  • It is possible to follow the 5th Security Innovation Day via streaming at https://securityinnovationday.elevenpaths.com/streaming.