Telefónica reinvent business models with blockchain
The CSA Fabián Chiera declares that blockchain is not a technology that is going to change many things, it has already changed them but we don´t know all these changes.
Latest News
Aug 2018
Jul 2018
New CriptoClipWatcher tool against crypto clipboard hijacking
The Innovation and Lab team creates this new tool that provides protection for your bitcoin transactions from malware.
The expert Marcos Arjona teacher at a summer course to create a blockchain in Malaga
The Technology Park of Andalucia holds a summer course with a workshop to create a blockchain with our expert speaker Marcos Arjona.
Trend Report: How Wiper Malware Affects Middle East and South America
Two of the members of the Telco Security Alliance, Etisalat and Telefonica detect similar malware and are willing to provide CyberSecurity Threat advisory to protect critical information from Cyber Threats.
In search of new technologies to protect information security
Tegra, the first cybersecurity centre in Spain that we promote together with Gradiant and the Xunta of Galicia, creates the first project called Irmas (Information right management advanced systems).
Ranking of cybersecurity influencers in Chile
Chilean CSA Gabriel Bergel named as Chile’s second largest cybersecurity influencer. Congratulations hacker!
Our CSA Claudio Caracciolo gives us a cybersecurity class
Youtuber Nikolas Fischman interviews our CSA Manager Claudio Caracciolo. Access the link and learn the main guidelines on cybersecurity.
Cybersecurity Pulse 2018/07/10
Private enterprise’s sad contribution to sharing threat intelligence in the United States.
Our CSA Pablo San Emeterio interviewed on Capital Radio
The expert states that companies are currently going to increase their cybersecurity budget by more than 25% in the coming years.
Jun 2018
Our paper about UAC-A-Mola published at Exploit DataBase
Paper about “UAC Bypass & Research with UAC-A-Mola” written by our experts Pablo González and Santiago Hernández has been published at Exploit DataBase.
CyberSecurity Pulse 2018-06-26
New proposal to adapt U.S. Marine Corps capabilities to the new times.
Our paper about Hidden Networks published at Exploit Database
Paper about “Discovering and Plotting Hidden Networks created with USB Devices” written by our Chairman Chema Alonso, and Pablo González, Carmen Torrano and Fran Ramírez experts has been published at Exploit DataBase.
Yaiza Rubio: “I did not have my first computer until I was 18 years old”
Ever since she was very young, this woman knew that her future would be technology, even though she was a reference in the world of sports when she was very young.
Case study about Android malware patterns recognition for fraud detection and attribution
Springer Ref publishes its encyclopedia about “Social Network Analysis and Mining” in which our colleagues Sergio de los Santos, Antonio Guzmán and Carmen Torrano collaborate with a case study on the detection of fraud through malware patterns in Android.
These are the cybersecurity ‘influencers’ in Spain
Our Chairman Chema Alonso, Global Chief Digital Security Officer at Telefónica, Alejandro Ramos, and CDO, expert Pablo González Pérez, in the top 25 influencers in cybersecurity during the IDG Security Day event.
The journalist who became the first hacker in Spain
According to Yaiza, “hackers are dedicated to finding flaws in security and trying to stop the software from being vulnerable so that people have better security”.
Telefónica backs global approach to IoT protection
Vicente Segura, Head of IoT Security at Telefónica, said that “Mobile operators can help protect IoT networks by developing a security model which can be adapted to specific verticals”.
ElevenPaths Announces Strategic Security Alliance with Devo
The objective of this alliance is to Provides Telefónica customers advanced cybersecurity monitoring and protection service through Devo Data Operation Platform.
Yaiza Rubio: “I live peacefully not advising anyone to invest in cryptocurrency”
Read the full interview to our hacker Yaiza Rubio and get to know her more closely. She talks about her professional career and personal anecdotes.
Cybersecurity Pulse 2018-06-12
Changing stereotypes in the security sector. Ripples of outrage spread last week after women in red evening gowns were seen promoting a product at the Infosecurity Europe 2018.
By profession, hacker
Our intelligence analyst and hacker, Yaiza Rubio, talks about hacker’s job and security analyst, as well as the digitalization process that organizations are currently leading.
Global Cybersecurity: almost a quarter of WiFi networks in Russian headquarters are insecure
Claudio Caracciolo, CSA Manager, explains that security attacks are usually random. The victim is chosen based on what he does wrong or the insecure services to which he connects.
“Companies that are not using data are dead and they don’t know it”
Chema Alonso, CDO of Telefónica and Chairman of ElevenPaths, affirms that “the data is good”, during the celebration of the fourth session about Digital Transformation.
May 2018
ElevenPaths further strengthens its reputation as a cybersecurity services provider during the V edition of Security Day
Telefónica continues to establish itself as an Intelligent MSSP to offer end-to-end cyber-resilient solutions to all its clients and to provide greater security to organizations in all aspects of their day-to-day operations.
ElevenPaths acquires Dinoflux startup, finalist of the international acceleration program of INCIBE
Dinoflux joins its portfolio of leading companies for the massive analysis of malware and generation of real-time threat intelligence and sampling of IoT (IoT Anomaly Detection) products.
Security Day 2018 – Cybersecurity On Board
Next May 30, do not miss the fifth edition of our annual cybersecurity event. This year our motto is ‘Cybersecurity On Board’, will you be on board?
Google’s project to fight election attacks
The attacks were triggered during the elections. In this way, Jigsaw, a technological incubator which is Google’s parent company, has released Project Shield, a free tool for DDoS protection.
Tegra is launched, the new cybersecurity center of Galicia
Telefónica and Gradiant have presented the TEGRA cybersecurity center, which started with the vocation of situating Galicia as a relevant agent in cybersecurity.
Telefónica hacks cybercriminals
It uses a defense system based on counterintelligence that makes cyber attackers think that they have managed to breach the network. The objective is to collect data to learn from cybercrime.
Trend Report: What does the metadata reveal about the states in Latin America?
We have utilized public documents detected in government domains, of which can be accessed by any network user, through search engines or directly on the different entities’ websites.
Cybersecurity Pulse 2018-05-15
The dispute of the legislation which prevents the federal government of the United States from demanding companies to design their technology with backdoors.
Telefónica and Rivetz collaborate on decentralized security for mobile users
Rivetz Corp. and Telefónica have announces today an agreement to collaborate on the development of advanced mobile security protocols for blockchain transactions and messaging.
I Love You: The story of the virus which paralyzed the world 18 years ago.
En mitad de la fiebre de los 2000, apareció en Filipinas este malware que tardó sólo cinco horas en propagarse por los ordenadores de toda Asia, Europa y América a través del correo electrónico.
Neto, the new tool to analyze browser extensions
Neto is easy to use and provides useful information on extensions features both Firefox and Chrome or Opera. ¡Try it out now!
Our expert Pablo González is speaking about new ways of Phising at Cadena Ser
An interview with our hacker and expert Pablo González at Cadena Ser: ‘users are falling increasingly less into the phishing tactic; only ¼ of company employees are attacked’.
Pedro Pablo Pérez: “The ecosystem of Telefónica as a digital telco, has Digital Security as one of its pillars”
An interview with our CEO, Pedro Pablo Pérez, in SIC magazine speaking about the importance of cybersecurity nowadays.
ElevenPaths Talks: Smart Contract, an interesting way to use blockchain
Learn with our CSAs the foundations of Smart Contracts and different code audit and contract verification techniques.
ElevenPaths is among the main Spanish companies which are dedicated to cybersecurity
Business Insider names us as one of the top ten Spanish cybersecurity companies, in which they consider us to be the best example of innovation.
CyberSecurity Pulse 2018-05-01
A new malware which utilizes the EternalRomance tool has appeared on the scene along with Monero-mining.
Apr 2018
Yaiza declares that “if you do not pay for a product online, then it is clear that you are the product”
Our intelligence analysist Yaiza Rubio affirms that this field values more your ability to learn than the qualifications you may have.
SIC Award goes to our CEO Pedro Pablo Pérez during the Securmática event
The 15th edition of the SIC Awards praises the performance and contribution of the most outstanding professionals, entities and projects in the sector.
Pedro Pablo Pérez, CEO at ElevenPaths, talks about the importance of a good implementation of the GDPR
“The oil of the 21st century is the data: we have to guarantee that we have a regulation that allows us to progress.”
An interview with intelligence analyst Yaiza Rubio
“Common sense is fundamental when you browse the web”
Oracle integrates Mobile Connect in Telefónica’s service platform for corporate customers
The integration will make it possible for clients to use their mobile numbers as a secure means of authentication when accessing their online services without having to use an username and password.
Code Talks for Devs: The ‘Hidden Networks’ Created With USB Devices
The second webinar available of this new season in which the expert Fran Ramírez will analyze the interconnections between isolated teams which are created via USB devices. Press play!
10 questions which you have always wanted to ask a hacker
Vimeo speaks with our hacker and expert Pablo González, so that he can respond to the questions about hackers and cybersecurity which we most frequently want to ask.
CyberSecurity Pulse 2018-04-17
Facebook launched a new program ‘Data Abuse Bounty’ in order to find application developers that are misusing data, after the Cambridge Analytics scandal.
Yaiza Rubio: We put ourselves in the criminals’ shoes in order to learn and identify their techniques.
The intelligence analysist and #mujerhacker (womanhacker) highlights that there is not a specific degree on cybersecurity and hacking at university.
For the third year in a row, we will be participating in the RSA Conference, the world-leading information security event
From April 16-20 we will demonstrate all our advances in global cyber-resilient operations.
Our expert and CSA Pablo San Emeterio in Lugo’s newspaper “The Progress”
“They are people who have already been attacked and those who still do not know”. Pablo prefers to differentiate between hackers, “as those who are passionate for technology” and those who are technological criminals.
Etisalat, Singtel, SoftBank and Telefónica create Global Cyber Security Alliance
Members to share cyber risk intelligence and security capabilities to protect enterprises from evolving cyber threats worldwide.
ElevenPaths Talks: A little of DDoS and the tools to stop the attacks
The denial of service attacks is a worry for both any public entity and business organization whose business processes are network-based. During this #11PathsTalk, we will talk about the different attack techniques and the defense strategies which they use.
April Events: in order to keep up to date on Computer Security
Here is a list of the events, conferences and courses in which we are participating in this month worldwide.
An interview with Pedro Pablo Pérez, CEO of ElevenPaths
“Cybercrime costs the global economy 600 billion dollars which has an impact of more than 1% of the GDP from the world’s major economies”
New Season of ElevenPaths Talks
We present season four of webinars featuring our CSAs in which we will talk about cybersecurity and current affairs in the sector. We have a new talk format. Don’t miss out!
New investigation: Evrial, malware that steals Bitcoins
Evrial’s new tecnical research, the malware designed to steal Bitcoins through the clipboard and sell it on the black market.
CyberSecurity Pulse 2018-04-03
The USA want to ask visa applicants to provide details of their social networks to extend the background screening nowadays.
Mar 2018
Code Talks for Devs: Latch integration in a cryptocurrency wallet using exfiltration
Watch thi webinar in which we present a proyecto that was created in order to implement Latch as a extra security layer in a Coinbase cryptocurrency wallet.
New plugins for FOCA: HaveIBeenPwned and SQLi
Don’t miss out the new plugins that we have designer for our mos famous tool FOCA: HaveIBeenPwned and SQLi.
Pedro Pablo Pérez awarded with the “Top 50 Most Influential Hispanics”
Since 2011, HITEC has compiled a comprehensive list featuring the top 50 most influential and notable professionals in the technology industry in Latin America/Ibero-America called the “HITEC 50“. We are proud of our CEO.
CyberSecurity Pulse 2018-03-20
A postmortem of the Olympic Destroyer malware used in the PyeongChang Olympics attack reveals a deliberate attempt by adversaries to plant a false flags when it comes to attribution.
Upgrades to Facebook’s link security
Facebook changes the rules of the “HSTS” with an interesting preload on its own website. To justify this, among other reasons, it mentions our research presented at the BlackHat and RootedCON events.
Interview to our intelligent analyst Yaiza Rubio in “Aquí hay trabajo” of TVE
Don’t miss out on the interview with our intelligence analyst Yaiza Rubio on TVE’s “Aquí hay trabajo” program. Starting in the minute 7.46.
Certificate Transparency Mining: up to 10% improvement in the enumeration ‘of quality’ sub-domains
The certificate registry which contains a history of the usage, validity periods and expiration dates, actually offers an apt data set suitable for different data mining processes.
Code Talks for Devs: PHP Latch integration
In this last Additional #CodeTalks4Devs, we will explain the integration of Latch in PHP and how easy it was to develop it for everyday applications.
Cybersecurity, huge obsession of the companies
Our CEO, Pedro Pablo Pérez, declares that virtual raids not only have an impact on economic damages, but also on reputation when they affect the confidence that the environment has in the company.
Equality is achieved with “the training of the smallest”, according to Yaiza Rubio
During the Madrid Woman’s Week event, the intelligent analyst Yaiza Rubio, and the Chairman, Chema Alonso, have made several statements about equality between women and men.
Code Talks for Devs Second Season
Second season of webinars dedicated to programming lovers is ready! Access each of them and stay with those that interest you most. Let’s hack!
CyberSecurity Pulse 2018-03-06
Last February 28th we witnessed the largest DDoS attack ever seen on the GitHub website, reaching a record 1.35 Tbps and 126.9 million packets per second. Access the newsletter and find out what happened.
ElevenPaths Talks Special Edition: Cryptography and Quantum Computers
Learn with our CSA Manager, Rames Sarwat, and a special guest, Dr. Alfonso, a reputed cryptography expert, to understand the state-of-the-art quantum technology and its expected evolution in the coming years. Do not miss it!
Feb 2018
Code Talks for Devs Additionals: JAVA Latch Integration
The developer, Javier Espinosa, explains how easy it is to integrate Latch’s security in applications. Go to the community and speak with our experts about your doubts and suggestions.
Our post published in Security Affairs, the best European Personal Security Blog 2016
Evrial is a cryptocoin malware stealer discovered by our researchers which takes control of the clipboard to get “easy money”.
Code Talks for Devs Additional: .NET Latch integration
In this first #CodeTalks4Devs Additional webinar, the expert, Ioseba Palop explains to us how to integrate Latch in the .NET platform.
Telefónica partners with McAfee to protect customer devices embedding its technology in the home Internet routers
Telefónica and McAfee have announced an agreement to reinforce the online security for Telefónica’s broadband and mobile customers across its markets in Europe and Latin America.
CyberSecurity Pulse 2018-02-20
Numerous types of attacks are affecting cryptocurrency users and many users lose their private keys that protect their wallet. We tell you how to recover them in this biweekly newsletter of our intelligence analysts.
Interview to Sheila A. Berta in Open Data Security
For Woman International Day, Open Data Security has interview our informatic security analyst Sheila A. Berta. She, with only 22 years, has managed to conquer this field in a self-taught way.
Interview with our expert Pablo San Emeterio on “Diario de Avisos” Canary Islands
Don´t miss Pablo San Emeterio’s interview , one of our experts and Chief Security Ambassador, who talks about about what cybersecurity is and the risks of the internet, among others.
Additional #CodeTalks4Devs, the last webinars of the first season
We bring you the last three episodes of the first Code Talks for Devs season. We will dig into the different integrations of Latch on NET., JAVA y PHP platforms with our experts.
CyberSecurity Pulse 2018-02-06
The popular fitness tracking app Strava published a 2017 heat map showing activities from its users, but unfortunately, the map revealed locations of the United States military bases worldwide.
Whitepaper “UAC Bypass & Research with UAC-A-Mola”
UAC-A-Mola is a framework, designed to investigate, detect, explore and mitigate the weaknesses called UAC bypass. These weaknesses are found in Microsoft Window operating systems.
Safer Internet Day 2018
Last Tuesday, February 6th, at ElevenPaths we celebrated the Safe Internet Day. On the occasion of this celebration, we presented several recommendations so the user could have a safe browsing experience on their day-to-day.
Jan 2018
“Blockchain”, an opportunity network for SME
The technology that supports the operation of cryptocurrencies allows small companies to manage contacts in an intelligent way and access new financing methods.
Telefónica will host the Promálaga Urbanlab at Tabacalera
The Malaga mayor, Francisco de la Torre, and Telefónica’s Territorio Sur director, María Jesús Almazor, have presented this Monday the activities that will take place during the next months at Telefónica’s Promalaga Urbanlab-Espacio.
UAC-A-Mola, new framework designed for researching, detecting, exploiting and solving UAC bypass weaknesses
UAC-A-Mola allows automatizing the detection of a UAC bypass in a computer with Windows 7/8/8.1/10. This new tool can run customizable modules that allow automatizing researching looking for UAC.
Tackling Cybercrime: Top 3 Recommendations for 2018
During 2016 the UK cost of cybercrime was estimated at around £29 billion and in 2017 we saw a 22% growth on that figure. Here are three recommendations to keep your organisation secure.
La historia de la Dark Web
Existen muchos términos sobre Internet que han surgido en el transcurso de los años, pero sin lugar a dudas los términos Deep Web y Dark Web han sido los que más impacto mediático han tenido.
CyberSecurity Pulse 2018-01-23
Our intelligent analyst explain how is information stored in a Bitcoin adress and set you a challenge. Sign up for our newsletter and be upday on cybersecurity news.
Cryptocoins are in Vogue: Increasing Value and Centralizing Pretensions
Intelligence analyst Félix Brezo mentions that, unlike the euro or the dollar, legal currencies issued by a central bank, cryptocoins follow a “decentralized philosophy”.
CyberSecurity Pulse 2018-01-09
The new year has started with an important story. The vulnerabilities Meltdown and Spectre have put on the table that the architecture of the hardware that makes operate almost all of our systems is likely to have to be reinvented.
Code Talks for Devs: Limited Secrets
We presented the last chapter of #CodeTalks4Devs serie in wich our developer Javier Espinosa tells how to protect a resource in an Android application. Don’t miss out!
CDO Challenge
Telefónica’s Chief Data Office unit is looking for new talents who are passionate about technology applied to artificial intelligence in Android development environments. What are you waiting for to apply?
Dec 2017
Code Talks for Devs: Protect your OpenWRT Integrating Latch at Different Levels
In this webinar, Javier Alcaraz tells us his Final Degree project in which he explains how to integrate our Latch technology into devices, like the router, to cope with the cyber threats of the network.
ElevenPaths at Black Hat Europe 2017
Our Innovation & Lab team has presented at Black Hat Europe 2017 Conference weaknesses in the way that Firefox, Chrome and IE/Edge implement HSTS and HPKP.
ElevenPaths Talks
Closing the third season of ElevenPaths Talks, we present a webinar about Security Forces status to fight against cybercrime, this Thursday at 3.30 pm (CET).
Proof of Concept: Hidden Networks
Don’t miss our new proof of concept using Python 3.4. It facilitates the task of analysing local and remote machines in searching for traces of connections by USB devices.
ElevenPaths Talks Special Edition FOCA
Thursday, December 28th, our expert Pablo Gonzalez will talk about the improvements of the new version FOCA Open Source, capable of automating the detection process.
CyberSecurity Pulse 2017-12-19
The most common question in recent months derived from the rebound in the value of numerous cryptocurrency is: Do I invest or not invest? However, there are different ways to obtain cryptocurrencies and one of them is to start mining.
ElevenPaths Talks: GDPR Regulation
Do you know the new GDPR regulation? This Thursday, our experts Francisco Oteiza and Juan Antonio Gil inform you about the European General Data Protection Regulation, that will be mandatory to comply throughout the European Union on May 2018.
Code Talk for Devs: Using Machine Learning to Detect Anomalies Web Traffic.
One of our hacker womens and developer, Carmen Torrano, will introduce a case study based on the analysis of algorithms applied to Machine Learning.
CyberSecurity Pulse 2017-12-12
In this newsletter, our intelligence analysts comment on the Program for Civilian Cybersecurity Experts aproved by The Army. Don’t miss out!